Report - dolphinaircondition.com/contact

Report Overview

Submitted URL
dolphinaircondition.com/contact
IP
23.230.206.112
ASN
#18779 EGIHOSTING
Submitted
2022-11-20 02:55:48
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
200.benbenys.com	unknown	2022-11-10T05:20:23Z	2022-12-10T03:35:48Z	303 B	58 kB	23.224.61.222
ocsp.digicert.cn	37572	2020-03-20T18:45:56Z	2023-03-10T08:03:24Z	1.7 kB	5.5 kB	47.246.44.205
sszhan.oss-cn-shenzhen.aliyuncs.com	unknown	2022-08-12T18:47:21Z	2023-03-09T17:37:07Z	400 B	540 kB	120.77.166.119
img.1129555.com	unknown	2022-11-11T14:57:19Z	2023-03-09T01:40:01Z	406 B	182 B	3.36.126.81
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	5.1 kB	10 kB	93.184.220.29
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	4.1 kB	12 kB	172.64.155.188
kvkaaa.top	unknown	2022-05-01T12:03:58Z	2022-12-15T17:01:33Z	804 B	2.1 MB	104.21.235.136
885364.com	unknown	2022-06-25T16:41:13Z	2022-12-11T11:06:17Z	402 B	34 kB	47.75.19.145
223969ufy.com	unknown	2022-10-27T11:40:25Z	2023-03-08T08:24:34Z	405 B	359 kB	45.61.212.229
539397377.com	unknown	2022-09-15T10:58:39Z	2023-02-21T17:30:46Z	405 B	177 kB	47.75.19.145
kvevv.com	unknown	2022-05-01T03:44:50Z	2023-03-09T17:38:51Z	802 B	844 B	45.154.215.92
kzeaa.com	unknown	2022-05-22T08:40:48Z	2023-03-09T17:38:51Z	802 B	844 B	98.126.214.50
dimg04.c-ctrip.com	139731	2014-05-08T18:11:10Z	2023-03-10T00:26:51Z	1.2 kB	1.5 MB	104.110.17.24
339282bdb.com	unknown	2022-10-28T17:16:40Z	2023-03-02T05:18:49Z	810 B	666 kB	103.170.15.104
sz88.oss-cn-shenzhen.aliyuncs.com	unknown	2022-06-01T20:03:12Z	2023-03-09T10:00:31Z	813 B	113 kB	120.77.166.72
img.2559u.com	unknown	2022-11-09T21:48:50Z	2023-01-15T03:10:40Z	404 B	182 B	3.36.126.81
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	2.7 kB	56 kB	34.120.237.76
ak-d.tripcdn.com	71581	2020-10-16T07:21:44Z	2023-03-10T11:59:08Z	404 B	1.2 MB	96.6.16.143
img.u1779.com	unknown	2022-10-22T20:25:25Z	2022-11-30T23:00:08Z	404 B	182 B	3.36.126.81
kveff.com	unknown	2022-08-16T13:07:26Z	2023-02-24T23:08:37Z	401 B	422 B	66.150.130.123
yzf.qq.com	627844	2019-08-27T04:46:26Z	2023-03-03T21:18:11Z	463 B	398 B	113.96.208.98
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
www.yssydh.top	unknown	2022-08-05T17:26:13Z	2023-03-09T16:18:45Z	428 B	48 kB	104.21.23.48
kvteee.top	unknown	2022-05-22T14:06:57Z	2022-12-10T04:44:26Z	402 B	367 kB	104.21.233.123
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-10T12:46:20Z	2.5 kB	36 kB	103.235.46.191
kvhaaa.top	unknown	2021-12-03T12:16:33Z	2022-12-04T11:57:44Z	402 B	865 kB	172.67.218.101
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	1.8 kB	3.6 kB	142.250.74.35
pic.picnewsss.com	unknown	2022-06-14T13:57:58Z	2023-03-10T00:26:50Z	395 B	27 kB	23.225.139.251
829355rff.com	unknown	2022-10-29T16:35:00Z	2023-03-01T17:04:17Z	405 B	62 kB	103.170.15.104
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	8.8 kB	23 kB	23.36.77.32
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.148.69.31
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-10T05:13:37Z	1.5 kB	7.7 kB	104.18.21.226
kvezz.com	237784	2021-10-17T10:32:09Z	2023-03-09T23:57:52Z	401 B	422 B	45.154.215.92
6937555.com	unknown	2020-11-21T10:40:36Z	2022-12-19T05:43:58Z	264 B	426 kB	104.149.139.254
gg72a1.com	unknown	2022-11-11T19:10:52Z	2023-02-16T07:04:13Z	381 B	567 kB	137.175.13.103
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com	unknown	2022-06-02T12:46:58Z	2023-03-03T08:45:01Z	488 B	295 kB	47.56.33.17
img.8961x.com	unknown	2022-11-03T23:27:58Z	2023-01-24T09:51:45Z	404 B	182 B	3.36.126.81
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-10T12:46:20Z	297 B	750 B	182.61.201.93
kvemm.com	222018	2021-10-18T03:51:02Z	2023-03-09T13:47:42Z	802 B	844 B	45.150.164.154
acoosso.top	631702	2021-11-15T07:18:20Z	2022-12-11T11:06:16Z	403 B	166 B	91.195.240.12
api.79zxcv.com	unknown	2022-10-30T19:12:54Z	2023-01-25T15:24:12Z	1.1 kB	6.4 kB	3.1.217.64
kvkfff.top	unknown	2022-11-08T07:31:43Z	2023-03-06T08:34:03Z	804 B	1.1 MB	172.67.216.219
613711567.com	unknown	2022-09-15T10:59:07Z	2022-12-23T02:34:10Z	405 B	749 kB	47.75.19.145
www.dolphinaircondition.com	unknown			1.3 kB	4.0 kB	23.230.206.112
zhibo128x.xyz	unknown	2022-09-07T01:50:00Z	2023-03-10T05:18:20Z	768 B	738 kB	154.83.25.141
3p8801.co	unknown	2022-07-05T14:28:12Z	2023-03-09T23:57:53Z	1.1 kB	330 kB	142.0.131.26
i.ibb.co	13485	2018-11-25T11:13:48Z	2023-03-10T09:42:37Z	383 B	1.2 kB	51.210.32.132
sysupload.csiteadmin.com	unknown	2022-02-20T11:34:59Z	2023-02-21T13:32:54Z	8.7 kB	3.5 MB	20.189.126.156
nvhbbb.top	unknown	2022-04-10T10:43:59Z	2023-03-10T01:34:07Z	804 B	1.6 MB	104.21.55.74
p.qlogo.cn	48578	2014-01-15T12:11:45Z	2023-03-10T14:24:00Z	459 B	232 kB	43.154.254.32
img.9712x.com	unknown	2022-10-22T20:25:26Z	2023-02-24T02:56:05Z	404 B	182 B	3.36.126.81
dolphinaircondition.com	unknown			362 B	206 B	23.230.206.112
ads-6686.top	unknown	2022-09-06T10:15:05Z	2023-03-09T23:58:20Z	757 B	583 kB	123.253.107.62
www.jxys12.xyz	unknown	2022-08-17T07:55:24Z	2022-12-23T15:46:34Z	3.8 kB	877 kB	173.231.38.5
kzecc.com	unknown	2017-01-29T05:39:36Z	2023-03-09T23:57:53Z	401 B	422 B	64.32.13.142
lbfm.lbpictupian.com	unknown	2022-10-09T18:47:38Z	2023-03-09T23:44:55Z	9.4 kB	196 kB	104.22.12.214
362728tdg.com	unknown	2022-10-28T17:16:40Z	2023-02-19T04:20:59Z	406 B	423 kB	103.170.15.104
p3.douyinpic.com	23536	2020-12-18T12:20:50Z	2023-03-10T13:07:17Z	2.0 kB	2.4 MB	47.246.44.230
666000258.com	unknown	2022-09-22T12:49:32Z	2023-02-25T02:33:16Z	383 B	35 kB	143.92.39.222
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-10T05:11:21Z	718 B	3.8 kB	104.18.20.226
www.jxys88.net	unknown	2022-01-15T02:49:35Z	2023-03-02T22:42:46Z	1.4 kB	46 kB	173.231.12.68
dvcasha2.ocsp-certum.com	71753	2014-11-27T09:04:42Z	2023-03-10T11:31:10Z	1.0 kB	5.6 kB	23.36.79.10
static.qwahk.com	unknown	2022-11-07T17:39:12Z	2023-03-11T10:58:08Z	382 B	478 kB	206.119.105.166
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
333777258.com	unknown	2022-09-16T13:28:57Z	2022-12-11T07:54:15Z	383 B	81 kB	143.92.39.222
kvkggg.top	unknown	2022-11-08T07:39:56Z	2023-03-06T08:21:35Z	402 B	740 kB	104.21.5.141
taiwtp1.com	unknown	2022-04-08T09:06:08Z	2023-03-10T00:39:27Z	762 B	292 kB	220.128.218.220
1088hg01.oss-cn-hongkong.aliyuncs.com	unknown	2022-10-18T18:59:25Z	2022-11-30T01:29:38Z	402 B	945 kB	47.75.19.69
585227ybn.com	unknown	2022-10-31T14:51:49Z	2023-02-07T09:17:32Z	405 B	161 kB	103.170.15.74
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-10T12:46:23Z	357 B	114 B	180.101.212.103
tt.1468tu.com	unknown	2022-05-27T11:15:48Z	2023-01-20T09:18:01Z	656 B	166 kB	43.153.174.204
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	3.4 kB	7.3 kB	23.36.77.32
592773xgg.com	unknown	2022-10-27T12:51:33Z	2023-02-19T11:05:56Z	405 B	581 kB	103.170.15.114
kvthhh.top	unknown	2022-07-28T13:10:32Z	2023-03-09T17:27:04Z	804 B	1.7 MB	104.21.235.65
imagedelivery.net	255311	2021-09-20T14:34:55Z	2023-03-10T14:37:51Z	878 B	516 kB	104.18.3.36
kvmaa.com	unknown	2015-11-06T05:44:54Z	2023-01-07T21:05:57Z	802 B	844 B	170.178.176.170
ocsp.buypass.com	157566	2017-01-30T05:59:29Z	2023-03-10T12:03:32Z	680 B	4.3 kB	23.36.76.129
fmlb.netlbtu.com	187701	2021-09-14T13:57:06Z	2023-03-09T15:30:49Z	4.1 kB	161 kB	172.247.77.250
acoozzh.top	439448	2022-01-10T02:59:44Z	2023-01-10T02:16:20Z	403 B	159 kB	104.21.33.100
628536nyv.com	unknown	2022-10-29T16:32:10Z	2023-02-25T10:33:58Z	405 B	876 kB	103.170.15.74
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-10T05:16:10Z	2.1 kB	7.3 kB	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-20	medium	339282bdb.com	Sinkholed
2022-11-19	medium	362728tdg.com	Sinkholed
2022-11-19	medium	223969ufy.com	Sinkholed
2022-11-19	medium	628536nyv.com	Sinkholed
2022-11-20	medium	79zxcv.com	Sinkholed
2022-11-20	medium	592773xgg.com	Sinkholed
2022-11-20	medium	79zxcv.com	Sinkholed
2022-11-20	medium	339282bdb.com	Sinkholed
2022-11-20	medium	79zxcv.com	Sinkholed
2022-11-20	medium	829355rff.com	Sinkholed
2022-11-20	medium	585227ybn.com	Sinkholed

JavaScript (17)

	URL	Size	First Seen	Last Seen
	www.jxys88.net/news/index.php	166 B	2023-03-07	2023-04-05
Pretty URL www.jxys88.net/news/index.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-04-05 02:05:15 Times Seen271 Hash 148c395b30fc62c19c4e96a387ce5080 aaad892b0553b427438079c39c45c04a4bd26683 3abae3dd940fa31948ccf4348d0b3dd0528808c33a99915e9ea06c6c9faf097c Loading...

	hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:44:07 Last Seen2023-03-11 14:44:07 Times Seen1 Hash 52351db186b93da3c943198987234226 70aaadb52ede04b8feec74d11ba6228a7d4ea9b1 e4403940da006723a4cf917dfe74642a11ff3593bbb916b06f5e27f4799fb4e3 Loading...

	www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js	1.3 kB	2023-03-11	2023-03-11
Pretty URL www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js IP 173.231.38.5 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:54:55 Last Seen2023-03-11 20:35:36 Times Seen1 Hash 724c4e0c5f8dfbed475ade35b6c6e791 d765514a1e6793a1199e94185e43241dec159274 57dda942ace4e199d49a3a07e74a3057451a21748d27e63a503f5a15eede9355 Loading...

	www.jxys12.xyz/	254 B	2023-03-07	2023-07-10
Pretty URL www.jxys12.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-07-10 02:29:30 Times Seen148 Hash 2b060c01c124335c89db809e88d801f5 4226dea14013c0d2b6a391cebcfafc02e00d9305 46b48e8582d3035db685d90fd6ef29a676ae4f59721521c4025568c81fc43621 Loading...

	hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:44:07 Last Seen2023-03-11 14:44:07 Times Seen1 Hash 1e7177d19d5dbc05a51c95b88e773c5e d5586e85a6e98ad798a30946ed1379e2e3716227 0cc62278710bffd9f457398ad8262ae82f5306a1bcb1182db3b957fa5c0c9817 Loading...

	api.79zxcv.com/sh/328.js	463 B	2023-03-08	2023-03-11
Pretty URL api.79zxcv.com/sh/328.js IP 3.1.217.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:05 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 4ada6e293a75c07ce69d0e9aa7cabe73 a17400b9941f0fa71105caac6ce7e18eea16b7c9 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493 Loading...

	www.dolphinaircondition.com/contact	404 B	2023-03-07	2024-04-18
Pretty URL www.dolphinaircondition.com/contact IP 23.230.206.112 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 08:01:19 Times Seen2975 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.dolphinaircondition.com/tj.js	518 B	2023-03-10	2023-03-14
Pretty URL www.dolphinaircondition.com/tj.js IP 23.230.206.112 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:49:29 Last Seen2023-03-14 08:42:14 Times Seen1 Hash 88b14a692f4c930c62025df2bdaebc14 0a97717e46a68a44af6df334f72f393f8b7e60b5 ae7f13b1dc88d6ef6763880589c4a2a730cc3db2512b8fa082d5bfae418e484b Loading...

	www.dolphinaircondition.com/common.js	1.5 kB	2023-03-07	2023-03-17
Pretty URL www.dolphinaircondition.com/common.js IP 23.230.206.112 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:14 Last Seen2023-03-17 10:41:04 Times Seen1 Hash 2d67599d1e21388fb35a4f6ae7c75a34 d659e4906bd306b2056c78675375c10c520f0435 4f619b09ee009853db7003ec09d8562208b4fd9a643d4706084159df5804b84d Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-24
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.93 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-24 14:00:50 Times Seen18985 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	www.jxys88.net/news/data.php	469 B	2023-03-08	2023-03-11
Pretty URL www.jxys88.net/news/data.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 7f56be0ca5a97f81ac641229e5c24b4c 692a4379baa5daf6b4e173fb012a87641bde14d1 032baef139f9557423b7d7536a112f7bfb6b12b1a17210dec23ed069d5f2d005 Loading...

	hm.baidu.com/hm.js?767084dc00e73f6cb836c66d745218fd	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?767084dc00e73f6cb836c66d745218fd IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:44:07 Last Seen2023-03-11 14:44:07 Times Seen1 Hash 849c216efac3b4ed97e3e2fceef8d8ae 67e2ce37cac8405ea4c27c26b6fc9d0830ada042 f00c3dd257ef83aa6fba97f4dcf4c607a8b6a09f83b461e05861c62f6e28ef43 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3ba64de63e5fd6b16853aec534a7922e	470 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 14:44:07 Last Seen2023-03-11 14:44:07 Times Seen1 Hash 3ba64de63e5fd6b16853aec534a7922e 6074ea515fe44b00f43df17b33a15fde0059f8a1 9cc65f138b8fc5d2f54d579dc061f1b238d0df9a77a3dea41864526ebd3fd5c3 Loading...

		Size	First Seen	Last Seen
	#1 Write - c11358efdc00df229107889ddf732785	351 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 10:06:29 Last Seen2023-03-11 22:51:19 Times Seen1 Hash c11358efdc00df229107889ddf732785 ccabccf8ce36e492ade01bdf53571773c24a82dc bc6eefa90005a569493948d8ae97575bf163beae520323be99102d7d8fb217a1 Loading...

	#2 Write - 61ef1e29e401a82283f5b059b93bb7cd	451 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 14:44:07 Last Seen2023-03-11 14:44:07 Times Seen1 Hash 61ef1e29e401a82283f5b059b93bb7cd d096132c6898c3a150a811eca791e9e2ef7dce4b 2dbf76105e62cb5abb106ad537c3bd3ef4ec82779313e8ec97c3e0fd0dc01523 Loading...

	#3 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-19 06:49:25 Times Seen3761 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#4 Write - 6e092a85eb174ee4a271024278cfb658	325 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 13:54:55 Last Seen2023-03-11 20:35:36 Times Seen1 Hash 6e092a85eb174ee4a271024278cfb658 65891f1f4ad6a54618fa4fbeb4c0539435896667 e967b17ccec9ca604894134066a952a06cb54f663cedb925c3d8575a80a7b0c8 Loading...

HTTP Transactions (256)

URL IP Response Size

dolphinaircondition.com/contact

23.230.206.112

301 Moved Permanently

0 B

URL HTTP/1.1
dolphinaircondition.com/contact
IP
23.230.206.112:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /contact HTTP/1.1
Host: dolphinaircondition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 20 Nov 2022 02:55:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.dolphinaircondition.com/contact

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5665
Expires: Sun, 20 Nov 2022 04:29:56 GMT
Date: Sun, 20 Nov 2022 02:55:31 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:31 GMT
Last-Modified: Sun, 20 Nov 2022 01:22:46 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 02:45:14 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 617
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4661
Expires: Sun, 20 Nov 2022 04:13:12 GMT
Date: Sun, 20 Nov 2022 02:55:31 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: g+vQrWhifcXDTk4qNldfxokEV+emH8RZyd114g0o8Gvil37yLxbl6upZp0v5tElMlubmnBGSWO0=
x-amz-request-id: PMTC6XMSADMHT31V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 02:38:33 GMT
age: 1018
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.dolphinaircondition.com/contact

23.230.206.112

200 OK

781 B

URL HTTP/1.1
www.dolphinaircondition.com/contact
IP
23.230.206.112:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
781 B (781 bytes)
Hash
8a9d32b75eb1bf252deea89b936f5141
24b41af71d97f4a812bcefcc7af8cdc7a3d7a151
640ff66b1ffbed6fd454ed415ccb38e3380459b3c968cf1c6913560aa795df6b

HTTP Headers

GET /contact HTTP/1.1
Host: www.dolphinaircondition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 02:55:32 GMT
Content-Type: text/html
Content-Length: 781
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 02:44:49 GMT
cache-control: public,max-age=3600
age: 643
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3963
Cache-Control: max-age=112643
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:32 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:12:55 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

www.dolphinaircondition.com/tj.js

23.230.206.112

200 OK

518 B

URL HTTP/1.1
www.dolphinaircondition.com/tj.js
IP
23.230.206.112:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with CRLF line terminators
Size
518 B (518 bytes)
Hash
88b14a692f4c930c62025df2bdaebc14
0a97717e46a68a44af6df334f72f393f8b7e60b5
ae7f13b1dc88d6ef6763880589c4a2a730cc3db2512b8fa082d5bfae418e484b

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.dolphinaircondition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/contact

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 02:55:32 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive

www.dolphinaircondition.com/common.js

23.230.206.112

200 OK

738 B

URL HTTP/1.1
www.dolphinaircondition.com/common.js
IP
23.230.206.112:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
738 B (738 bytes)
Hash
70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6

HTTP Headers

GET /common.js HTTP/1.1
Host: www.dolphinaircondition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/contact

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 02:55:33 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

54.148.69.31

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.69.31:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +ghR423gpY1+39KIOBIvzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iqS+fiETKvrvVc0dofEbsHdX0Ow=

www.dolphinaircondition.com/favicon.ico

23.230.206.112

200 OK

1.2 kB

URL HTTP/1.1
www.dolphinaircondition.com/favicon.ico
IP
23.230.206.112:0
ASN
#18779 EGIHOSTING

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.dolphinaircondition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/contact

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 02:55:33 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 25 Nov 2022 02:55:33 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
27136457eec817fe4f87e97abb052c03
20aba1cc50025a6ead80c713c16717891e6711aa
56766fcca1002e151d19100aefe4a1406e2dd086441c60415be311c007aa6d4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56766FCCA1002E151D19100AEFE4A1406E2DD086441C60415BE311C007AA6D4D"
Last-Modified: Sat, 19 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Sun, 20 Nov 2022 08:54:50 GMT
Date: Sun, 20 Nov 2022 02:55:33 GMT
Connection: keep-alive

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7ac975e12a4a6550b2a7902d6660b26c
c96a5fd4e46d32edb3cd52d5e7ec8ba0fcc66a6c
5d5b0949effe243fec1a34dcc2cca728edcef6ee39aca68f483bc456750a5903

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 23 Nov 2022 23:42:25 GMT
ETag: "c96a5fd4e46d32edb3cd52d5e7ec8ba0fcc66a6c"
Last-Modified: Sat, 19 Nov 2022 23:42:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1426
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cde84d4f7bb4e8-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7ac975e12a4a6550b2a7902d6660b26c
c96a5fd4e46d32edb3cd52d5e7ec8ba0fcc66a6c
5d5b0949effe243fec1a34dcc2cca728edcef6ee39aca68f483bc456750a5903

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 23 Nov 2022 23:42:25 GMT
ETag: "c96a5fd4e46d32edb3cd52d5e7ec8ba0fcc66a6c"
Last-Modified: Sat, 19 Nov 2022 23:42:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1426
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cde84d5f85b4e8-OSL

push.zhanzhang.baidu.com/push.js

182.61.201.93

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 20 Nov 2022 02:55:33 GMT
Etag: "4078521116"
Expires: Mon, 20 Nov 2023 02:55:33 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=BE77B237B04D9202FC2814B8EF59DD54:FG=1; max-age=31536000; expires=Mon, 20-Nov-23 02:55:33 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5135
Expires: Sun, 20 Nov 2022 04:21:09 GMT
Date: Sun, 20 Nov 2022 02:55:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5135
Expires: Sun, 20 Nov 2022 04:21:09 GMT
Date: Sun, 20 Nov 2022 02:55:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5135
Expires: Sun, 20 Nov 2022 04:21:09 GMT
Date: Sun, 20 Nov 2022 02:55:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10263 bytes)
Hash
b28e1947dd5435162df86cc70e9fea5d
113700edca01bc6c50b66469dbb773ec362fe929
03a4327afc45c669dc1630b1351ebdd2ecade957fa8a7646811bf8f27358bf65

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10263
x-amzn-requestid: 8edf4efc-4a00-4732-aa8a-987a4c3d6721
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jaKE7FIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c40-214512c570f4d1b3188b4d66;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:36:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3o8nTT7Vs26OvEsBKvmk5H07iuy8b5wtoMEosN2TUT59-dLnknaSWw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:17:36 GMT
etag: "113700edca01bc6c50b66469dbb773ec362fe929"
content-type: image/jpeg
age: 16678
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.jxys88.net/news/index.php

173.231.12.68

200 OK

7.3 kB

URL HTTP/2
www.jxys88.net/news/index.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
7.3 kB (7331 bytes)
Hash
aff392818a2dd6477b1109eadecad059
deb3bcb6d49999b5a37dc01922fd66a67b066cc0
acff45d90ae43c857ee17785a2adc761a639651fd26a1de69243d995dcdb7067

HTTP Headers

GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F54276ef6-e002-4d55-a4fd-6d4f94f787a2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9201 bytes)
Hash
83073085e08b3f219b42b841c1ca52bb
c1b91cf497433f2c8b8ec12a4a71e07f25191b32
913a923c7e210a82dfc6a23580eba7f81fb74a468582e8a7704aaad9958390e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F54276ef6-e002-4d55-a4fd-6d4f94f787a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 91286e80-ec62-49aa-b405-048e17ac69bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3juyFgVoAMFkJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794cc4-024eb9f167cf3c531ebcfce2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ca_WI36s3W3NButlADT1ITYX-Hw4EQTA_MI8fFyqwPiBe_T-mGpGAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:21:16 GMT
age: 16458
etag: "c1b91cf497433f2c8b8ec12a4a71e07f25191b32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s1153EpshSWYGLcN7Zzzs4PgXl9cddZ20gTwh5bK2HOBu4e_PSNCpQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:36:46 GMT
age: 83928
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11562 bytes)
Hash
907cdf495815b066cbeaccd9c862c544
6082de99b599bc3c9ce14e2641a2bf60f9f187d8
fbccb495391bba54b463e8c4eaf3207af00b098c4b5f816011d240257aa56f6c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: f01b0409-b43d-4d9c-92c0-0023c5e49d58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jV_GDmIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c26-69366c73760dcd5b72634f73;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pvgyUJPVgG_PrCetQXIXLgxyEBar2nMFywc6HracpnEsn2tiCw_Pfg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:42:03 GMT
age: 18811
etag: "6082de99b599bc3c9ce14e2641a2bf60f9f187d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7968 bytes)
Hash
a8f1dddf91a53f8f28d70565d1a3458b
9d026c2c53629648cfda4a324eadae6e33de0d55
c352216d126382d7b588ff6e5a3ed6ab12d92dc5e58216cc5883c27bf612a7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7968
x-amzn-requestid: 0dc9cfbf-7e72-45a7-9496-49a5cf1a4465
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEwboAMF1tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-1f40770e29ad853b31a3aa23;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UM4MVSwb8F1uv2jbbdeh8bhV3KJNhqiN9wJj1Yua8h4x762uD8UKyQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
age: 18830
etag: "9d026c2c53629648cfda4a324eadae6e33de0d55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11332 bytes)
Hash
7c7cfb2bfadc38b3aa5d5cce686cd58d
05f7e73017cb1da1bf6b0be17cfe1a9ab456cc1f
6df65a05665766a5e16ea936495f06cddc3a9949ee6e1735be98bd22d0f3ddad

HTTP Headers

GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Sun, 20 Nov 2022 02:55:34 GMT
Etag: b2844f49f38d484ad5be6ff6e9934850
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FAFE25C6F2001A4D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

api.share.baidu.com/s.gif?l=http://www.dolphinaircondition.com/contact

180.101.212.103

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.dolphinaircondition.com/contact
IP
180.101.212.103:0
ASN
#134770 CHINANET Jiangsu province Suzhou taihu IDC network

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.dolphinaircondition.com/contact HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 20 Nov 2022 02:55:34 GMT

hm.baidu.com/hm.js?767084dc00e73f6cb836c66d745218fd

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?767084dc00e73f6cb836c66d745218fd
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (616)
Size
11 kB (11329 bytes)
Hash
d7b395c5c86758df6ad8279d4b493d05
77a3feed1339dd40a6551591876358439e9a91f6
db92c81757c53223d165779f438ec8b14a5711308520233d242f05ecaf7db289

HTTP Headers

GET /hm.js?767084dc00e73f6cb836c66d745218fd HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11329
Content-Type: application/javascript
Date: Sun, 20 Nov 2022 02:55:34 GMT
Etag: 03de18ff510321ceeab43d3fc6e011d4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=401FCB4EA9496F0A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
305b6b1284b3d8e01099fd5735c06ef9
d7c66a4825b9f8faaf44d6e16d14fc82872c49b6
375fb910b9bb6ccde956c11bcf45e7965ec642794a0072560fd1003388b342c1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "375FB910B9BB6CCDE956C11BCF45E7965EC642794A0072560FD1003388B342C1"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4341
Expires: Sun, 20 Nov 2022 04:07:56 GMT
Date: Sun, 20 Nov 2022 02:55:35 GMT
Connection: keep-alive

www.jxys88.net/news/list.php

173.231.12.68

200 OK

95 B

URL HTTP/2
www.jxys88.net/news/list.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
95 B (95 bytes)
Hash
f3c5059d9347f11c6a5022d5b8542beb
3fb3ad0280f430c4fe6bd5f1a3ba7d09cb3a0efb
266d57c2283d4a9308d2313764ea7f172614db4ce42f145575ab78a29e52a22b

HTTP Headers

GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1526980189&si=767084dc00e73f6cb836c66d745218fd&v=1.2.97&lv=1&sn=64160&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.dolphinaircondition.com%2Fcontact&tt=%E6%AD%A6%E5%A8%81%E7%A8%BC%E5%AF%A5%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1526980189&si=767084dc00e73f6cb836c66d745218fd&v=1.2.97&lv=1&sn=64160&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.dolphinaircondition.com%2Fcontact&tt=%E6%AD%A6%E5%A8%81%E7%A8%BC%E5%AF%A5%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1526980189&si=767084dc00e73f6cb836c66d745218fd&v=1.2.97&lv=1&sn=64160&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.dolphinaircondition.com%2Fcontact&tt=%E6%AD%A6%E5%A8%81%E7%A8%BC%E5%AF%A5%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dolphinaircondition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 20 Nov 2022 02:55:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=494E6705E20BD904; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.jxys12.xyz/template/m1938pc/html9/ads/1.gif

173.231.38.5

200 OK

254 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:35 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Tue, 20 Dec 2022 02:55:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif

173.231.38.5

200 OK

193 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 960 x 90\012- data
Size
193 kB (193193 bytes)
Hash
a0f25aca4ee2af38f3d3f5cbfde1bdf8
252b04cdfaa6918b897fc8ef8ae759469ca831eb
89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2

HTTP Headers

GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:35 GMT
content-type: image/gif
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Tue, 20 Dec 2022 02:55:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff

173.231.38.5

200 OK

13 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size
13 kB (13408 bytes)
Hash
99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72

HTTP Headers

GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:36 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11331 bytes)
Hash
afc83dfe3cdf61ada738e3369e2b3732
5377748be315438b76d36dc4e5cba251e8979124
46ac8417fa83a7a22161f142f44e63ba7c6918387f5a45812473fa259a93b342

HTTP Headers

GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sun, 20 Nov 2022 02:55:36 GMT
Etag: 3499e971535b9e5d04fa7f4416417690
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D718F45AA3D41926; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

www.jxys12.xyz/template/m1938pc/static/css/mm-content.css

173.231.38.5

200 OK

459 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/mm-content.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
459 kB (458754 bytes)
Hash
f1f370c0f754d43004cf680fc9bd4ba2
6eba0afc400bd0182f75e7281cd6fcc044f0ae85
c4fafd409b5274ef6d4088905e66bc80139f74971ba14fe8159db16e9bc8fe80

HTTP Headers

GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Sun, 20 Nov 2022 14:55:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif

96.6.16.143

200 OK

1.2 MB

URL HTTP/2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP
96.6.16.143:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
1.2 MB (1197751 bytes)
Hash
6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6

HTTP Headers

GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7012557
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Sun, 20 Nov 2022 02:55:36 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1997319179&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.2.97&lv=1&sn=64162&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1997319179&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.2.97&lv=1&sn=64162&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1997319179&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.2.97&lv=1&sn=64162&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 20 Nov 2022 02:55:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4198B80D2C12F058; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e00984ff65877b40fbb28380e5199a42
e6dca6f67f5818874a2c1019271d1ef90ca3d195
99cfa16cc74f2ab847cadcf631159198269ad4f95c7167a1b268d31bdd9c889d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99CFA16CC74F2AB847CADCF631159198269AD4F95C7167A1B268D31BDD9C889D"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11583
Expires: Sun, 20 Nov 2022 06:08:40 GMT
Date: Sun, 20 Nov 2022 02:55:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e00984ff65877b40fbb28380e5199a42
e6dca6f67f5818874a2c1019271d1ef90ca3d195
99cfa16cc74f2ab847cadcf631159198269ad4f95c7167a1b268d31bdd9c889d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99CFA16CC74F2AB847CADCF631159198269AD4F95C7167A1B268D31BDD9C889D"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11583
Expires: Sun, 20 Nov 2022 06:08:40 GMT
Date: Sun, 20 Nov 2022 02:55:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0487d504f0f3344d56420db3eab85097
5a7e9936e1def11ceac56075cebb594b88cabe21
fc325377307c2a797927b05c647117f3b47e16dd78232c5987b130f38b8a81fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC325377307C2A797927B05C647117F3B47E16DD78232C5987B130F38B8A81FD"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9629
Expires: Sun, 20 Nov 2022 05:36:06 GMT
Date: Sun, 20 Nov 2022 02:55:37 GMT
Connection: keep-alive

tt.1468tu.com/58tu/405x204.gif

43.153.174.204

301 Moved Permanently

166 B

URL HTTP/1.1
tt.1468tu.com/58tu/405x204.gif
IP
43.153.174.204:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /58tu/405x204.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Sun, 20 Nov 2022 02:55:36 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://tt.1468tu.com:1382/58tu/405x204.gif
Server: X-Y

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8045ea2704541a7af96a611993ae6665
85b345433f5e8e057a92959d5c09d51a7d10fc9d
e974fd993a7c1fbf2a8c603b9038517292bcd2473c9f520dacbf31d61dfee615

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:37 GMT
Etag: "63782106-117"
Last-Modified: Sun, 20 Nov 2022 02:00:40 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0487d504f0f3344d56420db3eab85097
5a7e9936e1def11ceac56075cebb594b88cabe21
fc325377307c2a797927b05c647117f3b47e16dd78232c5987b130f38b8a81fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC325377307C2A797927B05C647117F3B47E16DD78232C5987B130F38B8A81FD"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9629
Expires: Sun, 20 Nov 2022 05:36:06 GMT
Date: Sun, 20 Nov 2022 02:55:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8045ea2704541a7af96a611993ae6665
85b345433f5e8e057a92959d5c09d51a7d10fc9d
e974fd993a7c1fbf2a8c603b9038517292bcd2473c9f520dacbf31d61dfee615

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:37 GMT
Etag: "63782106-117"
Last-Modified: Sun, 20 Nov 2022 02:00:40 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public

104.18.3.36

200 OK

24 kB

URL HTTP/2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
IP
104.18.3.36:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
24 kB (24176 bytes)
Hash
2ca0538b0b77324a38cf2b74f16cb6fe
0ef6374accaaedf856fe2532b8001519894e7fbf
2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4

HTTP Headers

GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: image/webp
content-length: 24176
cf-ray: 76cde860ca06b511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfECSi5uQ1bVzCSelFGwcyrA"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=855 c=1+45 v=2022.10.4 l=24176
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public

104.18.3.36

200 OK

491 kB

URL HTTP/2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
IP
104.18.3.36:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
491 kB (491042 bytes)
Hash
97a6cfd13fab368031e3a94356e10952
0b2e97d3a966161fc11d0e7cae49b0c2743dfddd
db4f1f1097b8b552294ce0618b3921f31ea20a3bb464cf67e369f3296c43dc7b

HTTP Headers

GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: image/webp
content-length: 491042
cf-ray: 76cde860fa1fb511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfdHU0TZ3_ylsmE_0zlcciYg"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-images: internal=ok/- q=0 n=44 c=32+715 v=2022.10.4 l=491042
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif

45.150.164.154

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
45.150.164.154:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: text/html
content-length: 162
location: https://kvkaaa.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif

45.150.164.154

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
IP
45.150.164.154:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: text/html
content-length: 162
location: https://kvkaaa.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: text/html
content-length: 162
location: https://kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: text/html
content-length: 162
location: https://kvthhh.top/7546c860e55fa3bf22e5cd95994dd097.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ads-6686.top/225X135.gif

123.253.107.62

200 OK

12 kB

URL HTTP/2
ads-6686.top/225X135.gif
IP
123.253.107.62:0
ASN
#0

File type
GIF image data, version 89a, 225 x 135\012- data
Size
12 kB (11628 bytes)
Hash
cea5d3c342f46ac6e2646554230f4810
cdfea23fb58f0c2ef60288ff378f7518b14023b1
851d3d959c12a9c5e0002209a5cecee9b9cbf97d5ac5df3bf59ed4b1762b9bd1

HTTP Headers

GET /225X135.gif HTTP/1.1
Host: ads-6686.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: load-edge/2.1.1
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: image/gif
content-length: 11628
last-modified: Tue, 01 Nov 2022 08:29:24 GMT
etag: "6360d8e4-2d6c"
strict-transport-security: max-age=31536000
lp-geo: edge-m6eo
lp-addr: 91.90.42.154
lp-request: dad62128-aff5-423a-899c-a02cd13320d6
lp-id: 337661045457bc5c3be1fa564ed0de6f
expires: Sun, 20 Nov 2022 03:00:37 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys88.net/news/data.php

173.231.12.68

200 OK

38 kB

URL HTTP/2
www.jxys88.net/news/data.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
38 kB (38133 bytes)
Hash
7590e07c768264b9d33360cbd12b59fc
bf76cbc083d37b7d8339fba2be3b046df356ac20
b88a69157f999c8bd1fef7f027b231f2a5ee87e7d2ae653bb2522d69553bca0c

HTTP Headers

GET /news/data.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b58cd01d5b34e3d5d2fce39fc98cd5fd
6c206aabbb58053d9e01e153b39b03987407c822
5f3bd9ffe14d6cc0455f8e346bd8ffdd47ffeb62fce77036643033d61a70a938

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 03:31:17 GMT
Expires: Thu, 24 Nov 2022 03:31:16 GMT
Etag: "6c206aabbb58053d9e01e153b39b03987407c822"
Cache-Control: max-age=347138,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde864fb39b4f4-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b804bf7b1426324d5cdfb267d94bf758
726001e527ebb6ea467279fb0c9a843b7fe208dc
51b730d2c8a136e0a00fd9937b5d88e426afcffcd9a24f0597908d755513031d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 12:22:26 GMT
Expires: Fri, 25 Nov 2022 12:22:25 GMT
Etag: "726001e527ebb6ea467279fb0c9a843b7fe208dc"
Cache-Control: max-age=465407,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde864fc40b515-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
698fbcb08a10e627ee91a09b0137a2e5
97ff73afe2487f7900e4936ab2effe3bd2d6956f
d58d055af9657ca6f6cc68759e50b251fe18a247b2a78b983e81693341d3f7e6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 20:52:34 GMT
Expires: Fri, 25 Nov 2022 20:52:33 GMT
Etag: "97ff73afe2487f7900e4936ab2effe3bd2d6956f"
Cache-Control: max-age=496015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde8653b5bb4f4-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
fe5da0eb9fe4d187adab93c9f8b7a86a
54be24e633461fca88df8dcd609525ca536f7e16
63c01a170bc3bf24b6af21bb7aa6bf15804edd0550f651db8a7f33abc0e7fbf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 16:32:08 GMT
Expires: Fri, 25 Nov 2022 16:32:07 GMT
Etag: "54be24e633461fca88df8dcd609525ca536f7e16"
Cache-Control: max-age=480389,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde864fd6a1bfa-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
fd93ca1fec2169813b6a96ff53c237ed
a8aa92bebf49d8c0144c060afc9348bd2c33f105
22eea0f23d1facefc6f569e52d2dd2561f360eb2d79c67a5996e01ee246f262b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 15:19:40 GMT
Expires: Sat, 26 Nov 2022 15:19:39 GMT
Etag: "a8aa92bebf49d8c0144c060afc9348bd2c33f105"
Cache-Control: max-age=562441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde864f872b4ee-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef8b389253118be8f5e0abef62b040db
cbd57b8c3662155480d37a12ea320c063392269d
c21746db3b8ee16df3a9e133ccd14ad15bbdf7ef8fdf4260f5ad43477dde4049

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C21746DB3B8EE16DF3A9E133CCD14AD15BBDF7EF8FDF4260F5AD43477DDE4049"
Last-Modified: Sun, 20 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15553
Expires: Sun, 20 Nov 2022 07:14:50 GMT
Date: Sun, 20 Nov 2022 02:55:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a90da260da2d7fc8164d00bfd8a2cfc
0af80db76216658ae08cce1bc52adf7592fd9b38
175e397e114b1bc72a632b3ca465b477c04d7677a67b7a37ca0b20a75af90d9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "175E397E114B1BC72A632B3CA465B477C04D7677A67B7A37CA0B20A75AF90D9D"
Last-Modified: Thu, 17 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6562
Expires: Sun, 20 Nov 2022 04:44:59 GMT
Date: Sun, 20 Nov 2022 02:55:37 GMT
Connection: keep-alive

ads-6686.top/960-60.gif

123.253.107.62

200 OK

570 kB

URL HTTP/2
ads-6686.top/960-60.gif
IP
123.253.107.62:0
ASN
#0

File type
GIF image data, version 89a, 960 x 60\012- data
Size
570 kB (570462 bytes)
Hash
60393bbfab3aac9d2d4b557ba0752c41
4da3fa5126e9b68041eec58e3b794b28565ddd0a
b7c0b7710cec9c28a60532612d277bfe56400b95f4f524eb7d049a7b4ea73750

HTTP Headers

GET /960-60.gif HTTP/1.1
Host: ads-6686.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: load-edge/2.1.1
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: image/gif
content-length: 570462
last-modified: Mon, 14 Nov 2022 07:53:17 GMT
etag: "6371f3ed-8b45e"
strict-transport-security: max-age=31536000
lp-geo: edge-m6eo
lp-addr: 91.90.42.154
lp-request: 91887c36-7bb4-4075-8dfb-5a0ee3e60f71
lp-id: 955be7e774095dfecc7d2e30530f68f1
expires: Sun, 20 Nov 2022 03:00:37 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef8b389253118be8f5e0abef62b040db
cbd57b8c3662155480d37a12ea320c063392269d
c21746db3b8ee16df3a9e133ccd14ad15bbdf7ef8fdf4260f5ad43477dde4049

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C21746DB3B8EE16DF3A9E133CCD14AD15BBDF7EF8FDF4260F5AD43477DDE4049"
Last-Modified: Sun, 20 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15521
Expires: Sun, 20 Nov 2022 07:14:19 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
7a4f3e7d63fb2664f574e3c20ee01c75
3f41d00e31b635cb411bf55b795f767520b597a7
98ba88ff061fe6bc16bd6cfcd6a506645cb4d28a03d14c43dd49e27cbd85dd72

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 10:05:43 GMT
Expires: Sat, 26 Nov 2022 10:05:42 GMT
Etag: "3f41d00e31b635cb411bf55b795f767520b597a7"
Cache-Control: max-age=543604,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde8654c64b515-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
fa1c766a4597d89d3eec6351d2b6959c
1a9916e57e897d41a5219895bf86192c49bdc8a7
babe10ed7bca2aea1a6f1b3373c25cd3901c3e0a80e19d5aafc6eb8c93971880

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 16:05:49 GMT
Expires: Wed, 23 Nov 2022 16:05:48 GMT
Etag: "1a9916e57e897d41a5219895bf86192c49bdc8a7"
Cache-Control: max-age=306010,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde8659b7db4f4-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
894a1290d4e388aa45128ed981f0f20a
863614d9217ce27cb8e9a81bf767062eba1a830f
9f33e00e72e8d246954a2ced64db9eda5f9f63c7e79f8c3c0d39e8c302e0ee1d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F33E00E72E8D246954A2CED64DB9EDA5F9F63C7E79F8C3C0D39E8C302E0EE1D"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17487
Expires: Sun, 20 Nov 2022 07:47:05 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b804bf7b1426324d5cdfb267d94bf758
726001e527ebb6ea467279fb0c9a843b7fe208dc
51b730d2c8a136e0a00fd9937b5d88e426afcffcd9a24f0597908d755513031d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 12:22:26 GMT
Expires: Fri, 25 Nov 2022 12:22:25 GMT
Etag: "726001e527ebb6ea467279fb0c9a843b7fe208dc"
Cache-Control: max-age=465407,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde864fb3ab4f4-OSL

kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:37 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kzeaa.com/9f40845b27097d68beff34e10f37d7ef.gif

98.126.214.50

301 Moved Permanently

162 B

URL HTTP/2
kzeaa.com/9f40845b27097d68beff34e10f37d7ef.gif
IP
98.126.214.50:0
ASN
#4213 VPLS-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /9f40845b27097d68beff34e10f37d7ef.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: text/html
content-length: 162
location: https://kvkfff.top/9f40845b27097d68beff34e10f37d7ef.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif

98.126.214.50

301 Moved Permanently

162 B

URL HTTP/2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
98.126.214.50:0
ASN
#4213 VPLS-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: text/html
content-length: 162
location: https://kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
e7bef634f98eeebdf89a65fdb3a48afa
606ee0d1946cb74412bd68c0085afcd660a4909a
b04516743cc8fbc127b6923601686c04948dc250f68145254c77e4ee00186f40

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 24 Nov 2022 02:34:30 GMT
ETag: "606ee0d1946cb74412bd68c0085afcd660a4909a"
Last-Modified: Sun, 20 Nov 2022 02:34:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 54
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cde86798bdb517-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
3b1bf7e6a690a06fa593ba5ec2cccd35
1aa7c615b42eb08318dad608e3d2eec57b52ba7f
addde922d4a9452c109ffc557eea21e5b21e88c8079ed4ffb0bb717a46f9129d

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 07:09:56 GMT
Expires: Fri, 25 Nov 2022 07:09:55 GMT
Etag: "1aa7c615b42eb08318dad608e3d2eec57b52ba7f"
Cache-Control: max-age=446656,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde8677c87b4f4-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
3b1bf7e6a690a06fa593ba5ec2cccd35
1aa7c615b42eb08318dad608e3d2eec57b52ba7f
addde922d4a9452c109ffc557eea21e5b21e88c8079ed4ffb0bb717a46f9129d

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 07:09:56 GMT
Expires: Fri, 25 Nov 2022 07:09:55 GMT
Etag: "1aa7c615b42eb08318dad608e3d2eec57b52ba7f"
Cache-Control: max-age=446656,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde867993ab505-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
95c5476d72f7ae234701bcbf6d9ca84e
5480c8ff5a5e9db2e1d7e73904219100510582a4
d2c669c697462e83620057812b69d0ed809e52cda31015006568a79a949078fe

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2C669C697462E83620057812B69D0ED809E52CDA31015006568A79A949078FE"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6585
Expires: Sun, 20 Nov 2022 04:45:23 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
3b1bf7e6a690a06fa593ba5ec2cccd35
1aa7c615b42eb08318dad608e3d2eec57b52ba7f
addde922d4a9452c109ffc557eea21e5b21e88c8079ed4ffb0bb717a46f9129d

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 07:09:56 GMT
Expires: Fri, 25 Nov 2022 07:09:55 GMT
Etag: "1aa7c615b42eb08318dad608e3d2eec57b52ba7f"
Cache-Control: max-age=446656,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde867bec3b4f3-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
deebcb72fad7002a78fa8d277d625ad5
99781aefecfaa1a17f8d940040c53e1f0dab25ab
aa1584792b58cb39bd26f22239dcca4109ca2f67300ab5a16a3df3be68ff5b27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA1584792B58CB39BD26F22239DCCA4109CA2F67300AB5A16A3DF3BE68FF5B27"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13177
Expires: Sun, 20 Nov 2022 06:35:15 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c9f8320ebdd6e3032b638fc6772a7f50
bbe77c3cb1a55efb22971a938e2ee1cbce6c8958
2e1e9b8c68279de9976353cd57f05ad92504dc318ffcf27d9e5b0573a07358a7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E1E9B8C68279DE9976353CD57F05AD92504DC318FFCF27D9E5B0573A07358A7"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9428
Expires: Sun, 20 Nov 2022 05:32:46 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
24411019ec7105d50ec414a844ff9185
e0683ba19e2aacb2e7a8b59338532a012c2a74b4
d4e0c5b99ddcfc7e2a84a8173effb2b5d460ee6c34f1b8e41f9ee85aa7c6fca4

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 23 Nov 2022 23:41:25 GMT
ETag: "e0683ba19e2aacb2e7a8b59338532a012c2a74b4"
Last-Modified: Sat, 19 Nov 2022 23:41:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3590
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cde86818eab517-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
24411019ec7105d50ec414a844ff9185
e0683ba19e2aacb2e7a8b59338532a012c2a74b4
d4e0c5b99ddcfc7e2a84a8173effb2b5d460ee6c34f1b8e41f9ee85aa7c6fca4

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 23 Nov 2022 23:41:25 GMT
ETag: "e0683ba19e2aacb2e7a8b59338532a012c2a74b4"
Last-Modified: Sat, 19 Nov 2022 23:41:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3590
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cde86838f5b517-OSL

dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif

104.110.17.24

200 OK

894 kB

URL HTTP/2
dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
894 kB (893726 bytes)
Hash
1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f

HTTP Headers

GET /images/03950120009rs7dn26B5E.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6478844
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Sun, 20 Nov 2022 02:55:38 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
b847d964bc380453cb4ddab1ca4f5852
9d0cb6bdb1fe8f0446ad8c203d2f8e02daa44b8c
96debc6020bd5fcdcc860c2c3efcd4e0adb376697df485032a39d983e0101571

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "96DEBC6020BD5FCDCC860C2C3EFCD4E0ADB376697DF485032A39D983E0101571"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 20 Nov 2022 08:55:38 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

www.jxys12.xyz/template/m1938pc/static/css/style.css

173.231.38.5

200 OK

136 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/style.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
136 kB (135923 bytes)
Hash
9e07b4fdc60c24378ae6bbc1d7ed94ba
8269cccf6ef033a0ed36b318f4c4a8f36ac8ccb1
fb3d967429567fb39bd3236b8deb641dc4eed8d9576b2aebfb3889e5c20b7cc6

HTTP Headers

GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Sun, 20 Nov 2022 14:55:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: text/html
content-length: 162
location: https://kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient

104.110.17.24

200 OK

151 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 120\012- data
Size
151 kB (151061 bytes)
Hash
89c820a186cb325d9979cdae663875eb
e9dbc77e9d46e03ebec28aaca2bf5e302767064f
9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade

HTTP Headers

GET /images/0102y120009tf26vrA1E9.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 151061
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=8941055
expires: Fri, 03 Mar 2023 14:33:13 GMT
date: Sun, 20 Nov 2022 02:55:38 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif

104.110.17.24

200 OK

415 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
415 kB (414559 bytes)
Hash
1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84

HTTP Headers

GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11597526
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Sun, 20 Nov 2022 02:55:38 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea0be904d5d96c5ffbb3526813efc03
f650f3ed9cc4f4b8c0e546b3e9f5bd291060ee9a
2e4bace85e54c6dd5b1324c799d8d9218dcba74cd4198737973e7b7d604a8f98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E4BACE85E54C6DD5B1324C799D8D9218DCBA74CD4198737973E7B7D604A8F98"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12937
Expires: Sun, 20 Nov 2022 06:31:15 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg

23.224.61.222

200 OK

57 kB

URL HTTP/1.1
200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
IP
23.224.61.222:0
ASN
#40065 CNSERVERS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data
Size
57 kB (57375 bytes)
Hash
61b977b3527d7c0e27e2af877b5a5c59
4a1f0beee6c8215da2bfda76b5f1c87d62925bfc
945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff

HTTP Headers

GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1
Host: 200.benbenys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:37 GMT
Server: Apache
Expires: Tue, 20 Dec 2022 02:55:37 GMT
Pragma: cache
Cache-Control: max-age=2592000
Upgrade: h2
Connection: Upgrade, close
Content-Length: 57375
Content-Type: image/jpeg

www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif

104.21.23.48

200 OK

48 kB

URL HTTP/2
www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif
IP
104.21.23.48:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 150 x 150\012- data
Size
48 kB (47538 bytes)
Hash
238e06fae36a60963dd217adc895c9e4
feb1b8c405b5e162fb23a7727aedb83eae0a9e9f
321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce

HTTP Headers

GET /upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif HTTP/1.1
Host: www.yssydh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 47538
last-modified: Wed, 27 Jul 2022 08:34:24 GMT
etag: "62e0f890-b9b2"
expires: Sat, 03 Dec 2022 16:45:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1419003
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiPq0%2BVXmbZzM0chazjY19Lk1XDHThTQomA5CNI5U85Ims%2BAjx%2FEDChZtDp%2BkDESqeNE0dBEDukflX7XRvVKm8Gr83nSRazdJYik8%2FmnLm8ZJhR2%2Bue2YDBmCiOqa9u7Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde8693fcd0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
5cde5c09ef845a0625d20ad73888abee
2d8daded05cdd2cb67f22f4d80810e221cffe148
32427640b1916538befca17179f74c9d5fa6bbe01e3b6aaf3300c37c423ce1eb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: d2167081-2b13-4908-97e7-c5ff8dca3d31
Content-Length: 1700
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
a87cb448d36abda0fca377c06214efbd
ed2abf76bb85fa17ae0534eeeb0bcb5829ce8e15
f280a711ceddc38a8c2ed83460ea2976069b5299b68de240c592fc0184cc84fc

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 24 Nov 2022 01:27:25 GMT
ETag: "ed2abf76bb85fa17ae0534eeeb0bcb5829ce8e15"
Last-Modified: Sun, 20 Nov 2022 01:27:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1640
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cde869a9abb517-OSL

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
c0d067516b33643641081805aec3032e
dd7a48b30d8aa6f23b362167576f25533d7f7965
13311ec326fc1cb8edda32812935ef007f8349e5af0d1893c19f3f942da3b5ba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 19fb1d91-c9e7-4d11-bc3c-eb288db46778
Content-Length: 1700
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a1b91cbd9c668ffd5b4174f4a1282b66
d80002bb261b14d7ef5703575f6165a60c162025
e1f7084ba112b6870c20f07f4ac9dd1c8f0b23ab30505b1fd8c6c99348aec61a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1F7084BA112B6870C20F07F4AC9DD1C8F0B23AB30505B1FD8C6C99348AEC61A"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7282
Expires: Sun, 20 Nov 2022 04:57:00 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

fmlb.netlbtu.com/images/2021/7/13/dmm63.jpg

172.247.77.250

301 Moved Permanently

239 B

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/13/dmm63.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
239 B (239 bytes)
Hash
67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164

HTTP Headers

GET /images/2021/7/13/dmm63.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/13/dmm63.jpg

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
236ff4d4d26ffa6332f2abc9d6935b1a
b0366768f7d7738c88f805b3102fa6242551a642
1c7606b34d35dfa94f6afafba3e721fe05a750b2a749ada1dcc56c71d7fde3fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161251
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:38 GMT
Etag: "63796a0d-116"
Expires: Mon, 21 Nov 2022 23:43:09 GMT
Last-Modified: Sat, 19 Nov 2022 23:43:09 GMT
Server: nginx
Content-Length: 278

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
3b1bf7e6a690a06fa593ba5ec2cccd35
1aa7c615b42eb08318dad608e3d2eec57b52ba7f
addde922d4a9452c109ffc557eea21e5b21e88c8079ed4ffb0bb717a46f9129d

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 07:09:56 GMT
Expires: Fri, 25 Nov 2022 07:09:55 GMT
Etag: "1aa7c615b42eb08318dad608e3d2eec57b52ba7f"
Cache-Control: max-age=446656,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde8679a9f0b59-OSL

3p8801.co/yy-960x60.gif

142.0.131.26

200 OK

37 kB

URL HTTP/2
3p8801.co/yy-960x60.gif
IP
142.0.131.26:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
37 kB (37300 bytes)
Hash
95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644

HTTP Headers

GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Tue, 20 Dec 2022 02:55:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
b07dfb28865aeba42c5d3980e09bd9de
617cd9b02c7e5406ce49ab265a92c2a2b01b742a
22786d13be52f82fce4fe2547bb719a438b52f801df5b045f9cbe030d6882d04

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "22786D13BE52F82FCE4FE2547BB719A438B52F801DF5B045F9CBE030D6882D04"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5081
Expires: Sun, 20 Nov 2022 04:20:19 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif

104.21.33.100

200 OK

158 kB

URL HTTP/2
acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif
IP
104.21.33.100:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 500 x 300\012- data
Size
158 kB (158376 bytes)
Hash
55574ea2b72e2fbe45871f66165442a8
7fd461a708c87486335dde3e12740c188af0facd
005f42b2004591c7bdb51b40cab0711f489c32bb10ddc2061c5c48469fd769a0

HTTP Headers

GET /30e6eb2de3e8d7da7879e39548fdfe92.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 158376
last-modified: Mon, 02 May 2022 19:18:16 GMT
etag: "62702e78-26aa8"
expires: Mon, 12 Dec 2022 14:19:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 650178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yYu%2Fu9qnz9uU0DIuY7RpoG1OfWwfnbiV2OHFrIauTabVkfwunmEZDox5dzo5jIXaj8%2F%2Fsat4ltg2lAmAr38fRDLGvVJD6l2Elkgzh%2BGd7Jal8tnkHiJDyWBZ88WWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86a2dc8b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/v5hzjuoe3wg1617v5hzjuoe3wg262847.jpg

104.22.12.214

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/v5hzjuoe3wg1617v5hzjuoe3wg262847.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12180 bytes)
Hash
ee12fc39ddb67dfdaa9c024fafb0c43c
80f3395a1e883c2f3710ca599a9e54ac2aa8c66d
6e560a21f80c5eda8fa01e77dfaf80b7e978a7c4ed8a83c0d527afe942e8dec1

HTTP Headers

GET /upload/vod/2022/11-19/16/v5hzjuoe3wg1617v5hzjuoe3wg262847.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 12180
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12882
content-disposition: inline; filename="v5hzjuoe3wg1617v5hzjuoe3wg262847.webp"
etag: "63789116-3252"
last-modified: Sat, 19 Nov 2022 08:17:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1641
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a5a45b521-OSL
X-Firefox-Spdy: h2

kveff.com/68a7807de3933bf7079116fa9df99e6f.gif

66.150.130.123

301 Moved Permanently

162 B

URL HTTP/2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
66.150.130.123:0
ASN
#35913 DEDIPATH-LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: text/html
content-length: 162
location: https://kvteee.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/ycfiaev1bo11617ycfiaev1bo1252845.jpg

104.22.12.214

200 OK

15 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/ycfiaev1bo11617ycfiaev1bo1252845.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
15 kB (15432 bytes)
Hash
37f9c31e45a9aca812a05a02b719c17b
c418610da59df28d915a7bff8f1fd4fbeb8f7431
6601bbc46234838405a56c9c055a4298d280104f5e4eca6a883c05e0656d5325

HTTP Headers

GET /upload/vod/2022/11-19/16/ycfiaev1bo11617ycfiaev1bo1252845.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/jpeg
content-length: 15432
cf-bgj: imgq:85,h2pri
cf-polished: origSize=16250, status=webp_bigger
etag: "63789115-3f7a"
last-modified: Sat, 19 Nov 2022 08:17:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1641
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86a5a49b521-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1af5c26a51a9af9e8691272b5963bdab
8610c7178e766de503d4d437ac4a02147f8956c8
3fb2793250e77e96fdc09baed4f2d10c4634b5fa0eb0ec0ac0cca51bd6ce3090

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FB2793250E77E96FDC09BAED4F2D10C4634B5FA0EB0EC0AC0CCA51BD6CE3090"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21523
Expires: Sun, 20 Nov 2022 08:54:21 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1af5c26a51a9af9e8691272b5963bdab
8610c7178e766de503d4d437ac4a02147f8956c8
3fb2793250e77e96fdc09baed4f2d10c4634b5fa0eb0ec0ac0cca51bd6ce3090

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FB2793250E77E96FDC09BAED4F2D10C4634B5FA0EB0EC0AC0CCA51BD6CE3090"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 20 Nov 2022 08:55:38 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c766416c148f33acd9a845fb00c1361c
2b4a56cd487d5873efa8ef2d98c6809657b9e8d8
d7437e0e16156ab2f9a58c0bab04cef52330d0ce357ac51dbe7921cda22c2226

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7437E0E16156AB2F9A58C0BAB04CEF52330D0CE357AC51DBE7921CDA22C2226"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16038
Expires: Sun, 20 Nov 2022 07:22:56 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif

103.170.15.104

200 OK

113 kB

URL HTTP/1.1
339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif
IP
103.170.15.104:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
113 kB (113076 bytes)
Hash
293a0887f1ab0b9517c19b77d51626dd
74adbd76d248f6cfc5cffdfaaaaaf942b69b080b
e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /47a7724b974a47a0a7ff9b1c9af7a26c.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b942d-1b9b4"
Date: Sat, 19 Nov 2022 15:57:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:34:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-34
Content-Length: 113076

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
524b14d6d0355625010777d9af2f1bf0
672ccf988f04aa308d5a8eeb06919ad144e00024
234e2dbdd30d7bb0ba4356f83083efee9c0e376514e49b5de8ac0c3d95bf5bd0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1314
Cache-Control: max-age=156085
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:38 GMT
Etag: "637950bd-2d7"
Expires: Mon, 21 Nov 2022 22:17:03 GMT
Last-Modified: Sat, 19 Nov 2022 21:55:09 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 727

362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif

103.170.15.104

200 OK

423 kB

URL HTTP/1.1
362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
IP
103.170.15.104:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
423 kB (422791 bytes)
Hash
bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /33f557d8ed124da9b6a2642dac638bcd..gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9147-67387"
Date: Thu, 17 Nov 2022 03:25:40 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:22:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-34
Content-Length: 422791

i.ibb.co/tL26d3m/240x140.gif

51.210.32.132

404 Not Found

1.0 kB

URL HTTP/2
i.ibb.co/tL26d3m/240x140.gif
IP
51.210.32.132:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size
1.0 kB (1031 bytes)
Hash
7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

HTTP Headers

GET /tL26d3m/240x140.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
524b14d6d0355625010777d9af2f1bf0
672ccf988f04aa308d5a8eeb06919ad144e00024
234e2dbdd30d7bb0ba4356f83083efee9c0e376514e49b5de8ac0c3d95bf5bd0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1546
Cache-Control: max-age=156317
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:38 GMT
Etag: "637950bd-2d7"
Expires: Mon, 21 Nov 2022 22:20:55 GMT
Last-Modified: Sat, 19 Nov 2022 21:55:09 GMT
Server: ECS (amb/6B8B)
X-Cache: HIT
Content-Length: 727

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
524b14d6d0355625010777d9af2f1bf0
672ccf988f04aa308d5a8eeb06919ad144e00024
234e2dbdd30d7bb0ba4356f83083efee9c0e376514e49b5de8ac0c3d95bf5bd0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1337
Cache-Control: max-age=156108
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:38 GMT
Etag: "637950bd-2d7"
Expires: Mon, 21 Nov 2022 22:17:26 GMT
Last-Modified: Sat, 19 Nov 2022 21:55:09 GMT
Server: ECS (amb/6BB3)
X-Cache: HIT
Content-Length: 727

p3.douyinpic.com/obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a

47.246.44.230

200 OK

366 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a
IP
47.246.44.230:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 80\012- data
Size
366 kB (366541 bytes)
Hash
c9e86d7a56b581cc32a6a4380112c0ce
0d35256c35a6f9a4716ae254265428d2f4240c87
5870de497beb45d424d67b39a4aaa841f675d3162780e738bcc26e8ca3e81fc2

HTTP Headers

GET /obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 366541
date: Thu, 17 Nov 2022 09:57:38 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:55:33 GMT
nw-session-id: 202211171755330101351600153CA97837jtqbj03dy
nw-session-trace: 2022-11-17T17:55:33.515252114+08:00 348
x-bdcdn-cache-status: TCP_HIT
x-length: 366541
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:55:33 GMT
x-tt-logid: 202211171755330101351600153CA97837
via: n150-062-144, cache19.l2de2[0,0,206-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache3.se1[0,0,200-0,H], cache7.se1[3,0]
x-request-ip: fdbd:dc02:19:466::76
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 0110eacfba1d3294f86dd74dc0b7b71efc055ca732c6600bba2d6741b693d82f2d1590ac9ee4aaedb3b340de3ae0e5d8206554d70f1b5f0128f5ddf57f5761d5d118ed9bfd3ce7ed23b9f7c85bc468e1789327cf0f953a0eefbb84065abddde000
x-response-lb: image
ali-swift-global-savetime: 1668679059
age: 233879
x-cache: HIT TCP_MEM_HIT dirn:11:80823402
x-swift-savetime: Thu, 17 Nov 2022 09:58:21 GMT
x-swift-cachetime: 31535958
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16689129387275089e
X-Firefox-Spdy: h2

333777258.com/960-120xin.gif

143.92.39.222

200 OK

81 kB

URL HTTP/1.1
333777258.com/960-120xin.gif
IP
143.92.39.222:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 960 x 120\012- data
Size
81 kB (80882 bytes)
Hash
2a333ef52cf265c5bacb4c44af81f8a0
9a55bc9f836e2a6e95d0c2812bf2d72b547132a7
9acdd4f9670d9dd95659e36c9f5843fcbeda3e3dad50ec8977a66dfa71ce8385

HTTP Headers

GET /960-120xin.gif HTTP/1.1
Host: 333777258.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: image/gif
Content-Length: 80882
Connection: keep-alive
Last-Modified: Sun, 16 Oct 2022 05:51:16 GMT
ETag: "634b9bd4-13bf2"
Expires: Tue, 20 Dec 2022 02:06:18 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cloudflare
X-Cache-Status: HIT
Accept-Ranges: bytes

p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae

47.246.44.230

200 OK

562 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
IP
47.246.44.230:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 80\012- data
Size
562 kB (561802 bytes)
Hash
6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05

HTTP Headers

GET /obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Fri, 18 Nov 2022 19:58:06 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 18 Nov 2022 19:58:06 GMT
nw-session-id: 20221119035806010208035214324B8A9Azgbhl03dy
nw-session-trace: 2022-11-19T03:58:06.170042138+08:00 50
x-bdcdn-cache-status: TCP_MISS
x-length: 561802
x-powered-by: ImageX
x-response-date: Sat, 19 Nov 2022 03:58:06 GMT
x-tt-logid: 20221119035806010208035214324B8A9A
via: n204-098-037, cache9.l2de2[0,0,206-0,H], cache5.l2de2[5,0], cache5.l2de2[6,0], cache8.se1[0,0,200-0,H], cache7.se1[2,0]
x-request-ip: fdbd:dc01:25:80::214
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 0142120165bdd49e45bf33de3580ec6f8fe61089655384dd8451b21612df657faa285ee6c1cd0ed7f60bc745bbdbc801b70bab560b33d6b8c0c93e06133192c55b1d07c0e024d75362f2d5ed3c5559c4dafa64e11536688a90fc1464ddf4abecfb
x-response-lb: image
ali-swift-global-savetime: 1668801486
age: 111452
x-cache: HIT TCP_MEM_HIT dirn:1:308866040 mlen:0
x-swift-savetime: Fri, 18 Nov 2022 20:43:51 GMT
x-swift-cachetime: 31533255
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16689129387515116e
X-Firefox-Spdy: h2

223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif

45.61.212.229

200 OK

359 kB

URL HTTP/1.1
223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
IP
45.61.212.229:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
359 kB (358672 bytes)
Hash
668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ddc7ee998e5442059a05a76f45a279b8.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63665362-57910"
Date: Thu, 10 Nov 2022 14:07:44 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 05 Nov 2022 12:13:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-29
Content-Length: 358672

628536nyv.com/de3349334ce8400795036157f6b0cae6.gif

103.170.15.74

200 OK

876 kB

URL HTTP/1.1
628536nyv.com/de3349334ce8400795036157f6b0cae6.gif
IP
103.170.15.74:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 750 x 100\012- data
Size
876 kB (875887 bytes)
Hash
615bb5640bd5731d565ce226248874aa
6078a171d5f984f650d0b310c216e286bcb6f36d
6dd751858e88556c5f2191769bf831076fa4a6ea2f5d84cd0f21c30ca2b45545

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /de3349334ce8400795036157f6b0cae6.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63776848-d5d6f"
Date: Fri, 18 Nov 2022 11:33:27 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 18 Nov 2022 11:11:04 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-04
Content-Length: 875887

p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42

47.246.44.230

200 OK

420 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
IP
47.246.44.230:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
420 kB (420442 bytes)
Hash
7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb

HTTP Headers

GET /obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Thu, 17 Nov 2022 08:05:12 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 08:04:55 GMT
nw-session-id: 20221117160455010175088205489D283Edffxv02dy
nw-session-trace: 2022-11-17T16:04:55.135790407+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 16:04:55 GMT
x-tt-logid: 20221117160455010175088205489D283E
via: n150-056-038, cache1.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache7.se1[2,0]
x-request-ip: fdbd:dc02:22:591::147
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01307a3fb6122614a2cf2861b66f794cde44fb789caf024a9d7b2c6561afdf19f775a092f1c68726af9bc843af9d0ac960e24a539cf77cbcdda5d0e4291dcc3344458d0ed78fd87e483c6a160aeb1e5530716a4a1a22319dfa833dc91d61d824ef
x-response-lb: image
ali-swift-global-savetime: 1668672312
age: 240626
x-cache: HIT TCP_MEM_HIT dirn:4:339656093
x-swift-savetime: Thu, 17 Nov 2022 08:34:25 GMT
x-swift-cachetime: 31534247
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16689129387375097e
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3a6684feb67fde3498a2d489c3ae810f
51b369b34b2ad37c497bfb1aba2d1a6600ab02f0
c63017af6bf2c5b4adf673a8bb0c63ef77f3f8c5553b2df34b73f6794eeeae87

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=88168
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:38 GMT
Etag: "63784c92-1d7"
Expires: Mon, 21 Nov 2022 03:25:06 GMT
Last-Modified: Sat, 19 Nov 2022 03:25:06 GMT
Server: nginx
Content-Length: 471

api.79zxcv.com/sh/328.js

3.1.217.64

200 OK

463 B

URL HTTP/1.1
api.79zxcv.com/sh/328.js
IP
3.1.217.64:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (463), with no line terminators
Size
463 B (463 bytes)
Hash
4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sh/328.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS

3p8801.co/a-960x60.gif

142.0.131.26

200 OK

49 kB

URL HTTP/2
3p8801.co/a-960x60.gif
IP
142.0.131.26:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
49 kB (49174 bytes)
Hash
bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db

HTTP Headers

GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Tue, 20 Dec 2022 02:55:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

6937555.com/111/x11.gif

104.149.139.254

200 OK

426 kB

URL HTTP/1.1
6937555.com/111/x11.gif
IP
104.149.139.254:0
ASN
#40676 AS40676

File type
GIF image data, version 89a, 393 x 262\012- data
Size
426 kB (425627 bytes)
Hash
8bae222affa48844776828e91737c9ea
3c24ae989fed8a463e723b513634d6c96416a8ca
203d9927c0f470cc1b9e2116f2ffc23d3ede6acbdd657fe66aa7874526f2b5a3

HTTP Headers

GET /111/x11.gif HTTP/1.1
Host: 6937555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 20 Nov 2022 02:55:37 GMT
Content-Type: image/gif
Content-Length: 425627
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 11:21:10 GMT
ETag: "6332dca6-67e9b"
Cache-Control: max-age=2592000
Accept-Ranges: bytes

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
2bc3615194e2df554da6a6350663d79e
35f1a0fc9c273012887f9024e6451bf8d66b736b
44a3b1bfdfaa762aa26a770bb65e9690a193f003a7cd6b3dd879137cda61db86

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "44A3B1BFDFAA762AA26A770BB65E9690A193F003A7CD6B3DD879137CDA61DB86"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18024
Expires: Sun, 20 Nov 2022 07:56:02 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
af7e763ea9c3d70adca828f6168ff0b0
476eb296b294aaff489f07c8f502a39cd8952083
b62777288d60208ede66cb302912afd5fbf2120782e9cc4fcdf7ee1a82f26449

HTTP Headers

POST /s/gts1p5/mxpEmQKZIUM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif

103.170.15.114

200 OK

580 kB

URL HTTP/1.1
592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
IP
103.170.15.114:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
580 kB (580315 bytes)
Hash
1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ec0e8c2b5d2a4082a1acaceabcfca983.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba261-8dadb"
Date: Sat, 12 Nov 2022 03:27:40 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:35:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-44
Content-Length: 580315

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
2bc3615194e2df554da6a6350663d79e
35f1a0fc9c273012887f9024e6451bf8d66b736b
44a3b1bfdfaa762aa26a770bb65e9690a193f003a7cd6b3dd879137cda61db86

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "44A3B1BFDFAA762AA26A770BB65E9690A193F003A7CD6B3DD879137CDA61DB86"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Sun, 20 Nov 2022 08:55:21 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

api.79zxcv.com/sh/317.js

3.1.217.64

200 OK

463 B

URL HTTP/1.1
api.79zxcv.com/sh/317.js
IP
3.1.217.64:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (463), with no line terminators
Size
463 B (463 bytes)
Hash
4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sh/317.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/gmj0bklpg2h1617gmj0bklpg2h212837.jpg

104.22.12.214

200 OK

5.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/gmj0bklpg2h1617gmj0bklpg2h212837.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5552 bytes)
Hash
9818b1fa1adaaf07666c64b2f1f64f7d
bd4f9f7db7742f6ce788a7ad2967c02b183e4386
163530ec4cefa2b96d4eb006eac2c3b9207683d2d1052158f627783c5edb1b03

HTTP Headers

GET /upload/vod/2022/11-19/16/gmj0bklpg2h1617gmj0bklpg2h212837.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 5552
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7126
content-disposition: inline; filename="gmj0bklpg2h1617gmj0bklpg2h212837.webp"
etag: "63789111-1bd6"
last-modified: Sat, 19 Nov 2022 08:17:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a5a47b521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/gfuoreuzzln1617gfuoreuzzln232841.jpg

104.22.12.214

200 OK

9.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/gfuoreuzzln1617gfuoreuzzln232841.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.1 kB (9112 bytes)
Hash
5885476ab76d2c9aeb695a144f2824e4
5f8ec205463678d4555ba27de75f52fcbb56566e
cf9d0cdc452c896ccd44b5fbfc58a1fc1c5018d92029198478addc360df74ece

HTTP Headers

GET /upload/vod/2022/11-19/16/gfuoreuzzln1617gfuoreuzzln232841.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 9112
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10092
content-disposition: inline; filename="gfuoreuzzln1617gfuoreuzzln232841.webp"
etag: "63789113-276c"
last-modified: Sat, 19 Nov 2022 08:17:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a5a4db521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/d3h4f53oxtu1648d3h4f53oxtu463295.jpg

104.22.12.214

200 OK

5.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/d3h4f53oxtu1648d3h4f53oxtu463295.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5620 bytes)
Hash
67129cf3ebad4b1ddd3f0a981cc56ef3
efe76be1d2cb120994ef62c12185a7eda1b84a4c
e18ccf14690098e69d3ab4cce858b57ef030aaf19e7182d03d61c1825713900c

HTTP Headers

GET /upload/vod/2022/11-19/16/d3h4f53oxtu1648d3h4f53oxtu463295.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 5620
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8270
content-disposition: inline; filename="d3h4f53oxtu1648d3h4f53oxtu463295.webp"
etag: "6378986e-204e"
last-modified: Sat, 19 Nov 2022 08:48:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a5a46b521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/xtxfpakoxqa1648xtxfpakoxqa483299.jpg

104.22.12.214

200 OK

5.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/xtxfpakoxqa1648xtxfpakoxqa483299.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.4 kB (5448 bytes)
Hash
fb6b7c6bd526c7b175eaa4af20837711
40446b401b4e8fe4172a870847865d0c61647d0b
dc0724c091825956ab2d1aaf583adf76afd265b54b2df4d8fb42c0da6459f7e4

HTTP Headers

GET /upload/vod/2022/11-19/16/xtxfpakoxqa1648xtxfpakoxqa483299.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 5448
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7977
content-disposition: inline; filename="xtxfpakoxqa1648xtxfpakoxqa483299.webp"
etag: "63789870-1f29"
last-modified: Sat, 19 Nov 2022 08:48:48 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a5a4bb521-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1879618f6648b6723105afc66954bca8
6d04c6969e45fab24e59ea0415745c8741eb611c
01bbe0f2fe954ca87448ac2f702ec8d49db9c8957c78285643e9e43e6375382b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01BBE0F2FE954CA87448AC2F702EC8D49DB9C8957C78285643E9E43E6375382B"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15616
Expires: Sun, 20 Nov 2022 07:15:54 GMT
Date: Sun, 20 Nov 2022 02:55:38 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/xmycpasa2zn1617xmycpasa2zn192835.jpg

104.22.12.214

200 OK

7.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/xmycpasa2zn1617xmycpasa2zn192835.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.3 kB (7340 bytes)
Hash
db9864ac248ea4d1d23bcc07d2f54ed5
86bb800c27f088be740b81f378da0d20974e0672
e61423f372343d255215a24b3e2a4adcad236193c76e426ff84a42f56e4aa83d

HTTP Headers

GET /upload/vod/2022/11-19/16/xmycpasa2zn1617xmycpasa2zn192835.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 7340
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8524
content-disposition: inline; filename="xmycpasa2zn1617xmycpasa2zn192835.webp"
etag: "6378910f-214c"
last-modified: Sat, 19 Nov 2022 08:17:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a5a48b521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/ul3pibqennj1617ul3pibqennj242843.jpg

104.22.12.214

200 OK

9.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/ul3pibqennj1617ul3pibqennj242843.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.4 kB (9430 bytes)
Hash
53e1c03b3fbda491c983ccb997bf9877
3999c24608bb8b3c815e74e22129d8ee6b0306ac
ad8e9448d22a027b3a84c34e578e1bc4321b3a2526bdffc76fcf76f27756dd51

HTTP Headers

GET /upload/vod/2022/11-19/16/ul3pibqennj1617ul3pibqennj242843.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 9430
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10413
content-disposition: inline; filename="ul3pibqennj1617ul3pibqennj242843.webp"
etag: "63789114-28ad"
last-modified: Sat, 19 Nov 2022 08:17:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a6a50b521-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
af7e763ea9c3d70adca828f6168ff0b0
476eb296b294aaff489f07c8f502a39cd8952083
b62777288d60208ede66cb302912afd5fbf2120782e9cc4fcdf7ee1a82f26449

HTTP Headers

POST /s/gts1p5/mxpEmQKZIUM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/mcrtp2dvtdm1617mcrtp2dvtdm272849.jpg

104.22.12.214

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/mcrtp2dvtdm1617mcrtp2dvtdm272849.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12540 bytes)
Hash
eecbde34301788c9e5f018a714b0e99c
a4743e1e75c5127f84fbbe94bbf11b5d00df7ddc
384177f182ec26350b74ad85e9ccb16545bcaf84d3a798281a27d9f2cda8e52e

HTTP Headers

GET /upload/vod/2022/11-19/16/mcrtp2dvtdm1617mcrtp2dvtdm272849.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 12540
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13152
content-disposition: inline; filename="mcrtp2dvtdm1617mcrtp2dvtdm272849.webp"
etag: "63789117-3360"
last-modified: Sat, 19 Nov 2022 08:17:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a7a52b521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg

104.22.12.214

200 OK

9.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.5 kB (9504 bytes)
Hash
8fe9c506b4edb32a653396705f3120a6
d2eff7b1c1bfac9c1cd04ffece89fde07b0dd470
4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0

HTTP Headers

GET /upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 9504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10345
content-disposition: inline; filename="voxkidqmc5v1447voxkidqmc5v04679.webp"
etag: "6350eee8-2869"
last-modified: Thu, 20 Oct 2022 06:47:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86a5a4cb521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/yhk4jx3jh121648yhk4jx3jh12473297.jpg

104.22.12.214

200 OK

6.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/yhk4jx3jh121648yhk4jx3jh12473297.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.5 kB (6538 bytes)
Hash
54ea45b036d82183c97b1c880d660f97
1d08f3cfb46a601e7cf083db5811ea3ad783085e
0497731f3e9374e4f7ccca7020e177f93d942aaa27df7890bbadf9c2166b8c91

HTTP Headers

GET /upload/vod/2022/11-19/16/yhk4jx3jh121648yhk4jx3jh12473297.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 6538
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7651
content-disposition: inline; filename="yhk4jx3jh121648yhk4jx3jh12473297.webp"
etag: "6378986f-1de3"
last-modified: Sat, 19 Nov 2022 08:48:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86aaa7cb521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/ktuv5djbw1y1617ktuv5djbw1y222839.jpg

104.22.12.214

200 OK

6.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/ktuv5djbw1y1617ktuv5djbw1y222839.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.4 kB (6358 bytes)
Hash
26db38f220c2b90b53a4ff8daeb6d022
6f1c8475c9a18124ffbb04a4153cd7f3ec0d2408
475784d512ad2c071897b76ad95ad90efe5fd8c7b1bed64588f385a79e2668cf

HTTP Headers

GET /upload/vod/2022/11-19/16/ktuv5djbw1y1617ktuv5djbw1y222839.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/webp
content-length: 6358
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8852
content-disposition: inline; filename="ktuv5djbw1y1617ktuv5djbw1y222839.webp"
etag: "63789112-2294"
last-modified: Sat, 19 Nov 2022 08:17:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86aba84b521-OSL
X-Firefox-Spdy: h2

pic.picnewsss.com/tu-2022290039/se-1.jpg

23.225.139.251

200 OK

27 kB

URL HTTP/2
pic.picnewsss.com/tu-2022290039/se-1.jpg
IP
23.225.139.251:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Size
27 kB (26754 bytes)
Hash
d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e

HTTP Headers

GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Sun, 20 Nov 2022 02:38:03 GMT
etag: "1668912117"
expires: Tue, 20 Dec 2022 02:38:03 GMT
last-modified: Sun, 20 Nov 2022 02:41:57 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg

104.22.12.214

200 OK

5.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.7 kB (5660 bytes)
Hash
faf004bc3a9c3aeedccee94f15c2c8f1
024c98c2cc5fd5abbe46d5376bdf741e0171c231
eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d

HTTP Headers

GET /upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/webp
content-length: 5660
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6650
content-disposition: inline; filename="v5mpxydlmyj1112v5mpxydlmyj341679.webp"
etag: "6371b223-19fa"
last-modified: Mon, 14 Nov 2022 03:12:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76cde86aeaaab521-OSL
X-Firefox-Spdy: h2

3p8801.co/11-960x60.gif

142.0.131.26

200 OK

242 kB

URL HTTP/2
3p8801.co/11-960x60.gif
IP
142.0.131.26:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
242 kB (242091 bytes)
Hash
b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2

HTTP Headers

GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Tue, 20 Dec 2022 02:55:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f69b740f861aeb5e296803a4b6b6f949
a1edaab61f73b90f48abff56b75014a88ab15104
bea5d198f12401eac48e7ad7bcaf2e143f5fb7342ba9322a1c46cce9f86e2edf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEA5D198F12401EAC48E7AD7BCAF2E143F5FB7342BA9322A1C46CCE9F86E2EDF"
Last-Modified: Fri, 18 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14423
Expires: Sun, 20 Nov 2022 06:56:02 GMT
Date: Sun, 20 Nov 2022 02:55:39 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg

104.22.12.214

200 OK

15 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
15 kB (15124 bytes)
Hash
ed85e297a6c1d5fa16b95f55dfa0b8a8
24a3c89ce0813a87d057eff94e5070e0e40b1b00
af1bd45b96ab4b53da2bdd704f1426d66bbb87f0327a39b599bfa08504fe2c43

HTTP Headers

GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/jpeg
content-length: 15124
last-modified: Sun, 05 Jan 2020 11:58:53 GMT
etag: "5e11cf7d-3b14"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86a4a43b521-OSL
X-Firefox-Spdy: h2

kvkaaa.top/0eddc09b941df608c7dbb65fd7344c05.gif

104.21.235.136

200 OK

501 kB

URL HTTP/2
kvkaaa.top/0eddc09b941df608c7dbb65fd7344c05.gif
IP
104.21.235.136:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 384 x 216\012- data
Size
501 kB (500709 bytes)
Hash
034336a5237349a60154dea96de80b58
3542d0bbdf703508930fc994eabce17681c818fa
602d2dfc2f528acbe33ca7ff13c163f8ea4f908fc7aed58c4d3a50a5931ccc0d

HTTP Headers

GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvkaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 500709
last-modified: Sun, 26 Jun 2022 12:08:26 GMT
etag: "62b84c3a-7a3e5"
expires: Fri, 16 Dec 2022 22:06:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 276555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWRIjSebCzF5IzbibLHr%2FNoAnVI4%2Bwud6FOdy89JTGsY5ji7sEB76ONJbiUEVIihqhfKnDFpLmLnvjSeYkrXibatRnDW%2BUKzs%2BniXqcAatU02s%2BBBYbFuowxlf5m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86c9df3bc9d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif

104.21.235.65

200 OK

756 kB

URL HTTP/2
kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP
104.21.235.65:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
756 kB (755861 bytes)
Hash
c2dc0ed33af046deabc8a896c8ca57ca
b4f888334f869de4eb3dddd6b7542b0e2922f36a
c613a49de134cd30594eb822368a4a16eb3de0648b857ad44d872944c4bd407a

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvthhh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 755861
last-modified: Thu, 06 Oct 2022 15:26:58 GMT
etag: "633ef3c2-b8895"
expires: Sun, 18 Dec 2022 10:31:12 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 145466
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTkB5m1E2eymEjJmpog%2BntdorVOiNWP%2FkK5r0i3qP4ckoAfVOCYMZ6Tvrxie9nYbKjpnyMJbN%2B%2FLS6QE5SrJOva9V0FXZdFTKaIxIykqa8VTWYRUu8lVypvT%2F3rh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86c9d2471de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvthhh.top/7546c860e55fa3bf22e5cd95994dd097.gif

104.21.235.65

200 OK

937 kB

URL HTTP/2
kvthhh.top/7546c860e55fa3bf22e5cd95994dd097.gif
IP
104.21.235.65:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 384 x 216\012- data
Size
937 kB (936553 bytes)
Hash
f33b09c01587b81863cd4e66a993fe0f
832b925eac330d932e6a880732fc1017df52d5c7
73de3f0be825260919b92f3d90c6bd74e7e4337103ac2da6499cbf87c5a9aeb6

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvthhh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/gif
content-length: 936553
last-modified: Sat, 08 Oct 2022 11:36:34 GMT
etag: "634160c2-e4a69"
expires: Sat, 10 Dec 2022 11:28:58 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 833201
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dt%2B6vCAzJ9bEZ1lUe4%2FlbtxhEjDRi34XkB1um36%2BVRSiWzIc%2BQBmw5YITvyDpxB5OCFw%2FkjsmNMpOWno%2FOcn1WK8VRnewffBtc8RQVOJNBj680AXGaQeZlY%2FoJmG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86ccd5071de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

339282bdb.com/e20f57018fba490b9af887342222147f.gif

103.170.15.104

200 OK

553 kB

URL HTTP/1.1
339282bdb.com/e20f57018fba490b9af887342222147f.gif
IP
103.170.15.104:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
553 kB (552818 bytes)
Hash
097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e20f57018fba490b9af887342222147f.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b939b-86f72"
Date: Thu, 17 Nov 2022 07:52:27 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-34
Content-Length: 552818

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/ks5zwagq1nk1617ks5zwagq1nk302855.jpg

104.22.12.214

200 OK

7.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/ks5zwagq1nk1617ks5zwagq1nk302855.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.8 kB (7782 bytes)
Hash
4244ed73d9b2831247c1652e1761a79a
bcb52cbf69dccba60f837297f1e6503dd2a7f77e
cf61b56c5941d8f6ae2d5ec46e673e16644c23fd6251c5d1c1c86c3c47c8cf8c

HTTP Headers

GET /upload/vod/2022/11-19/16/ks5zwagq1nk1617ks5zwagq1nk302855.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/jpeg
content-length: 7782
last-modified: Sat, 19 Nov 2022 08:17:30 GMT
etag: "6378911a-1e66"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86a5a4ab521-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
54bc8ba697035573df539001c66a054b
c13d6e5f9a5e58720dc8360b39d61b7b7a6160ef
175481b194211ada379e1e9fe21d311ba305f7034357ec5fcaa66f754e5abfee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 00:43:06 GMT
Expires: Thu, 24 Nov 2022 00:43:05 GMT
Etag: "c13d6e5f9a5e58720dc8360b39d61b7b7a6160ef"
Cache-Control: max-age=337045,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde86c7f6eb515-OSL

kvkaaa.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif

104.21.235.136

200 OK

1.6 MB

URL HTTP/2
kvkaaa.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
104.21.235.136:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
1.6 MB (1590489 bytes)
Hash
59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5

HTTP Headers

GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvkaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sun, 26 Jun 2022 12:04:30 GMT
etag: "62b84b4e-1844d9"
expires: Tue, 13 Dec 2022 14:58:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 561441
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjWk1ylpc46VtU6AqZo1sQSKQCgtM2VpJQKnHnuadNJAtwuryRTeEMz759Ouk6PYzSnJV10ULSW05Eap%2BpotqmqxtSEqLIogdNbq7juGJtha8624Dnb%2BHMkJ14BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86c9de5bc9d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif

20.189.126.156

200 OK

258 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
258 kB (257993 bytes)
Hash
038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:38:52 GMT
ETag: "1667486333"
Expires: Sat, 03 Dec 2022 14:38:52 GMT
Last-Modified: Thu, 03 Nov 2022 14:38:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/5ltbnok4ya516175ltbnok4ya5282851.jpg

104.22.12.214

200 OK

9.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/5ltbnok4ya516175ltbnok4ya5282851.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.6 kB (9558 bytes)
Hash
174a865716057d79c532c9eff1eef7af
bc71514ce582042bc3a128b6b7ab415b2c993976
745069f0a198e25e1705d5472b99308d57097953edf968f7c67632d3271a3117

HTTP Headers

GET /upload/vod/2022/11-19/16/5ltbnok4ya516175ltbnok4ya5282851.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/jpeg
content-length: 9558
last-modified: Sat, 19 Nov 2022 08:17:28 GMT
etag: "63789118-2556"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86a8a65b521-OSL
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif

20.189.126.156

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (211695 bytes)
Hash
0b39ec7c3e074e11a5629819f3aa4700
df59dbbb9d99b72d01f518d9c8484cd188440f0f
f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8

HTTP Headers

GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:33:58 GMT
ETag: "1668166438"
Expires: Sun, 11 Dec 2022 11:33:58 GMT
Last-Modified: Fri, 11 Nov 2022 11:33:58 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif

20.189.126.156

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (212163 bytes)
Hash
14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:20 GMT
ETag: "1667486459"
Expires: Sat, 03 Dec 2022 14:40:20 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:59 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif

20.189.126.156

200 OK

245 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
245 kB (245365 bytes)
Hash
15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:39:44 GMT
ETag: "1667486385"
Expires: Sat, 03 Dec 2022 14:39:44 GMT
Last-Modified: Thu, 03 Nov 2022 14:39:45 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg

104.22.12.214

200 OK

6.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.7 kB (6690 bytes)
Hash
05f2d499574a909e3d4481d992f267b0
0c0bc7768cd1dd27b4b64b88715670f3f36c4139
4dbb1bb362388cbf7e19be52908b9ad791a82dfa2395d93b034b08abc2c4b5a8

HTTP Headers

GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/jpeg
content-length: 6690
last-modified: Fri, 14 Oct 2022 08:48:28 GMT
etag: "6349225c-1a22"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86a9a71b521-OSL
X-Firefox-Spdy: h2

api.79zxcv.com/js/dom.js

3.1.217.64

200 OK

4.8 kB

URL HTTP/1.1
api.79zxcv.com/js/dom.js
IP
3.1.217.64:0
ASN
#16509 AMAZON-02

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1791)
Size
4.8 kB (4779 bytes)
Hash
271c3e5f6f883bf1187eb95946d8246e
4b32995d1e5dce4ba696e0aaf57794db6884d2b6
a5451841cb1edffb1130d0e4c564cfeb352d7f2283665a4d01221f84dc72c1fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/dom.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1d8c96ac8343425"
Last-Modified: Fri, 16 Sep 2022 01:22:27 GMT
Server: Tengine
X-Cache-Status: MISS
Content-Encoding: gzip

lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg

104.22.12.214

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (11646 bytes)
Hash
0fd9e30bf183760cb3d5e6d2535d108c
114b052b82c208c8275cf20f9a6fb94c58a0b3a8
31dd1a2fc797f169e47c10224b73cdf7c8dc3a66cfaa8a2d4013bf82d78840ff

HTTP Headers

GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/jpeg
content-length: 11646
last-modified: Fri, 08 Nov 2019 02:16:53 GMT
etag: "5dc4d015-2d7e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86ada9bb521-OSL
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
9fa7c27fe4e29ebaf860e46575e7f9f2
2bb39fa9425fdf4b01d310d0499142d261b0ed76
ac396e2aecc19869d850b8ac0368b45f038b8324c1fa4862c0c8231acd8fe052

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "AC396E2AECC19869D850B8AC0368B45F038B8324C1FA4862C0C8231ACD8FE052"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4030
Expires: Sun, 20 Nov 2022 04:02:49 GMT
Date: Sun, 20 Nov 2022 02:55:39 GMT
Connection: keep-alive

zhibo128x.xyz/128/318X216.gif

154.83.25.141

200 OK

90 kB

URL HTTP/1.1
zhibo128x.xyz/128/318X216.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 318 x 216\012- data
Size
90 kB (89870 bytes)
Hash
fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d

HTTP Headers

GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 20 Nov 2022 02:55:18 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Wed, 30 Nov 2022 00:43:29 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg

104.22.12.214

200 OK

9.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.4 kB (9431 bytes)
Hash
c14ef0669eea5d7f6c877160858dcf4e
8fac7da66842f9ca8e53daabf89536d804e0fc5a
a503ce3f189dc92d17bddc5a40a5ed820ea98ee04ab9822b9b252f643e572879

HTTP Headers

GET /upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/jpeg
content-length: 9431
last-modified: Fri, 08 Nov 2019 02:15:17 GMT
etag: "5dc4cfb5-24d7"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86aeaa7b521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg

104.22.12.214

200 OK

6.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.8 kB (6775 bytes)
Hash
64b2241c86605cffe885af74a5a1f64e
29bab4447c2625557b56476c9180b66a1fbb85f0
12fad1d9011560be85717c7e42ebc633552ec82759fec8b5b8edbf86e90e3d0b

HTTP Headers

GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/jpeg
content-length: 6775
last-modified: Fri, 08 Nov 2019 01:13:23 GMT
etag: "5dc4c133-1a77"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86adaa5b521-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/3oh0emvvkvi16173oh0emvvkvi292853.jpg

104.22.12.214

200 OK

9.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/3oh0emvvkvi16173oh0emvvkvi292853.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.1 kB (9090 bytes)
Hash
fd877dce7212b04f68b750a3e93cf045
1475998f1897b2354ec8bd9ccbcb8f407fd2c800
73b613f06b558d609876661476bdcf010558e3c4c8f924b841d231c56d497da9

HTTP Headers

GET /upload/vod/2022/11-19/16/3oh0emvvkvi16173oh0emvvkvi292853.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/jpeg
content-length: 9090
last-modified: Sat, 19 Nov 2022 08:17:29 GMT
etag: "63789119-2382"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86afaafb521-OSL
X-Firefox-Spdy: h2

kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif

172.67.216.219

200 OK

1.0 MB

URL HTTP/2
kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP
172.67.216.219:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
1.0 MB (1024160 bytes)
Hash
52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvkfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sat, 10 Dec 2022 11:21:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 833671
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3QRCtrP%2FXVjYva41Y7sqlqc8noW0tCsNz7bxojuwS4Xbh8so7A8LY0E%2FvlyFt30kjaUiRpEv0O0eWVFKR0UYcL%2F9e9uKjXKw9qayk5LN3lcMleYn1GUc35kXluJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86efdedb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

613711567.com/4aa44d1866a149878b6b79cadb7ab527.gif

47.75.19.145

200 OK

748 kB

URL HTTP/1.1
613711567.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP
47.75.19.145:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 750 x 120\012- data
Size
748 kB (748166 bytes)
Hash
dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608

HTTP Headers

GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 613711567.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 20 Nov 2022 02:55:37 GMT
Content-Type: image/gif
Content-Length: 748166
Connection: keep-alive
x-oss-request-id: 637997290E14E433306D7842
Accept-Ranges: bytes
ETag: "DC16C165D9DA37BF4A9E9596A765425C"
Last-Modified: Fri, 23 Sep 2022 09:19:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3478477367098298607
x-oss-storage-class: Standard
Content-MD5: 3BbBZdnaN79KnpWWp2VCXA==
x-oss-server-time: 2

tt.1468tu.com/58tu/960x100.gif

43.153.174.204

200 OK

166 kB

URL HTTP/1.1
tt.1468tu.com/58tu/960x100.gif
IP
43.153.174.204:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 100\012- data
Size
166 kB (165870 bytes)
Hash
ac63ac5a8f69ce5bd9f5c6dbcbe5e449
ea0e3a5a67615ba236262770bfbf9aacaaf59ef8
c509935cc565a4e97603bb9ae7ed879b22b0ac048e825cd771be70b69ce0842d

HTTP Headers

GET /58tu/960x100.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: image/gif
Content-Length: 165870
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 08:09:12 GMT
ETag: "b6ce236cffd6d81:0"
X-Powered-By: ASP.NET
Server: X-Y
X-Cache-Status: HIT
Accept-Ranges: bytes

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
484eae288a905b0fc5fbe769cce463be
7bf5a6d86ce26f5604132a4f0308b600bbb13591
02d6267281d8faee18da752e58070b9a1f91087ad4d5071b0bd55bdacf4dbc6b

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 17:36:51 GMT
Expires: Fri, 25 Nov 2022 17:36:50 GMT
Etag: "7bf5a6d86ce26f5604132a4f0308b600bbb13591"
Cache-Control: max-age=484270,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde86f080bb4f4-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a0f8508df310f7bc5b81b02801a52b23
fba1908c6bc8e5076259c8098fd1ab395c89fb23
7b5ff39653ecc9bca96997b99419fe9cc0dd645d66360afbbee732578a766d69

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 06:12:21 GMT
Expires: Thu, 24 Nov 2022 06:12:20 GMT
Etag: "fba1908c6bc8e5076259c8098fd1ab395c89fb23"
Cache-Control: max-age=356800,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde86e5faeb4f4-OSL

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
653dddb1babfcdbd3babd2fe31079348
67f6a24da0cd5ab2bea5eb3e36be95c205e0294f
c411149f65e142985b8e7d019a48f4435f0985f9a22d73dbdcdc32c0bf6392b7

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=625
Date: Sun, 20 Nov 2022 02:55:39 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
653dddb1babfcdbd3babd2fe31079348
67f6a24da0cd5ab2bea5eb3e36be95c205e0294f
c411149f65e142985b8e7d019a48f4435f0985f9a22d73dbdcdc32c0bf6392b7

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=625
Date: Sun, 20 Nov 2022 02:55:39 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
653dddb1babfcdbd3babd2fe31079348
67f6a24da0cd5ab2bea5eb3e36be95c205e0294f
c411149f65e142985b8e7d019a48f4435f0985f9a22d73dbdcdc32c0bf6392b7

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=625
Date: Sun, 20 Nov 2022 02:55:39 GMT
Connection: keep-alive
X-N: S

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif

20.189.126.156

200 OK

133 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
133 kB (133073 bytes)
Hash
f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

kvkfff.top/9f40845b27097d68beff34e10f37d7ef.gif

172.67.216.219

200 OK

45 kB

URL HTTP/2
kvkfff.top/9f40845b27097d68beff34e10f37d7ef.gif
IP
172.67.216.219:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 300 x 150\012- data
Size
45 kB (45267 bytes)
Hash
f290cbd6e3db05d8539291b35a96a5a6
1ddfc4b6940f79c029084b39280921231962a5f9
c2c3b89f6ccc9df70f4ecca798dab047531f8652831ed831f5adeb13a3b5cf12

HTTP Headers

GET /9f40845b27097d68beff34e10f37d7ef.gif HTTP/1.1
Host: kvkfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/gif
content-length: 45267
last-modified: Wed, 25 May 2022 13:52:17 GMT
etag: "628e3491-b0d3"
expires: Wed, 14 Dec 2022 01:07:25 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 524894
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Kubhp%2Bajq0rapHSaRrREs8MTz1vJfDOniEdjB0m1ZjpvgbRKqz2WZBObqW1R4DhjKwk0pMdyI9ozk3e4nayIE7NSy6ljqmyXQujhL8fGtNzVCurfUwX9J37YRHc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde86fde41b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif

20.189.126.156

200 OK

132 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
132 kB (131724 bytes)
Hash
6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:15 GMT
ETag: "1667486415"
Expires: Sat, 03 Dec 2022 14:40:15 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:15 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9ac9db0ef58fe773f645cdac5f1a8464
a8a29795e96d71e520390fe40f3432cc7a72e887
3527aa9f076a15658fd27fdc1fca7451bd828653365283bd35d5523a8e493eb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 01:44:19 GMT
Expires: Fri, 25 Nov 2022 01:44:18 GMT
Etag: "a8a29795e96d71e520390fe40f3432cc7a72e887"
Cache-Control: max-age=427118,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde86fe9bb1bfa-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
1155834ca80231f2b911094b3ba43039
5794746b860a82e80fa3032a486a36588b0aa1c3
c2289346d621d3436d44e96d267c5d29964a3502153049b90ad22d9735853efd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 13:28:29 GMT
Expires: Sat, 26 Nov 2022 13:28:28 GMT
Etag: "5794746b860a82e80fa3032a486a36588b0aa1c3"
Cache-Control: max-age=555768,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde86fe910b515-OSL

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif

20.189.126.156

200 OK

143 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
143 kB (142810 bytes)
Hash
e7fa5fab9c6f638bf6e867ab976713a1
0e04672bf56def9eb8eef15e9aedc4b6ead6dd05
1145d5d9f499e6f3e2818a598b72cf02ff750ba41752bc94ff06513a522ee23e

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958053685368.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:20:59 GMT
ETag: "1667550059"
Expires: Sun, 04 Dec 2022 08:20:59 GMT
Last-Modified: Fri, 04 Nov 2022 08:20:59 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
b847d964bc380453cb4ddab1ca4f5852
9d0cb6bdb1fe8f0446ad8c203d2f8e02daa44b8c
96debc6020bd5fcdcc860c2c3efcd4e0adb376697df485032a39d983e0101571

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "96DEBC6020BD5FCDCC860C2C3EFCD4E0ADB376697DF485032A39D983E0101571"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sun, 20 Nov 2022 08:55:38 GMT
Date: Sun, 20 Nov 2022 02:55:39 GMT
Connection: keep-alive

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif

20.189.126.156

200 OK

261 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
261 kB (261015 bytes)
Hash
68ca80e6c19384277e66f07f304b6ed7
680dea475bf73401cd981b5d64f81a23c5536fed
cdbf4e9a6e9fd6b14415c2039f70aef83ec4067c4d82510246096432cd8b93a8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894189710457.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:45:32 GMT
ETag: "1667493932"
Expires: Sat, 03 Dec 2022 16:45:32 GMT
Last-Modified: Thu, 03 Nov 2022 16:45:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
14e63f7b5e0c9d27364989127993d6f4
0a1bc57d17c3eead84e211d98f56ea52f0950459
eebe700a0b6ec29cc67276f0751ac53e20eb328236f3ecfd2f15d54cf71d0d21

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EEBE700A0B6EC29CC67276F0751AC53E20EB328236F3ECFD2F15D54CF71D0D21"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6705
Expires: Sun, 20 Nov 2022 04:47:24 GMT
Date: Sun, 20 Nov 2022 02:55:39 GMT
Connection: keep-alive

kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif

172.67.218.101

200 OK

864 kB

URL HTTP/2
kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
172.67.218.101:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
864 kB (864004 bytes)
Hash
d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Sun, 18 Dec 2022 05:33:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 163307
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyIss4vm9sMU%2BzKSwL0F8hO1BurQbn3iPhlhdX2nGZVGM4Zg2rUxFjyAbiWXbHisIVvjlau1CoT7DQpcgel2rlDxeEeA3a3FUj7IneJK9X3GpxBBvAi%2FK1izXKrt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde8709fc10b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/white.css

173.231.38.5

200 OK

6.3 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/white.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
6.3 kB (6301 bytes)
Hash
d7b9b6c00db742847246dff0a86e1456
5a3ea844e9ed6d601dd734da7a05cfef9d503271
a7463481b275d0ada72f13aa1d4cc2a0f390eb4d734885fa65528bb8a45bce85

HTTP Headers

GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Sun, 20 Nov 2022 14:55:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
07100469331a1e148844dd808e023468
d9520f3d12de70321f71f1630231feaf24af434c
02bb2852e81188aef9d209248bd56e724831445296b098154f92fabb8b70aa59

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128818
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:39 GMT
Etag: "6378eb5d-117"
Expires: Mon, 21 Nov 2022 14:42:37 GMT
Last-Modified: Sat, 19 Nov 2022 14:42:37 GMT
Server: nginx
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09902378c445bac501e6a67a4d95af64
c246ad6f027e28dcda4f4bd5d2974f646cf073cd
7974ea45091165db0eb2454f8d4ec03f44f1d337497c04ae04bb51748c57fdb5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7974EA45091165DB0EB2454F8D4EC03F44F1D337497C04AE04BB51748C57FDB5"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21518
Expires: Sun, 20 Nov 2022 08:54:17 GMT
Date: Sun, 20 Nov 2022 02:55:39 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b39983c42bd146d6360a72a561b79ad8
2c6b13bc5d8e32c8c72093ac7a8617a2499eba4c
2e0940a25956c6025072a8ed58ddc6f5904b14ff19e531bdfcc4492f6e16700e

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif

20.189.126.156

200 OK

157 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
157 kB (157109 bytes)
Hash
b2ab67245d12303f5bbafd7d9b5f0114
44e3a620562fb6e6542b21d4ff534057d7dbe116
44748a35ac18f29a7fb6aa261701604648c5a5c2edf8b6a4d7789ef52b992afe

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958086287321.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:21:31 GMT
ETag: "1667550091"
Expires: Sun, 04 Dec 2022 08:21:31 GMT
Last-Modified: Fri, 04 Nov 2022 08:21:31 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif

20.189.126.156

200 OK

138 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
138 kB (137556 bytes)
Hash
bd3f6c291cab93e830a11147c254ba40
84e34f4b6d924250b792926a4000b057496a171c
f83c49320f5c7ebedeeb3c449113fc15dd505bcc55a074c6c4cbebc3fb3a209f

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958002923244.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:20:07 GMT
ETag: "1667550008"
Expires: Sun, 04 Dec 2022 08:20:07 GMT
Last-Modified: Fri, 04 Nov 2022 08:20:08 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

zhibo128x.xyz/128/960x120.gif

154.83.25.141

200 OK

647 kB

URL HTTP/1.1
zhibo128x.xyz/128/960x120.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 120\012- data
Size
647 kB (647290 bytes)
Hash
4fd1179d632274467f2d161456d79264
7e14d27cde6b11c437d17d7abf8ea273a5e63798
4a24512ccf73527d8996dc5a02acc63fe7fcb7c9f9ae22cac178345c6d46361c

HTTP Headers

GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 20 Nov 2022 02:55:18 GMT
Content-Type: image/gif
Content-Length: 647290
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:08:16 GMT
ETag: "634113d0-9e07a"
Expires: Wed, 30 Nov 2022 00:43:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg

172.247.77.250

200 OK

8.8 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.8 kB (8829 bytes)
Hash
75a7a64965e27d7748ea85d184361d04
972f4b7ca8c0f8a58fddb4b87231dc475f01c13e
d6840d9c333a0f4780180bb8c686f50a01f687a2610684e9d396d49e6715b908

HTTP Headers

GET /upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 8829
Last-Modified: Sat, 12 Nov 2022 06:29:44 GMT
Connection: keep-alive
ETag: "636f3d58-227d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg

172.247.77.250

200 OK

8.0 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.0 kB (8028 bytes)
Hash
94cce198be510e7dad60f740fbecec8c
8314c91f10f5ec38742b3780681e6cec16190d2e
59267bae18e01a3c0744581e1376c17fd507651854a3122056d887b4d9e66f0a

HTTP Headers

GET /upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 8028
Last-Modified: Sat, 12 Nov 2022 06:28:09 GMT
Connection: keep-alive
ETag: "636f3cf9-1f5c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
07100469331a1e148844dd808e023468
d9520f3d12de70321f71f1630231feaf24af434c
02bb2852e81188aef9d209248bd56e724831445296b098154f92fabb8b70aa59

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128818
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:39 GMT
Etag: "6378eb5d-117"
Expires: Mon, 21 Nov 2022 14:42:37 GMT
Last-Modified: Sat, 19 Nov 2022 14:42:37 GMT
Server: nginx
Content-Length: 279

sysupload.csiteadmin.com/static/uploads/image/x22/20221011/1665488736300773.gif

20.189.126.156

200 OK

144 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221011/1665488736300773.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
144 kB (143652 bytes)
Hash
8daacd0fa11caf19d79c021488006888
a8f6cf9ab8a92ac90a0a43b89bccf574cfe1b7ce
78538e6491052878c6d573ac5fa7deab612a7dfc3b8916147c8bfd81ae7ceb59

HTTP Headers

GET /static/uploads/image/x22/20221011/1665488736300773.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 03:00:09 GMT
ETag: "1668135609"
Expires: Sun, 11 Dec 2022 03:00:09 GMT
Last-Modified: Fri, 11 Nov 2022 03:00:09 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif

20.189.126.156

200 OK

259 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
259 kB (258804 bytes)
Hash
70649fd49138ca6897fe0c9365470117
f0cbcec39497ab084adb72c03a6225c2144c6866
48f51d425b1ad9363336bc2edf9009cbfd17d0c24f817fe60fec9e6ed258e5b0

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894256451036.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:37:39 GMT
ETag: "1667486259"
Expires: Sat, 03 Dec 2022 14:37:39 GMT
Last-Modified: Thu, 03 Nov 2022 14:37:39 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif

20.189.126.156

200 OK

279 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
279 kB (278909 bytes)
Hash
cbbb3d8ff70b59b11fd1182f7e5d77e9
06af5df2b2aeaa07b578979ee331b52e1f298323
f62a633b62c1dea5bca396206d4956bf14db30141e6e524bf3a00e3588c1c893

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894518194257.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:11:40 GMT
ETag: "1667491901"
Expires: Sat, 03 Dec 2022 16:11:40 GMT
Last-Modified: Thu, 03 Nov 2022 16:11:41 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

fmlb.netlbtu.com/upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg

172.247.77.250

200 OK

9.6 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.6 kB (9613 bytes)
Hash
f6d5cdf2907fb31c463cc373838d12d3
bbe5419ff8861df45fd2af60c585f9cbcc814a38
bb3f04b6f333f07ea6a77fb23d0e1d2bb6501708e8302004cd194f9cf2b917bd

HTTP Headers

GET /upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 9613
Last-Modified: Sat, 12 Nov 2022 06:28:09 GMT
Connection: keep-alive
ETag: "636f3cf9-258d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg

172.247.77.250

200 OK

7.8 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
7.8 kB (7756 bytes)
Hash
0f1c4007154f75c35d75f408e001bc6a
64724f653ce003586c12680c0ede2638533b9404
ebe54255a4390cb473cf6c734a3dba31e94a9ade9d5b9443eb2e2c5ed46c4f3e

HTTP Headers

GET /upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 7756
Last-Modified: Sat, 12 Nov 2022 06:28:09 GMT
Connection: keep-alive
ETag: "636f3cf9-1e4c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg

172.247.77.250

200 OK

5.1 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.1 kB (5133 bytes)
Hash
b4fe691a1e1838c9f1478958a1755ecc
342f266ceede5184e9cc944325d5644aad9373cd
e16caff401e9c45407df43293ca846a805d8a8fa2893df39b000d5e76bdb4969

HTTP Headers

GET /upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 5133
Last-Modified: Sat, 12 Nov 2022 06:28:09 GMT
Connection: keep-alive
ETag: "636f3cf9-140d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
236ff4d4d26ffa6332f2abc9d6935b1a
b0366768f7d7738c88f805b3102fa6242551a642
1c7606b34d35dfa94f6afafba3e721fe05a750b2a749ada1dcc56c71d7fde3fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:39 GMT
Etag: "63781888-116"
Server: ECS (amb/6BAD)
Content-Length: 278

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958351815456.gif

20.189.126.156

200 OK

122 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958351815456.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
122 kB (122077 bytes)
Hash
37114d23edd40ed9e0901b4a9719e67b
203de7186613dabd8a3468c1869544447c99edaa
3c27d4f44ba0e325468830935351ed317f9db77d46ff0d07154900e5f41ec4de

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958351815456.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:25:55 GMT
ETag: "1667550356"
Expires: Sun, 04 Dec 2022 08:25:55 GMT
Last-Modified: Fri, 04 Nov 2022 08:25:56 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif

120.77.166.72

200 OK

112 kB

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 640 x 350\012- data
Size
112 kB (112297 bytes)
Hash
8bb96c4387fdae545693ec79e18c0278
e0428e9c4e3f04c38ef89e236c37e523151329c6
0222f1b7240cf95fca28796002c45ea1b6cd976750e3223f25d2aaeeb1b6c106

HTTP Headers

GET /1212/af640x350.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: image/gif
Content-Length: 112297
Connection: keep-alive
x-oss-request-id: 6379972A7D8D3F36304A0F56
Accept-Ranges: bytes
ETag: "8BB96C4387FDAE545693EC79E18C0278"
Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9438539724646848523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i7lsQ4f9rlRWk+x54YwCeA==
x-oss-server-time: 3

nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif

104.21.55.74

200 OK

1.1 MB

URL HTTP/2
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
1.1 MB (1082384 bytes)
Hash
a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 472905
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6IXCqxYY021JSy8fGmZCVGwXj%2BcmA5lySSgZRPZ2aJXIz3X32X%2BlXzE%2FZp0dZgLTNCi7XCMEjwWJwvkbZGq9SPdRHkl0Rv15TSLbb9WBMgAjIjfyK1%2BVpOVar%2BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde871fe1cb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif

104.21.5.141

200 OK

740 kB

URL HTTP/2
kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
104.21.5.141:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
740 kB (739561 bytes)
Hash
5318e42d25e6b9b53726d8166248cc33
762b03c16562865a9a58a02dba471f78608376db
b632e7a04d032c4853a8460e9d636ac032f697db8f50cfee6a6016587ed8f62c

HTTP Headers

GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/gif
content-length: 739561
last-modified: Mon, 02 May 2022 19:20:49 GMT
etag: "62702f11-b48e9"
expires: Wed, 14 Dec 2022 10:00:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 492918
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QehU56FackaETyGB%2F%2BAlENtqhl07tYjLtaOnFTLX%2F6MYol3cQOVCc8a0d7iKPHsoRbCUHjvHhoApUsttms5Mcb4v2tQjBhyBmGw7ifdGHuRsQxUTFqXc3iloa81v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde871f8dfb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif

103.170.15.104

200 OK

62 kB

URL HTTP/1.1
829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif
IP
103.170.15.104:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
62 kB (61957 bytes)
Hash
a39609b18140975f8099754386591e3c
5758379628e0102c65a87bd04cbe5158e43a94b0
fcd1a2d3584bb5dd209871dca8cef09495c9b1a3651ee204f87319e9b4a670de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f22c9bb27e174bb0b6dd1b2034189f8f.gif HTTP/1.1
Host: 829355rff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba2a2-f205"
Date: Mon, 14 Nov 2022 16:34:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:36:34 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-34
Content-Length: 61957

fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg

172.247.77.250

200 OK

14 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
14 kB (14304 bytes)
Hash
8943af77fc234d1e4a935f8ff3007471
5316de2c0e183897735ae3f64ddc21172c9427bf
0bd345fe3484025bd9e72a45f52e661e91f606531c48f60f97a39f598187acad

HTTP Headers

GET /upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 14304
Last-Modified: Sat, 12 Nov 2022 06:30:31 GMT
Connection: keep-alive
ETag: "636f3d87-37e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif

104.21.55.74

200 OK

524 kB

URL HTTP/2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 325 x 143\012- data
Size
524 kB (523775 bytes)
Hash
2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:39 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Fri, 16 Dec 2022 18:59:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 287785
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZvFNyCWZhHeXa6uYYg25AwFkLOb5g09CzjQvQisixGxnTBSlQ0oNd2KCVwDFaz6BxlthSS6psc19tN82vldCImg98yADwJHd229ozJ%2Fs3ctKh9CjmwaTLz45SDC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde8728e56b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-16/13/shyle4d5u5e1307shyle4d5u5e355159.jpg

172.247.77.250

200 OK

10 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-16/13/shyle4d5u5e1307shyle4d5u5e355159.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10010 bytes)
Hash
210017a2e4c4bc0fc1e2bb38b6dc0fc0
0ca2944bba6b226edf9e34e946be5b89514c2b8e
ad7473be1790573e9adb33a0ff6c934dd11f20dfc8b4f4802cdd56744cca7cdc

HTTP Headers

GET /upload/vod/2022/09-16/13/shyle4d5u5e1307shyle4d5u5e355159.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 10010
Last-Modified: Sat, 12 Nov 2022 06:29:10 GMT
Connection: keep-alive
ETag: "636f3d36-271a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js

173.231.38.5

200 OK

66 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
66 kB (66143 bytes)
Hash
edf16a9c773db2f5529fad5323da0dca
b2968bc349d262a45eb0923266fb385341c90adb
98b628103b668dca5d9e93e987c279b555f0ee6879de77c79c4f9d66de2a16d5

HTTP Headers

GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:35 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 15:57:59 GMT
vary: Accept-Encoding
etag: W/"63765a07-520"
expires: Sun, 20 Nov 2022 14:55:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958058465466.gif

20.189.126.156

200 OK

119 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958058465466.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
119 kB (118706 bytes)
Hash
3af8a82b93e6db570c683b4c6e5f0450
937c3dd1c9fffec78b039ec5973008e928e279bf
ea57b0fdaf3bb2d726e9677a4b7ac267b8ca18b7e8e4abcb6b8e02fa6e89b383

HTTP Headers

GET /static/uploads/image/x26/20221005/1664958058465466.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:54 GMT
ETag: "1667551194"
Expires: Sun, 04 Dec 2022 08:39:54 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

gg72a1.com/gg/960x60-2.gif

137.175.13.103

200 OK

567 kB

URL HTTP/2
gg72a1.com/gg/960x60-2.gif
IP
137.175.13.103:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
567 kB (566629 bytes)
Hash
c9fa1542af8b7e568dc7b3a56522b833
1449fff789834cb44c300d12d770eeb251a4bbd5
7db19a9e96ed52f61b3b4c76bf6cac9259ae0b3e9d18eb597320c30a0e4e1e90

HTTP Headers

GET /gg/960x60-2.gif HTTP/1.1
Host: gg72a1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:57:52 GMT
content-type: image/gif
content-length: 566629
last-modified: Tue, 01 Nov 2022 07:49:47 GMT
etag: "6360cf9b-8a565"
expires: Tue, 20 Dec 2022 02:57:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-08/12/4dwy2314pki12444dwy2314pki362215.jpg

172.247.77.250

200 OK

9.5 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-08/12/4dwy2314pki12444dwy2314pki362215.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
9.5 kB (9467 bytes)
Hash
94c69091495ef3e545231f727e40b561
0fffd4d05b26675001000dc46926327972741c7b
51dc5b5deef050157098695832c70c3a73260dc3279b6ea9d977f8b88f6eda29

HTTP Headers

GET /upload/vod/2022/09-08/12/4dwy2314pki12444dwy2314pki362215.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 9467
Last-Modified: Sat, 12 Nov 2022 06:27:24 GMT
Connection: keep-alive
ETag: "636f3ccc-24fb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0

47.246.44.230

200 OK

358 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
IP
47.246.44.230:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 440 x 240\012- data
Size
358 kB (358276 bytes)
Hash
40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43

HTTP Headers

GET /obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Fri, 21 Oct 2022 06:41:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:37:28 GMT
nw-session-id: 20221021143728010175136074453D5CBFz8wd402dy
nw-session-trace: 2022-10-21T14:37:28.551011358+08:00 71
x-bdcdn-cache-status: TCP_HIT
x-length: 358276
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:37:28 GMT
x-tt-logid: 20221021143728010175136074453D5CBF
via: n204-098-037, cache6.l2de2[0,0,206-0,H], cache14.l2de2[4,0], cache14.l2de2[5,0], cache1.se1[0,0,200-0,H], cache7.se1[6,0]
x-request-ip: fdbd:dc01:25:80::214
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=6
x-tt-trace-host: 0117853d8cc79e5d77738cab4f594f364156c824771e29f615804f746fdb99e074612b530aaff0431fb3c2f771771ecafad581836a17d7ab7f11b242956cf29bfa52e7a0c525a19a5811d03d87a864a9c15e73d6d056b582e53a7965d856d36e13
x-response-lb: image
ali-swift-global-savetime: 1666334511
age: 2578428
x-cache: HIT TCP_MEM_HIT dirn:4:248525172
x-swift-savetime: Fri, 21 Oct 2022 08:23:11 GMT
x-swift-cachetime: 31529920
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16689129399036008e
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b

47.246.44.230

200 OK

671 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
IP
47.246.44.230:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 640 x 480\012- data
Size
671 kB (670683 bytes)
Hash
61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732

HTTP Headers

GET /obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Thu, 17 Nov 2022 09:56:30 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:55:25 GMT
nw-session-id: 2022111717552501021215407711A62A30gssbd01dy
nw-session-trace: 2022-11-17T17:55:25.464172237+08:00 112
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:55:25 GMT
x-tt-logid: 2022111717552501021215407711A62A30
via: n150-112-092, cache19.l2de2[0,0,206-0,H], cache23.l2de2[1,0], cache23.l2de2[1,0], cache5.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc02:22:46::67
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01cfccd32c5e1a783b72d466dfb851035424d9c214b15e2551324859da14babbe5c664f7803f8f96b1fb8ed72bc03373bb55302f8999c39e09a08bf7537dc15e34343ba02446508d50ad70dc53783f68c07e2868004cf183a104aa896f426b8863
x-response-lb: image
ali-swift-global-savetime: 1668678990
age: 233949
x-cache: HIT TCP_MEM_HIT dirn:1:293055142 mlen:0
x-swift-savetime: Fri, 18 Nov 2022 23:41:56 GMT
x-swift-cachetime: 31400074
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16689129399196021e
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664957978608725.gif

20.189.126.156

200 OK

108 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664957978608725.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
108 kB (108092 bytes)
Hash
44f342e4357af0d5256493db6e7fc924
2f62b8f1d1c167566367105d5cae6dc52dc73133
156f4985af424639dd35a2ec1f77217a45781e148a4504f4109b48c2d71a0cfa

HTTP Headers

GET /static/uploads/image/x26/20221005/1664957978608725.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:54 GMT
ETag: "1667551194"
Expires: Sun, 04 Dec 2022 08:39:54 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958243131147.gif

20.189.126.156

200 OK

133 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958243131147.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
133 kB (132742 bytes)
Hash
917f961ed729bc558e9962fd1484dbe2
f0962f3292c4097bb4f6a4ae63ca765714c7262d
51fd38511ac427eaad10ac504a836bb4ad732c51176e3cf8a6eca65df60302eb

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958243131147.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:24:09 GMT
ETag: "1667550249"
Expires: Sun, 04 Dec 2022 08:24:09 GMT
Last-Modified: Fri, 04 Nov 2022 08:24:09 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664957962898269.gif

20.189.126.156

200 OK

136 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664957962898269.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
136 kB (135617 bytes)
Hash
e2b3f17c74651d10d199dc95cb7bdf21
173e21137df4427a1bb417a60162e604fa43fe36
590d8375f2b0dd21dc6eecc7a14f3e939b3f4838784f0e1da463aa29a36e3a61

HTTP Headers

GET /static/uploads/image/x22/20221005/1664957962898269.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:19:26 GMT
ETag: "1667549966"
Expires: Sun, 04 Dec 2022 08:19:26 GMT
Last-Modified: Fri, 04 Nov 2022 08:19:26 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif

47.56.33.17

200 OK

294 kB

URL HTTP/1.1
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
IP
47.56.33.17:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 1000 x 120\012- data
Size
294 kB (294418 bytes)
Hash
b5f554e2887180883376a154c0d49550
054d301265d3dcfae8744965a1ecd81c39d938c9
07cb8aac7eb97f735999f176016eb0f26e1b4958acfb3924d22c9ff901250b2a

HTTP Headers

GET /b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif HTTP/1.1
Host: aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: image/gif
Content-Length: 294418
Connection: keep-alive
x-oss-request-id: 6379972A23C0543830A910D1
Vary: Origin
Accept-Ranges: bytes
ETag: "B5F554E2887180883376A154C0D49550"
Last-Modified: Tue, 25 Jan 2022 08:46:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7927258656666560621
x-oss-storage-class: Standard
Content-Disposition: inline;filename=899E8306-3565-4974-AD46-916F3A0C3E17.gif
Content-MD5: tfVU4ohxgIgzdqFUwNSVUA==
x-oss-server-time: 1

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ce38ac8eccbe3141c5ed9e2af2efa402
2a0dd667bb8e6e2a60d70db77e1c15db0d30e3e6
b6f41deb14f8563b98a58ce50bfb3625779821287f9afd43dbd06aa65356b0a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90679
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:39 GMT
Etag: "63785662-117"
Expires: Mon, 21 Nov 2022 04:06:58 GMT
Last-Modified: Sat, 19 Nov 2022 04:06:58 GMT
Server: nginx
Content-Length: 279

taiwtp1.com/img/960240.gif

220.128.218.220

200 OK

224 kB

URL HTTP/2
taiwtp1.com/img/960240.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 960 x 240\012- data
Size
224 kB (223879 bytes)
Hash
a39bb27f09ccd6961fe1c0f3074a8b97
0e914bc58abc78e7275d3c639e2aeb548313d627
269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

HTTP Headers

GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:53:18 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Tue, 20 Dec 2022 02:53:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif

47.75.19.69

200 OK

944 kB

URL HTTP/1.1
1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif
IP
47.75.19.69:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
944 kB (944089 bytes)
Hash
aa2183d37f4bb3e32799aa7559d6828b
9d75c1091c801574931943dc3e4fe4ff38118950
2db5c59fac7361ef8ba376e459ccbe1c98beb6b831dac82d855ca8a0324b4eab

HTTP Headers

GET /se/lq.gif HTTP/1.1
Host: 1088hg01.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: image/gif
Content-Length: 944089
Connection: keep-alive
x-oss-request-id: 6379972AE46B163631C5B6C1
Accept-Ranges: bytes
ETag: "AA2183D37F4BB3E32799AA7559D6828B"
Last-Modified: Sat, 05 Nov 2022 08:29:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9189525011022840236
x-oss-storage-class: Standard
Content-MD5: qiGD039Ls+Mnmap1WdaCiw==
x-oss-server-time: 1

taiwtp1.com/xin/225135.gif

220.128.218.220

200 OK

67 kB

URL HTTP/2
taiwtp1.com/xin/225135.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 225 x 135\012- data
Size
67 kB (67441 bytes)
Hash
81996a5d1fe46f845ff020017edba5cb
68dc488bcaf576c3c63394123998bb55ea79d121
6ee94aa6b2f278f4d4bff35da13d01e8ecc332464a23050f5a816fe18943b7aa

HTTP Headers

GET /xin/225135.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:53:18 GMT
content-type: image/gif
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Tue, 20 Dec 2022 02:53:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

885364.com/af487946377641ea8b2db51483f4b919.gif

47.75.19.145

200 OK

33 kB

URL HTTP/1.1
885364.com/af487946377641ea8b2db51483f4b919.gif
IP
47.75.19.145:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 250 x 150\012- data
Size
33 kB (33267 bytes)
Hash
bc3f27f450ad0ebd19370d3737fc2e07
f1ac03dc00b5370bafdfdc604cea7f8bbdb3d75b
f76a84ddee61f9d582915900d7074fbb4c989b9669c3f871fd9fbf465895cbe1

HTTP Headers

GET /af487946377641ea8b2db51483f4b919.gif HTTP/1.1
Host: 885364.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/gif
Content-Length: 33267
Connection: keep-alive
x-oss-request-id: 6379972B23C05434378A15D1
Accept-Ranges: bytes
ETag: "BC3F27F450AD0EBD19370D3737FC2E07"
Last-Modified: Tue, 02 Aug 2022 10:36:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2465277436600690179
x-oss-storage-class: Standard
Content-MD5: vD8n9FCtDr0ZNw03N/wuBw==
x-oss-server-time: 2

sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958027512691.gif

20.189.126.156

200 OK

271 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958027512691.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
271 kB (270639 bytes)
Hash
8a598123a6c21612760ffc08cd6ddd05
b6bc973f2e717c2077eae5f43163fde18981eb30
349c245fb89068bc9236b8960f553a1bca367b07e75b988f67383ca21ff68908

HTTP Headers

GET /static/uploads/image/x26/20221005/1664958027512691.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif

103.170.15.74

200 OK

161 kB

URL HTTP/1.1
585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
IP
103.170.15.74:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
161 kB (160599 bytes)
Hash
1e6146135f463f9dd5a91b6ec27e6dc6
b4871d778c720ce51a7c0e9fef07230b6ac0935a
ee63a02abc03ac35bb66a8010518568351f9215b346ffdc244f6b8926ff08519

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /41b638d808b64a4db1c3e57fb5622e78.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9085-27357"
Date: Wed, 16 Nov 2022 01:08:19 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:19:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-04
Content-Length: 160599

kvteee.top/68a7807de3933bf7079116fa9df99e6f.gif

104.21.233.123

200 OK

366 kB

URL HTTP/2
kvteee.top/68a7807de3933bf7079116fa9df99e6f.gif
IP
104.21.233.123:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
366 kB (366444 bytes)
Hash
86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kvteee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:40 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sat, 26 Nov 2022 13:27:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2035718
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y34dWJohH5mY%2FAEqL3Ja9gZe7iAG35I54qMceQICev6nYADCx5XCjDiWE3C1TkSPmlhEYsEg1i5v9s2hqYI4DM0vsXd%2F%2BKnS6%2B9kEmL4jauoctK5rpGsqrQapq0j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cde873fd4a88bf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

666000258.com/255135rtty.gif

143.92.39.222

200 OK

35 kB

URL HTTP/1.1
666000258.com/255135rtty.gif
IP
143.92.39.222:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 255 x 135\012- data
Size
35 kB (34826 bytes)
Hash
adad3e3515693f015a473d88f32bbabc
1410cbd70835abc7915573df681e7917109ba7e8
1897e4020f1879d1edaa700251165d27cfca2f5ea0771f641c1a75183243a1a5

HTTP Headers

GET /255135rtty.gif HTTP/1.1
Host: 666000258.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/gif
Content-Length: 34826
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 09:59:06 GMT
ETag: "6353beea-880a"
Expires: Tue, 20 Dec 2022 02:22:33 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cloudflare
X-Cache-Status: HIT
Accept-Ranges: bytes

p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7Eplz8ttes6N1rzCHupKUIqwPqCxFgm81icSmocldWcBI/0

43.154.254.32

200 OK

231 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7Eplz8ttes6N1rzCHupKUIqwPqCxFgm81icSmocldWcBI/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 60\012- data
Size
231 kB (231270 bytes)
Hash
2f2c8ec52149276d3ef1c493494dcdd9
f6f8e0965653c402469862d8cdc7e57df1ddc846
a1274ed00e690cfe012e394ca855570f6ebb32e625385597f8ecb5110e444a08

HTTP Headers

GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7Eplz8ttes6N1rzCHupKUIqwPqCxFgm81icSmocldWcBI/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 20 Nov 2022 02:55:38 GMT
content-type: image/gif
content-length: 231270
vary: Accept,Origin
last-modified: Sat, 19 Nov 2022 16:28:33 GMT
cache-control: max-age=2592000
x-delay: 46492 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 231270
chid: 0
fid: 0
x-nws-log-uuid: 6b7aacd9-25ca-4711-9f33-b915bdc51726
X-Firefox-Spdy: h2

fmlb.netlbtu.com/images/2021/7/13/dmm63.jpg

172.247.77.250

200 OK

84 kB

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/13/dmm63.jpg
IP
172.247.77.250:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x540, components 3\012- data
Size
84 kB (84376 bytes)
Hash
4247a5813e257e24ad687a5dde264395
e7793006d63339ec63cd11ec9b9859c743a7ba44
29e570b6ba63330d62e2ae5de3f5abaf6e07dbac5b2e19d19e030d24c5ecd8d3

HTTP Headers

GET /images/2021/7/13/dmm63.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/jpeg
Content-Length: 84376
Last-Modified: Sat, 12 Nov 2022 07:17:40 GMT
Connection: keep-alive
ETag: "636f4894-14998"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
b244d5ea385120f4d6be6062225e0791
b5458566eea0389602330eec0c0f3a6301e4929c
42af8a2aa6f7a725172e7a7b530b21fd1ed66416e608765aaeb1ebf3163519f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 20 Nov 2022 02:55:40 GMT
Last-Modified: Sat, 19 Nov 2022 08:54:50 GMT
ETag: "637899da-1d7"
Expires: Mon, 21 Nov 2022 08:54:50 GMT
Cache-Control: max-age=107950
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1668912940
Via: cache3.l2de2[293,292,200-0,M], cache3.l2de2[294,0], cache3.se1[316,315,200-0,M], cache3.se1[317,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 20 Nov 2022 02:55:40 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716689129399977373e

ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
af7e763ea9c3d70adca828f6168ff0b0
476eb296b294aaff489f07c8f502a39cd8952083
b62777288d60208ede66cb302912afd5fbf2120782e9cc4fcdf7ee1a82f26449

HTTP Headers

POST /s/gts1p5/mxpEmQKZIUM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
7a4f3e7d63fb2664f574e3c20ee01c75
3f41d00e31b635cb411bf55b795f767520b597a7
98ba88ff061fe6bc16bd6cfcd6a506645cb4d28a03d14c43dd49e27cbd85dd72

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:55:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 10:05:43 GMT
Expires: Sat, 26 Nov 2022 10:05:42 GMT
Etag: "3f41d00e31b635cb411bf55b795f767520b597a7"
Cache-Control: max-age=543601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cde864fb27b4e8-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
2bc3615194e2df554da6a6350663d79e
35f1a0fc9c273012887f9024e6451bf8d66b736b
44a3b1bfdfaa762aa26a770bb65e9690a193f003a7cd6b3dd879137cda61db86

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "44A3B1BFDFAA762AA26A770BB65E9690A193F003A7CD6B3DD879137CDA61DB86"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Sun, 20 Nov 2022 08:55:21 GMT
Date: Sun, 20 Nov 2022 02:55:40 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
9fa7c27fe4e29ebaf860e46575e7f9f2
2bb39fa9425fdf4b01d310d0499142d261b0ed76
ac396e2aecc19869d850b8ac0368b45f038b8324c1fa4862c0c8231acd8fe052

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "AC396E2AECC19869D850B8AC0368B45F038B8324C1FA4862C0C8231ACD8FE052"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4029
Expires: Sun, 20 Nov 2022 04:02:49 GMT
Date: Sun, 20 Nov 2022 02:55:40 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
14e63f7b5e0c9d27364989127993d6f4
0a1bc57d17c3eead84e211d98f56ea52f0950459
eebe700a0b6ec29cc67276f0751ac53e20eb328236f3ecfd2f15d54cf71d0d21

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EEBE700A0B6EC29CC67276F0751AC53E20EB328236F3ECFD2F15D54CF71D0D21"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6704
Expires: Sun, 20 Nov 2022 04:47:24 GMT
Date: Sun, 20 Nov 2022 02:55:40 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
07100469331a1e148844dd808e023468
d9520f3d12de70321f71f1630231feaf24af434c
02bb2852e81188aef9d209248bd56e724831445296b098154f92fabb8b70aa59

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=128818
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:40 GMT
Etag: "6378eb5d-117"
Expires: Mon, 21 Nov 2022 14:42:38 GMT
Last-Modified: Sat, 19 Nov 2022 14:42:37 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif

120.77.166.119

200 OK

540 kB

URL HTTP/1.1
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP
120.77.166.119:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
540 kB (539555 bytes)
Hash
f90b8bf8612b18c79e67580f4b9dec6e
99c934b5bdfa99699ee3629dd28f33a74f4e5c1b
a54b481c5ef1752d4b4534fce464b73c117870bf776d85fb489d35c446d37e8c

HTTP Headers

GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: image/gif
Content-Length: 539555
Connection: keep-alive
x-oss-request-id: 6379972AC19798353159C080
Accept-Ranges: bytes
ETag: "F90B8BF8612B18C79E67580F4B9DEC6E"
Last-Modified: Mon, 10 Oct 2022 07:43:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12644736064967929141
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: +QuL+GErGMeeZ1gPS53sbg==
x-oss-server-time: 1

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
b244d5ea385120f4d6be6062225e0791
b5458566eea0389602330eec0c0f3a6301e4929c
42af8a2aa6f7a725172e7a7b530b21fd1ed66416e608765aaeb1ebf3163519f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 20 Nov 2022 02:55:40 GMT
Last-Modified: Sat, 19 Nov 2022 08:54:50 GMT
ETag: "637899da-1d7"
Expires: Mon, 21 Nov 2022 08:54:50 GMT
Cache-Control: max-age=107950
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1668912940
Via: cache5.l2de2[480,480,200-0,M], cache5.l2de2[481,0], cache8.se1[504,503,200-0,M], cache8.se1[505,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 20 Nov 2022 02:55:40 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16689129400016481e

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
b244d5ea385120f4d6be6062225e0791
b5458566eea0389602330eec0c0f3a6301e4929c
42af8a2aa6f7a725172e7a7b530b21fd1ed66416e608765aaeb1ebf3163519f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 20 Nov 2022 02:55:40 GMT
Last-Modified: Sat, 19 Nov 2022 08:54:50 GMT
ETag: "637899da-1d7"
Expires: Mon, 21 Nov 2022 08:54:50 GMT
Cache-Control: max-age=107950
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1668912940
Via: cache3.l2de2[475,474,200-0,M], cache3.l2de2[475,0], cache4.se1[498,497,200-0,M], cache4.se1[501,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 20 Nov 2022 02:55:40 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816689129400258216e

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b39983c42bd146d6360a72a561b79ad8
2c6b13bc5d8e32c8c72093ac7a8617a2499eba4c
2e0940a25956c6025072a8ed58ddc6f5904b14ff19e531bdfcc4492f6e16700e

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e9d7fb0d0694102dc579561c4a3107e2
947d7d42893aa5924915887ae5b36263e1ffbbff
4c54aa3a1f1cfda82b486b861af9a55023e1b5b0bd984717ac39bf8809e469a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 20 Nov 2022 02:55:40 GMT
Last-Modified: Sun, 20 Nov 2022 00:18:49 GMT
ETag: "63797269-1d7"
Expires: Tue, 22 Nov 2022 00:18:49 GMT
Cache-Control: max-age=163389
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1668912940
Via: cache5.l2de2[516,516,200-0,M], cache5.l2de2[520,0], cache3.se1[542,542,200-0,M], cache3.se1[543,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 20 Nov 2022 02:55:40 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716689129400287409e

static.qwahk.com/960x60.gif

206.119.105.166

200 OK

477 kB

URL HTTP/1.1
static.qwahk.com/960x60.gif
IP
206.119.105.166:0
ASN
#140224 STARCLOUD GLOBAL PTE., LTD.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
477 kB (477289 bytes)
Hash
760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd

HTTP Headers

GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 477289
Content-Type: image/gif;charset=UTF-8
Date: Fri, 04 Nov 2022 05:24:22 GMT
ETag: "1667539462"
Last-Modified: Fri, 04 Nov 2022 05:24:22 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 anxun42:2 (W)
X-Cache: HIT, server, disk
X-Px: ms anxun42000(origin)
X-Reqid: 201921416722818020221104132422Vjecd9ZYsampled
X-Ws-Request-Id: 6364a206_anxun42_30023-57835

539397377.com/db431bafa2474156b9fddc3d9c277b4d.gif

47.75.19.145

200 OK

177 kB

URL HTTP/1.1
539397377.com/db431bafa2474156b9fddc3d9c277b4d.gif
IP
47.75.19.145:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 240 x 140\012- data
Size
177 kB (176976 bytes)
Hash
5c383b781891f009bfe7545eb03e78d9
75d4973454dc1243aeb3e10c8f58033b904f55a0
3fcb048f35db216dd311386f685b6dd7ed68384951f09cc018287cdb49d1d35b

HTTP Headers

GET /db431bafa2474156b9fddc3d9c277b4d.gif HTTP/1.1
Host: 539397377.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 20 Nov 2022 02:55:39 GMT
Content-Type: image/gif
Content-Length: 176976
Connection: keep-alive
x-oss-request-id: 6379972BF27FBE343783E39C
Accept-Ranges: bytes
ETag: "5C383B781891F009BFE7545EB03E78D9"
Last-Modified: Fri, 23 Sep 2022 09:18:01 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8278321731206139918
x-oss-storage-class: Standard
Content-MD5: XDg7eBiR8Am/51ResD542Q==
x-oss-server-time: 1

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e9d7fb0d0694102dc579561c4a3107e2
947d7d42893aa5924915887ae5b36263e1ffbbff
4c54aa3a1f1cfda82b486b861af9a55023e1b5b0bd984717ac39bf8809e469a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 20 Nov 2022 02:55:40 GMT
Last-Modified: Sun, 20 Nov 2022 00:18:49 GMT
ETag: "63797269-1d7"
Expires: Tue, 22 Nov 2022 00:18:49 GMT
Cache-Control: max-age=163389
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1668912940
Via: cache19.l2de2[481,480,200-0,M], cache19.l2de2[481,0], cache3.se1[504,503,200-0,M], cache3.se1[505,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 20 Nov 2022 02:55:40 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716689129401367490e

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ce38ac8eccbe3141c5ed9e2af2efa402
2a0dd667bb8e6e2a60d70db77e1c15db0d30e3e6
b6f41deb14f8563b98a58ce50bfb3625779821287f9afd43dbd06aa65356b0a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90678
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:55:40 GMT
Etag: "63785662-117"
Expires: Mon, 21 Nov 2022 04:06:58 GMT
Last-Modified: Sat, 19 Nov 2022 04:06:58 GMT
Server: nginx
Content-Length: 279

www.jxys12.xyz/template/m1938pc/static/css/1.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/1.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:35 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Sun, 20 Nov 2022 14:55:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.2559u.com/images/636ce31fc474e9c06ec29f98.gif

3.36.126.81

302 Found

0 B

URL HTTP/2
img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/636ce31fc474e9c06ec29f98.gif HTTP/1.1
Host: img.2559u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
cache-control: max-age=3600
X-Firefox-Spdy: h2

img.u1779.com/images/63523e155fe50f0585d3ef82.gif

3.36.126.81

302 Found

0 B

URL HTTP/2
img.u1779.com/images/63523e155fe50f0585d3ef82.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/63523e155fe50f0585d3ef82.gif HTTP/1.1
Host: img.u1779.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
cache-control: max-age=3600
X-Firefox-Spdy: h2

sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif

120.77.166.72

200 OK

0 B

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /af/q960x120-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 20 Nov 2022 02:55:38 GMT
Content-Type: image/gif
Content-Length: 478685
Connection: keep-alive
x-oss-request-id: 6379972A9B92023335E62998
Accept-Ranges: bytes
ETag: "5BF732E915BAF1D960C69A7DFEB3EF7C"
Last-Modified: Tue, 27 Sep 2022 07:43:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8402549840524505905
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: W/cy6RW68dlgxpp9/rPvfA==
x-oss-server-time: 1

img.8961x.com/images/636ce2e7c474e9c06ec29f97.gif

3.36.126.81

302 Found

0 B

URL HTTP/2
img.8961x.com/images/636ce2e7c474e9c06ec29f97.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/636ce2e7c474e9c06ec29f97.gif HTTP/1.1
Host: img.8961x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a
cache-control: max-age=3600
X-Firefox-Spdy: h2

img.1129555.com/images/6375e9e9e718d3da5a918058.gif

3.36.126.81

302 Found

0 B

URL HTTP/2
img.1129555.com/images/6375e9e9e718d3da5a918058.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6375e9e9e718d3da5a918058.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
cache-control: max-age=3600
X-Firefox-Spdy: h2

acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif

91.195.240.12

403 Forbidden

0 B

URL HTTP/2
acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
IP
91.195.240.12:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /3c1bcbe1527d69a7efc3687b42d7ea1f.gif HTTP/1.1
Host: acoosso.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Sun, 20 Nov 2022 02:55:38 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2

yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg

113.96.208.98

200 OK

0 B

URL HTTP/2
yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg
IP
113.96.208.98:0
ASN
#4134 Chinanet

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg HTTP/1.1
Host: yzf.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:55:40 GMT
content-type: image/jpeg
set-cookie: tgw_l7_route=f269fee9b6566b9c6f92d3317870bb0e; Expires=Sun, 20-Nov-2022 03:00:40 GMT; Path=/
server: nginx/1.12.2
last-modified: Mon, 14 Nov 2022 12:16:03 GMT
x-content-type-options: nosniff
x-xss-protection: 1
x-request-id: 301f351354265a289231b08d50327e1e
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/bootstrap.min.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/bootstrap.min.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:55:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Sun, 20 Nov 2022 14:55:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif

20.189.126.156

200 OK

0 B

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP
20.189.126.156:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

img.9712x.com/images/63523e235fe50f0585d3ef83.gif

3.36.126.81

302 Found

0 B

URL HTTP/2
img.9712x.com/images/63523e235fe50f0585d3ef83.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/63523e235fe50f0585d3ef83.gif HTTP/1.1
Host: img.9712x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
cache-control: max-age=3600
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations