r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Sat, 04 Feb 2023 09:46:47 GMT
Date: Sat, 04 Feb 2023 08:42:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e051e6e01b12b9ad6e0014603f93431a
ada9efe77054d8593f2687fb3a7eada8908ef7e8
c41be8ffe176ca674efb0588164fdfd237754c6b5b461f8f46387b96ae7d6090
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41BE8FFE176CA674EFB0588164FDFD237754C6B5B461F8F46387B96AE7D6090"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10218
Expires: Sat, 04 Feb 2023 11:32:53 GMT
Date: Sat, 04 Feb 2023 08:42:35 GMT
Connection: keep-alive
farzanatradings.com/fakedon/panel/admin.php
45.38.67.227301 Moved Permanently 0 B URL HTTP/1.1 farzanatradings.com/fakedon/panel/admin.php
IP 45.38.67.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /fakedon/panel/admin.php HTTP/1.1
Host: farzanatradings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:42:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.farzanatradings.com/fakedon/panel/admin.php
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 08:36:14 GMT
content-type: application/json
age: 381
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19494
Expires: Sat, 04 Feb 2023 14:07:29 GMT
Date: Sat, 04 Feb 2023 08:42:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Td0APaIDW/cl2AIWay6b7qBw5tFJeOhAnnCdgyu6MaYPNP+Jt3xDO3fzzHWbaMQIBTx/i8zJuYb/eB8k/DbNQA==
x-amz-request-id: 6VYK1MDT962BNTS8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 07:52:45 GMT
age: 2990
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:35 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.farzanatradings.com/fakedon/panel/admin.php
45.38.67.227200 OK 785 B URL HTTP/1.1 www.farzanatradings.com/fakedon/panel/admin.php
IP 45.38.67.227:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 95f70900bdc810006d2d9175e2863017
46679af77890c8f3a4ea12c4eb5263b8c1028497
49c6b69fabc1ee6f97821c6c46fde967dca32a6edeea04213544dc43a6e1f164
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /fakedon/panel/admin.php HTTP/1.1
Host: www.farzanatradings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:42:36 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 08:07:19 GMT
age: 2117
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.farzanatradings.com/tj.js
45.38.67.227200 OK 518 B URL HTTP/1.1 www.farzanatradings.com/tj.js
IP 45.38.67.227:0
File type ASCII text, with CRLF line terminators
Hash 07d2296c13405e1ad4978c7c5a155584
a3fa3d971fec551df0c555d3769aa9ca8defe68d
6ab8aad3bd8e6cc503f3129adebfd1a595b0193395475046e6f75a60c851ae31
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tj.js HTTP/1.1
Host: www.farzanatradings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.farzanatradings.com/fakedon/panel/admin.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:42:36 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8847
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 08:42:36 GMT
Connection: keep-alive
www.farzanatradings.com/common.js
45.38.67.227200 OK 731 B URL HTTP/1.1 www.farzanatradings.com/common.js
IP 45.38.67.227:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash f63a4f194e69de9077f1aae1670a571c
d0b348cbf645925a69ac0acdce68242724e793b8
f374101b0037217aaa17518c281d23452433df2e1bbbacb652a3cdccfdc0e994
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /common.js HTTP/1.1
Host: www.farzanatradings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.farzanatradings.com/fakedon/panel/admin.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:42:36 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.149.38.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.38.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BDCAV6D34iQSvMcRZQ0plA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J5B+Jz1/amPNFvGb8hDlO2B8AfY=
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.farzanatradings.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 08:42:36 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 08:42:36 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=6132D3DA315A6CCA8F2D716A9DD34F47:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 08:42:36 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 90e80ed529c18f22c11fa8fe060541a6
ff2ca757a8b53c477cf204c4ac2d8d290354937c
13b396b9704632dbf9ea8b0ea5aea2d10d812478f2717fc71cec14c722069684
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13B396B9704632DBF9EA8B0EA5AEA2D10D812478F2717FC71CEC14C722069684"
Last-Modified: Thu, 02 Feb 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9656
Expires: Sat, 04 Feb 2023 11:23:32 GMT
Date: Sat, 04 Feb 2023 08:42:36 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fd85c457807ba420192d9fdb1e3b2e76
1309191996088c5e1bce3f6d5ca5b8ea2ff489ad
7d1c4dba2f7a95c9ec75b4f5abeb2b9d66abc8650424b896152f4d27fd3b4a8c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 06:27:25 GMT
ETag: "1309191996088c5e1bce3f6d5ca5b8ea2ff489ad"
Last-Modified: Sat, 04 Feb 2023 06:27:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1843
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79421d2cfd33b51e-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fd85c457807ba420192d9fdb1e3b2e76
1309191996088c5e1bce3f6d5ca5b8ea2ff489ad
7d1c4dba2f7a95c9ec75b4f5abeb2b9d66abc8650424b896152f4d27fd3b4a8c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 06:27:25 GMT
ETag: "1309191996088c5e1bce3f6d5ca5b8ea2ff489ad"
Last-Modified: Sat, 04 Feb 2023 06:27:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1843
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79421d2d0ce3b521-OSL
www.farzanatradings.com/favicon.ico
45.38.67.227200 OK 1.2 kB URL HTTP/1.1 www.farzanatradings.com/favicon.ico
IP 45.38.67.227:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.farzanatradings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.farzanatradings.com/fakedon/panel/admin.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:42:37 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 09 Feb 2023 08:42:37 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.farzanatradings.com/fakedon/panel/admin.php
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.farzanatradings.com/fakedon/panel/admin.php
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.farzanatradings.com/fakedon/panel/admin.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.farzanatradings.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 08:42:37 GMT
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3113
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:42:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3113
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:42:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3113
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:42:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3113
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:42:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:30:47 GMT
age: 29511
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 38214
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:14:12 GMT
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
age: 37706
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 38237
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 38791
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 8554
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?1d14cb490b8ebd7e33dfb2bc1ca75731
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1d14cb490b8ebd7e33dfb2bc1ca75731
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash d89c01e3318ddc720051b0082e328575
d175f182eac360469fb8d61ff9da1df66cea69d5
6d4d031707487a09c916e08b1fd901f15e0afd0d6506af79e4d6860c55ea01be
GET /hm.js?1d14cb490b8ebd7e33dfb2bc1ca75731 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.farzanatradings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 08:42:37 GMT
Etag: d52ffdf043b7255dcf4e6c7feafe25e3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EA99F56753B3E028; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1865934389&si=1d14cb490b8ebd7e33dfb2bc1ca75731&v=1.3.0&lv=1&sn=32383&r=0&ww=1280&u=http%3A%2F%2Fwww.farzanatradings.com%2Ffakedon%2Fpanel%2Fadmin.php&tt=%E9%82%B3%E5%B7%9E%E5%B3%AD%E7%8B%99%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1865934389&si=1d14cb490b8ebd7e33dfb2bc1ca75731&v=1.3.0&lv=1&sn=32383&r=0&ww=1280&u=http%3A%2F%2Fwww.farzanatradings.com%2Ffakedon%2Fpanel%2Fadmin.php&tt=%E9%82%B3%E5%B7%9E%E5%B3%AD%E7%8B%99%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1865934389&si=1d14cb490b8ebd7e33dfb2bc1ca75731&v=1.3.0&lv=1&sn=32383&r=0&ww=1280&u=http%3A%2F%2Fwww.farzanatradings.com%2Ffakedon%2Fpanel%2Fadmin.php&tt=%E9%82%B3%E5%B7%9E%E5%B3%AD%E7%8B%99%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.farzanatradings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 08:42:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=46213C3B653D727B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?1d14cb490b8ebd7e33dfb2bc1ca75731
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1d14cb490b8ebd7e33dfb2bc1ca75731
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash eb22cdc3484059ebc1deb184efe088a4
9e63898f3b99f6182037a1e57296be2d4788f183
24557d70c8918a17eb746ee6c3e5a923a9c2c8da34f86e365ed39f2c226abd33
GET /hm.js?1d14cb490b8ebd7e33dfb2bc1ca75731 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.farzanatradings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: d52ffdf043b7255dcf4e6c7feafe25e3
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 08:42:38 GMT
Etag: 25d5995e742434bdafb3d79120e83c1b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=072BFCC6B03F059D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0d9cb4c512738f443a7ca25cd4b39516
9ffcaf31914497d5abcb955f54d0e392b08e404c
19c5da2f00a695b27be1fef874c2bf6d9d1a6d6bd551ee3bc0a59340174dec80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19C5DA2F00A695B27BE1FEF874C2BF6D9D1A6D6BD551EE3BC0A59340174DEC80"
Last-Modified: Fri, 03 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4671
Expires: Sat, 04 Feb 2023 10:00:30 GMT
Date: Sat, 04 Feb 2023 08:42:39 GMT
Connection: keep-alive
www.jxy23.xyz/template/m1938pc/html9/ads/1.gif
173.231.38.11200 OK 254 B URL HTTP/2 www.jxy23.xyz/template/m1938pc/html9/ads/1.gif
IP 173.231.38.11:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxy23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Mon, 06 Mar 2023 08:42:39 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 48c8d917c78e7f9387d2c594bfa50508
fa64eac0a004041baa0d3c44ee0fa3416664f13c
8982cfd469c027f831c3ae2c7fc090fa9226a81c8803e6f63be2d719723b4ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2002
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:39 GMT
Last-Modified: Sat, 04 Feb 2023 08:09:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 48c8d917c78e7f9387d2c594bfa50508
fa64eac0a004041baa0d3c44ee0fa3416664f13c
8982cfd469c027f831c3ae2c7fc090fa9226a81c8803e6f63be2d719723b4ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2002
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:39 GMT
Last-Modified: Sat, 04 Feb 2023 08:09:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
dimg04.c-ctrip.com/images/0101312000ae3dzr08E27.gif?proc=autoorient
104.110.17.24200 OK 63 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101312000ae3dzr08E27.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash 419573857f8eb1ef0362ea8e353c0b0e
b71294e20c82d9932989a9d88eab91d889a68611
be6e0321941d5d21535621aae7f59bd0fc4c5de90b5575b17ccff9d5725062c3
GET /images/0101312000ae3dzr08E27.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 62773
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5381820
expires: Fri, 07 Apr 2023 15:39:39 GMT
date: Sat, 04 Feb 2023 08:42:39 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bef83cc5259df23cdb11b725992c692f
7f0bc8e3efd53b0323b57a31cbacc46ed5b8bfe0
7106633528f127af1ccfe5e173aac9ae517d45ebfa4475472dcb1d6804168189
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7106633528F127AF1CCFE5E173AAC9AE517D45EBFA4475472DCB1D6804168189"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8208
Expires: Sat, 04 Feb 2023 10:59:27 GMT
Date: Sat, 04 Feb 2023 08:42:39 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 0b0e46ab96c798f7ccbbd384f6da01d9
976ae994b3497789c9c0a27941d3ab70367c9de9
788aecde178d3665bacaf0245d561d8508bc10402fd60a8edcc2181ef116afb7
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 04 Feb 2023 08:42:39 GMT
Connection: keep-alive
X-N: S
z4a.net/images/2023/01/14/960-60.gif
104.21.234.234200 OK 198 kB URL HTTP/2 z4a.net/images/2023/01/14/960-60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 198 kB (198523 bytes)
Hash 785b488cd18db17252bbc6e2e90d15fb
733a0183c583aaac34ffd5b1019d4a6ca25434c6
01982c41cd3165a9490c613aee197531461568a26d6691509076dfcb7c5438a4
GET /images/2023/01/14/960-60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: image/gif
content-length: 198523
expires: Sun, 14 Jan 2024 14:10:19 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1794739
last-modified: Sat, 14 Jan 2023 14:10:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2a9fuw%2FKVYvMfoTGEPMc8nvx8qADZjvOISMtFUso%2FEpfXsFSQZuZ8M0S3E7qsgdxlqdGKoWccsLvZw%2BlHMMjRdLSiACJPl8IfaRqS3QU9EXey7kJXQ8zFcUs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79421d3f5a3a71cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 48c8d917c78e7f9387d2c594bfa50508
fa64eac0a004041baa0d3c44ee0fa3416664f13c
8982cfd469c027f831c3ae2c7fc090fa9226a81c8803e6f63be2d719723b4ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:39 GMT
Etag: "63ddc901-117"
Server: ECS (amb/6BB0)
Content-Length: 279
z4a.net/images/2023/01/12/960x60.gif
104.21.234.234200 OK 351 kB URL HTTP/2 z4a.net/images/2023/01/12/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 351 kB (351002 bytes)
Hash 1fbf8164d728998b18362ec7b8d25518
89b704db462e7eba7ee7b49297d37526b0a96b62
3a7271d038244495bdf54aae544451e2e16e0283657de826631c246567c29f3d
GET /images/2023/01/12/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: image/gif
content-length: 351002
expires: Sun, 14 Jan 2024 14:10:19 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1794739
last-modified: Sat, 14 Jan 2023 14:10:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGVBkiPIQtOyP0pDPfwL%2BKBY9GiXtKEE2kjkUEhscoZQ7%2FQVDGfZVAp%2Frzi6Hn9YRgFT%2FEmSi052v8dPgQPsBWMuK1GanR4HUxpDtwTaGzDYI0nDaQbVp52C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79421d3f6a5a71cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/11/20/960x60.gif
104.21.234.234200 OK 578 kB URL HTTP/2 z4a.net/images/2022/11/20/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 578 kB (577945 bytes)
Hash 6ae710163cd11c12a73a693024c46410
43041b87b2040371a052bf1f83d401c263a32178
42da405262416c9fbaa04b2718406d4ea93501bfb99774fae4956b6eab7c1831
GET /images/2022/11/20/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: image/gif
content-length: 577945
expires: Wed, 06 Dec 2023 00:21:24 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 5214075
last-modified: Tue, 06 Dec 2022 00:21:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWBFPW6TKaDkeKAXOCnM2FPe3JGDInn1l0LypAvrYaFMeiPuF2DWqOgAzkTPeOubzTs0GTJS31HymiOEaPf8kQuqv7UuJn8UOCncrD63e4zvfqOOBbH9%2F9Xe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79421d3f7a6e71cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
image.tnmvgr.cn/oms.1511122.com/1672811127181-960x60.gif
47.246.44.206200 OK 109 kB URL HTTP/1.1 image.tnmvgr.cn/oms.1511122.com/1672811127181-960x60.gif
IP 47.246.44.206:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 109 kB (109246 bytes)
Hash e573c37ce1ba8b57e8dfb8fcd43368c9
f5da3a1479bfd18c820893899b5b478df5d02d3c
d9f97dfc186d336e8a5da72bffc7b70378bf87f68de9af20d59a8b88ff271d53
GET /oms.1511122.com/1672811127181-960x60.gif HTTP/1.1
Host: image.tnmvgr.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 109246
Connection: keep-alive
Date: Sat, 04 Feb 2023 08:11:42 GMT
x-oss-request-id: 63DE133E40F5A23034C08BC8
Vary: Origin
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E573C37CE1BA8B57E8DFB8FCD43368C9"
Last-Modified: Wed, 04 Jan 2023 05:45:27 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5454499210466108819
x-oss-storage-class: Standard
Content-MD5: 5XPDfOG6i1fo37j81DNoyQ==
x-oss-server-time: 16
Ali-Swift-Global-Savetime: 1675498302
Via: cache4.l2de2[0,0,304-0,H], cache15.l2de2[1,0], cache5.se1[0,0,200-0,H], cache3.se1[3,0]
Age: 1857
X-Cache: HIT TCP_MEM_HIT dirn:4:181318936
X-Swift-SaveTime: Sat, 04 Feb 2023 08:42:39 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9716755001599761944e
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 48c8d917c78e7f9387d2c594bfa50508
fa64eac0a004041baa0d3c44ee0fa3416664f13c
8982cfd469c027f831c3ae2c7fc090fa9226a81c8803e6f63be2d719723b4ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:39 GMT
Etag: "63ddc901-117"
Server: ECS (amb/6BBF)
Content-Length: 279
z4a.net/images/2023/01/14/960x60.gif
104.21.234.234200 OK 154 kB URL HTTP/2 z4a.net/images/2023/01/14/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 154 kB (153648 bytes)
Hash 9dba57370346d55925673f34e7b0f3bd
748523fa5829dd2d77a14fedc720fe784c9a5603
59d9f14d0e0b4d6083f3c7b7959fd39bd6d7279892e5d9969c8ae06eae7821d7
GET /images/2023/01/14/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 153648
expires: Sun, 14 Jan 2024 14:10:21 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1794739
last-modified: Sat, 14 Jan 2023 14:10:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXHeP2IUS69q2uzRCYxwxFUYbz3kx1gr3BZI89FRKcR2h06OoinskGjulVwmSzLN73PVBl9U76WcJ0YYOsZNNZ0DElAHo96869OOcWDNIw%2BuKN2gHHG3lJNq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79421d401b0271cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 117703a11a189eae6adab629975428a8
46637ef290487ee94252b821ab5535b1deeb6b3a
b73398f7b9773e9f746dddbf5b505e209356a22abbc4b4f866537af47d4ada21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5327
Cache-Control: max-age=169472
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:40 GMT
Etag: "63ddf8b1-117"
Expires: Mon, 06 Feb 2023 07:47:12 GMT
Last-Modified: Sat, 04 Feb 2023 06:18:25 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
z4a.net/images/2023/01/14/960x609bf3ba8d7c4c2fc7.gif
104.21.234.234200 OK 169 kB URL HTTP/2 z4a.net/images/2023/01/14/960x609bf3ba8d7c4c2fc7.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 169 kB (168777 bytes)
Hash 729a348b918f6435c5a38c8938a81587
f82b088813167cd5396bf74feedb4d8e35612dcf
cd580979947876de1d553e460e57bd4d7b432c682097f67c6249b667eb3c6726
GET /images/2023/01/14/960x609bf3ba8d7c4c2fc7.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 168777
expires: Sun, 14 Jan 2024 14:10:19 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1794741
last-modified: Sat, 14 Jan 2023 14:10:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW%2BttuPmj4z8fieeTOH0T%2FMiSddpgxuY7yKpc2p7OyCJyKTcwnsTevk7Jbweflauw8QqJ4r6JfHLtto3xlX6%2B27sx3nHnsdkpvQgxHEmu0X7NyxcmMx%2BL2Gh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79421d40cb6c71cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2023/01/14/960x60042b11717a2193cf.gif
104.21.234.234200 OK 303 kB URL HTTP/2 z4a.net/images/2023/01/14/960x60042b11717a2193cf.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 303 kB (302626 bytes)
Hash 85eb65de43588c3031c885128670f5cb
c012347086245faef4ac34370f2f5e28dd20b14a
7bc1cf9b1eb9cd61cd22407209476bb9b56ee393f431867bff1223bd26acd3ca
GET /images/2023/01/14/960x60042b11717a2193cf.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 302626
expires: Sun, 14 Jan 2024 13:27:31 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1797309
last-modified: Sat, 14 Jan 2023 13:27:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLNL0lOa32IVBNjZ%2BCpgCYfc3tNK9bA0ZnjxpJiq5cKcpBmJFu96DYZDZAMQmIfcKyeOAYxF9CuLE8ZNzjxrv4L3fXXJYRiTkH0te4lfGwDysNIa6zMfeYjr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79421d40db8671cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.jxy23.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
173.231.38.11200 OK 13 kB URL HTTP/2 www.jxy23.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP 173.231.38.11:0
File type Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Hash 99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxy23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxy23.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8fa569fc57b98459c6fd5931108df4c3
0d70bed2a6109b77472ae03a6fae8bff97bf3a93
a08931ee35f649a8c418fbef8ff2e7e86e9eadd2c94fa2c80c885038e4fb3307
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A08931EE35F649A8C418FBEF8FF2E7E86E9EADD2C94FA2C80C885038E4FB3307"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16424
Expires: Sat, 04 Feb 2023 13:16:24 GMT
Date: Sat, 04 Feb 2023 08:42:40 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d692cf1f0f7180a3f7f5e281ad1115ee
04f321003da80a052a99683ae145d5aaf3a0e165
7f535e40fe5e64773afa20f1be834d5b78f3ab7f9fe69cdab6397c1a1c4793b3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 08:20:10 GMT
Expires: Sat, 11 Feb 2023 08:20:09 GMT
Etag: "04f321003da80a052a99683ae145d5aaf3a0e165"
Cache-Control: max-age=602848,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d436a180b3d-OSL
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 8ece15acb15206923737b82a687977a1
acc38f6118c39e3fb2fff563ae59372939449343
fa1697ae732720ad7d9a18228d944321a277741159acc7676f07758f8793e9ce
GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 08:42:40 GMT
Etag: 382afa70fb5a1613be9e3774fbd84345
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AF0BFF67E967307D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7005df8a195909d03cfc6a3931d5c493
6f032b1dc60d028af55fc0dca53777779ea576af
4e13a26d8a666845236773a1611f123a176ca52bab49d1d04fad8337739572f9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 13:05:43 GMT
Expires: Fri, 10 Feb 2023 13:05:42 GMT
Etag: "6f032b1dc60d028af55fc0dca53777779ea576af"
Cache-Control: max-age=533581,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d435a0a0b3d-OSL
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash a5e54991a6737e99be47164b88b4b877
0afe1812ca4bcb1a8e553a15641caaf83092912a
7df121e2b588dfaa829e98b62b3919ea21b3c46a8063f374d1fa69b6709300a5
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 04 Feb 2023 08:42:40 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 48c8d917c78e7f9387d2c594bfa50508
fa64eac0a004041baa0d3c44ee0fa3416664f13c
8982cfd469c027f831c3ae2c7fc090fa9226a81c8803e6f63be2d719723b4ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:40 GMT
Last-Modified: Sat, 04 Feb 2023 08:42:40 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d692cf1f0f7180a3f7f5e281ad1115ee
04f321003da80a052a99683ae145d5aaf3a0e165
7f535e40fe5e64773afa20f1be834d5b78f3ab7f9fe69cdab6397c1a1c4793b3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 08:20:10 GMT
Expires: Sat, 11 Feb 2023 08:20:09 GMT
Etag: "04f321003da80a052a99683ae145d5aaf3a0e165"
Cache-Control: max-age=602848,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d438911b4e8-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d968af3b7962fef054afb4865ec1bac1
6335dcaa717685b12ccd62e473d6735f51d101d5
bad292640a7ff50596e2b1c0fac981e72734b66c837ab1190c0dfe3962ccce64
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 09:14:29 GMT
Expires: Thu, 09 Feb 2023 09:14:28 GMT
Etag: "6335dcaa717685b12ccd62e473d6735f51d101d5"
Cache-Control: max-age=433307,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d438be00b31-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0fec4493299a10d1d4c6ee5510ab964e
36c6ec8281c6af350cb2f5c500644b47ed5151fb
2f6addc2cad6efb997971f00d3228f2be384afc76151183da2d0ab214fba091b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 05:34:44 GMT
Expires: Thu, 09 Feb 2023 05:34:43 GMT
Etag: "36c6ec8281c6af350cb2f5c500644b47ed5151fb"
Cache-Control: max-age=420122,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d44ea45b4e8-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b17d144d2eec6d6e3595c96453ebe6b4
b7ce1a8c564588450975a49f6c81866d4c41def9
684d973438c12601bb3a79e32ce6eeb141d2ad1a4abcbe33746972471fb4c44c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2061
Cache-Control: max-age=110795
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:40 GMT
Etag: "63dd203e-117"
Expires: Sun, 05 Feb 2023 15:29:15 GMT
Last-Modified: Fri, 03 Feb 2023 14:54:54 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
lbfm.lbpictupian.com/upload/vod/2022/12/ykvbryflu2v.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ykvbryflu2v.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 47d37a5faeb9b9e9711d5f0d4144dd0f
904fdd70ddb03fc80cdb4ba832ca602b07e21824
c9cad32a7bfcd3216222ebdc1c2a7707715da1cdfc54edfe0b4c73cd7fd2a4ba
GET /upload/vod/2022/12/ykvbryflu2v.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/jpeg
content-length: 11451
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12037, status=webp_bigger
etag: "6395898e-2f05"
last-modified: Sun, 11 Dec 2022 07:41:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79421d4569b7b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/2nxpft14d5u.jpg
172.67.28.138200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/2nxpft14d5u.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cc5a56b00ddd1938d455c585bd1e5167
f17dd5566c92860a2ab68e389ba0ea571588a2c4
3e050f7887c25154299d9ca4e27c753e7fb4a5ff697be3fc0bce79825e32250f
GET /upload/vod/2023/02/2nxpft14d5u.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 6360
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7529
content-disposition: inline; filename="2nxpft14d5u.webp"
etag: "63ddfe32-1d69"
last-modified: Sat, 04 Feb 2023 06:41:54 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569bdb521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/0w1d0ayy2xk.jpg
172.67.28.138200 OK 4.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/0w1d0ayy2xk.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e95fbe28de36c322a52f47e3e7352a4
b4cfb44cd9636ca6c5d1674d5f8c2d453a893332
4a2fecb32ac4548b18e297c07ba55a5f6cd35ddc853b9badab7a75801fc2354c
GET /upload/vod/2023/02/0w1d0ayy2xk.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 3972
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6183
content-disposition: inline; filename="0w1d0ayy2xk.webp"
etag: "63ddfe3a-1827"
last-modified: Sat, 04 Feb 2023 06:42:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569c1b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/wkpsqn2hggv.jpg
172.67.28.138200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/wkpsqn2hggv.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6238203393e1322dd9731bc8671ef3ee
bf2da65e05e20f877e6f59e41bc1a4f18c004650
a9891a191269d9ee31daaee344337064ad45af8a9f21b8a98cd37c95dccb6730
GET /upload/vod/2023/02/wkpsqn2hggv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 9102
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9715
content-disposition: inline; filename="wkpsqn2hggv.webp"
etag: "63ddfe3e-25f3"
last-modified: Sat, 04 Feb 2023 06:42:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569c2b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/yzafduufvbz.jpg
172.67.28.138200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/yzafduufvbz.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0b6cb32dd69f3318455c96df3450b497
e4b5c4d652c3b1a4cffcfa26732d32161988a0cc
92120a04c648c54dc98aafd7df221a35fd0c9a4ab1f8436c980fb6489f4b6c21
GET /upload/vod/2023/02/yzafduufvbz.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 7506
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8591
content-disposition: inline; filename="yzafduufvbz.webp"
etag: "63ddfe35-218f"
last-modified: Sat, 04 Feb 2023 06:41:57 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569c0b521-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bef83cc5259df23cdb11b725992c692f
7f0bc8e3efd53b0323b57a31cbacc46ed5b8bfe0
7106633528f127af1ccfe5e173aac9ae517d45ebfa4475472dcb1d6804168189
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7106633528F127AF1CCFE5E173AAC9AE517D45EBFA4475472DCB1D6804168189"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8207
Expires: Sat, 04 Feb 2023 10:59:27 GMT
Date: Sat, 04 Feb 2023 08:42:40 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/02/o3tscjq0tez.jpg
172.67.28.138200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/o3tscjq0tez.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b45edd4d0b00bedce3b26ea679158cd
b237a3a236e4d9d1c3c215bb97f1efd07a8f48e5
a739587d35fc8a1097cc68893fc36252234c2af363c5bd4b55525817beabbf55
GET /upload/vod/2023/02/o3tscjq0tez.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 7980
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8939
content-disposition: inline; filename="o3tscjq0tez.webp"
etag: "63ddfe43-22eb"
last-modified: Sat, 04 Feb 2023 06:42:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569c4b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/55iqezg5frk.jpg
172.67.28.138200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/55iqezg5frk.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 33f386357e25cf26c52eec76c7a963bb
f0b6791da1ba11ec38a9647a700c92b3c79d3ec0
c188ff23c578f0bca96547f64826dd5a7eb05cd205247a303fae301396d94689
GET /upload/vod/2023/02/55iqezg5frk.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 5692
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6912
content-disposition: inline; filename="55iqezg5frk.webp"
etag: "63ddfe48-1b00"
last-modified: Sat, 04 Feb 2023 06:42:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4579c5b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/fmzorehgq2h.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/fmzorehgq2h.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b261c7ee4148bc416811a968b4b903b0
d72b3766d5aacddf64dd41e2c97bf905bce795ec
2ec9590475e9ddabb38fc6690a9974d1383f08756dbf74fc6ba51f76c269e272
GET /upload/vod/2023/01/fmzorehgq2h.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 11052
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11975
content-disposition: inline; filename="fmzorehgq2h.webp"
etag: "63cdf480-2ec7"
last-modified: Mon, 23 Jan 2023 02:44:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569c3b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wu0pgmyswv1.jpg
172.67.28.138200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wu0pgmyswv1.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 53a8cd043a389cc5b7c9728278cf3560
6767a51338c26b2691760b121fab0936ba35fbfc
d3a24ca26f5e2aaf1418fcb032962bd79b3e059521935b0f43f67ce9901b1b18
GET /upload/vod/2022/12/wu0pgmyswv1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 8218
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9558
content-disposition: inline; filename="wu0pgmyswv1.webp"
etag: "63942e7f-2556"
last-modified: Sat, 10 Dec 2022 07:00:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4579c6b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wsjcnxu5mfc.jpg
172.67.28.138200 OK 4.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wsjcnxu5mfc.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1e3b01fee0f819cf66b3a87d4cf2ac3
258aa12dc1c2bcb5ae43456ff474815cb7d925c5
c1a366d694caeb11be2024da4a41c8c1df1f33414363ca7aeadd55683739cbeb
GET /upload/vod/2022/12/wsjcnxu5mfc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 4700
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7557
content-disposition: inline; filename="wsjcnxu5mfc.webp"
etag: "6396b759-1d85"
last-modified: Mon, 12 Dec 2022 05:08:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4579c9b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/h00fkorwfmu.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/h00fkorwfmu.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb403222e3d4291ac8226ecdf22491c3
59a30baf2574f084533d7e193bd012b9c59e8b53
af1c12740b53ae048a88233f83ed47380a54eacd318e5d060fc54873d8fa8166
GET /upload/vod/2023/02/h00fkorwfmu.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 10248
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11426
content-disposition: inline; filename="h00fkorwfmu.webp"
etag: "63ddfe28-2ca2"
last-modified: Sat, 04 Feb 2023 06:41:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569bab521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ioyhtumulof.jpg
172.67.28.138200 OK 5.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ioyhtumulof.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7166b8828b383416635552a4e7d934ce
87a7b007c91b402ac837ae8e266418ff7c2b3e6f
0d4d40ee2c8f25be22915ed40f628147f3c428bf48f54d5fc71a81bf91581919
GET /upload/vod/2022/12/ioyhtumulof.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 5408
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6438
content-disposition: inline; filename="ioyhtumulof.webp"
etag: "63919883-1926"
last-modified: Thu, 08 Dec 2022 07:55:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4579cab521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/uiksppbf5vt.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/uiksppbf5vt.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 58242bb1107508ca9e8c4db9c9132d89
a1745230c97d48d9054cd44e1078d6e126a0999e
22084d7bce2c2e26d972caa2802dbb5cc3acb6a4df09267356a0aa76f18d324e
GET /upload/vod/2023/02/uiksppbf5vt.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 9994
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11074
content-disposition: inline; filename="uiksppbf5vt.webp"
etag: "63ddfe2d-2b42"
last-modified: Sat, 04 Feb 2023 06:41:49 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569bcb521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/43ykdcxt2rz.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/43ykdcxt2rz.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c55325b270c2adeeca1cb8a146962dec
ecb18a610e4128531b84cea291f4b274ab4bbad9
18e240f4613c5edf3f816713cb8563f80fdd67cb2daa64a7c46dc5448d22a78a
GET /upload/vod/2023/02/43ykdcxt2rz.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 10642
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11820
content-disposition: inline; filename="43ykdcxt2rz.webp"
etag: "63ddfe4b-2e2c"
last-modified: Sat, 04 Feb 2023 06:42:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4579c7b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/zecu3ux4qkk.jpg
172.67.28.138200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/zecu3ux4qkk.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 988718e0cd02708d6968ba6925eeed3d
08b448e63a5595e37cfd788c7227bcdb572f8de2
813ea1f13238e1b2d3fc90bac203e14a8b24127421a0669acfaa4be0f6cb0dc4
GET /upload/vod/2023/02/zecu3ux4qkk.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 6200
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7663
content-disposition: inline; filename="zecu3ux4qkk.webp"
etag: "63ddfe53-1def"
last-modified: Sat, 04 Feb 2023 06:42:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4579c8b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/4wm3gerlhmc.jpg
172.67.28.138200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/4wm3gerlhmc.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aaea1133a16d30f5531121b6ed67392e
452852573f503a38fe91239876362b6289fde700
64b1a145529bdf3dc6d148417151f688dfba41829056bde746e7a3d95a51aa52
GET /upload/vod/2023/02/4wm3gerlhmc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 7568
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8636
content-disposition: inline; filename="4wm3gerlhmc.webp"
etag: "63ddfe25-21bc"
last-modified: Sat, 04 Feb 2023 06:41:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4569b8b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg
172.67.28.138200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b0851d25dfdaf4453018d6ba6fcfb09
81778cc41bc16f83a5dffd2a1df0f10b236cd50c
ac260695a86f4ac2ba5e744f0f87b1e67c62b490474aa0a2d1880545283b07af
GET /upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 7496
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8924
content-disposition: inline; filename="3ntqevhmcwr14003ntqevhmcwr245572.webp"
etag: "638059f8-22dc"
last-modified: Fri, 25 Nov 2022 06:00:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4589dab521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/tedqfnlyoyp.jpg
172.67.28.138200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/tedqfnlyoyp.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 23fdc785a2c387a8921008b7aef07cbd
b97e64bea59d8efd1341a6b139a9023c951a19da
a30cc3d5cb4ad095190a9af6961a7a567a29ffbc395735d4be2c99f69f523a7f
GET /upload/vod/2022/12/tedqfnlyoyp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 9858
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10702
content-disposition: inline; filename="tedqfnlyoyp.webp"
etag: "63903e33-29ce"
last-modified: Wed, 07 Dec 2022 07:18:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4579d0b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bd3fd037debb3b7ec9057e2f026c59d7
3fc2d3c0eddced427f460e12651685311ae0af29
b19b455ca9ef3725566c6908217391bf72bee54ece8f40504cebc593ebcc9b76
GET /upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 10870
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11415
content-disposition: inline; filename="znmtdtg3fn11619znmtdtg3fn1263009.webp"
etag: "6378918e-2c97"
last-modified: Sat, 19 Nov 2022 08:19:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4589e2b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg
172.67.28.138200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf7a5eeca4da86ff2ddbdd9a77de5107
e905e417383ac44c6e7f1c4cce421c9695c711db
c326632d34b02c1c070119eba2fd4e7b0877599d691960c0b9ce7ad4e05aae47
GET /upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 4482
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6651
content-disposition: inline; filename="ti4dbnmfwc01152ti4dbnmfwc0156571.webp"
etag: "636880ef-19fb"
last-modified: Mon, 07 Nov 2022 03:52:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4599eab521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg
172.67.28.138200 OK 9.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d425f7bea4f48366f31883ea613ed55
6e282d4bfa59cc087ac52130fcb393301b6316bb
a9286fa4027b04fbfd0427fc19745a5eccf931b2e998d52e9e7e63d3ca4c3183
GET /upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 9176
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10099
content-disposition: inline; filename="qtzuufrjhye1318qtzuufrjhye592235.webp"
etag: "637472c3-2773"
last-modified: Wed, 16 Nov 2022 05:18:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4589e4b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/ktuffd01kuz.jpg
172.67.28.138200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/ktuffd01kuz.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6c288872bf92bab1f05ddac20ba7f591
8b6bddff65b12b7ddf12862b9c031c5a051d1e7c
601edb6c096c4162355501c0e2ac7f241f712023de0a2c3714116a06a3460af9
GET /upload/vod/2023/02/ktuffd01kuz.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 7576
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8514
content-disposition: inline; filename="ktuffd01kuz.webp"
etag: "63ddfe19-2142"
last-modified: Sat, 04 Feb 2023 06:41:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4599f0b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/n3l0wa4kamf.jpg
172.67.28.138200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/n3l0wa4kamf.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3693fb9f98c3624cbc9f5223f78c985e
726e9a51e8678521f3f3b284e5fbf3bb915938ce
b3187742e72ef08ac082070f4ecdfc5d7a2d8b563ac67c1c316507d819199f85
GET /upload/vod/2023/01/n3l0wa4kamf.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 8128
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9313
content-disposition: inline; filename="n3l0wa4kamf.webp"
etag: "63d3ada3-2461"
last-modified: Fri, 27 Jan 2023 10:55:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2780
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4599f6b521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg
172.67.28.138200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54564f6fe5d24c3be0fb0abdcfc93ac0
33d65dadfacfb6b0c805a743af9666141f887c07
67bca5dc3ef300578aba244dcb069b8b835f8e0eeee20f4b624d415224b84771
GET /upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 8384
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9055
content-disposition: inline; filename="wuvpypjmdke1112wuvpypjmdke515303.webp"
etag: "636331b3-235f"
last-modified: Thu, 03 Nov 2022 03:12:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d4599edb521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg
172.67.28.138200 OK 16 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash fb8299566d6ea78f401c58aa1aed76b0
06b3ca9b2bee69473d2348c67feb9c598a1f3605
ea13b22c9d50069700778e892496aec8930d0aefd3180a8eb47e56452d55a22b
GET /upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/jpeg
content-length: 16544
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=16984, status=webp_bigger
etag: "6367473b-4258"
last-modified: Sun, 06 Nov 2022 05:33:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79421d4599ebb521-OSL
X-Firefox-Spdy: h2
s2.loli.net/2022/12/18/5Z19HedNFCSBiQP.gif
172.67.69.40200 OK 373 kB URL HTTP/2 s2.loli.net/2022/12/18/5Z19HedNFCSBiQP.gif
IP 172.67.69.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 373 kB (372996 bytes)
Hash 8c9ac15f0b50d53ccbffec36af3a9607
11ff6593819530ecef60355648530649c41359f9
38c6fa07b3f8bc3b22124dc98fee75989e520816532202ba426bd204a8b242bb
GET /2022/12/18/5Z19HedNFCSBiQP.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 372996
last-modified: Sun, 18 Dec 2022 09:59:37 GMT
etag: "639ee489-5b104"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yu03gEjKIb8xCofQi2vv%2F%2F1yVIrI2ORVBfjhvE3Jm%2BTHy3B%2FDUsQHEBkmGtDS6pHhWa%2F%2BdI0r%2B1BoKRiB4QD7XAO%2Fc2YXOdfP778y0x%2Fb974I85%2FVn1cfCY1E8J8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79421d410ed60b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/5ut03a2plzy.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/5ut03a2plzy.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash ef61b92949b2c30105cb41ecde3a9a21
b81ab8b1faa8553dab279851097155cc0a7947ac
998e0528ce00bc7cc4505c32102c9b8dc713ab7ecec555c4386a46429db1fb0f
GET /upload/vod/2023/02/5ut03a2plzy.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/jpeg
content-length: 13308
cf-bgj: imgq:85,h2pri
cf-polished: origSize=14115, status=webp_bigger
etag: "63ddfe15-3723"
last-modified: Sat, 04 Feb 2023 06:41:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79421d4599eeb521-OSL
X-Firefox-Spdy: h2
3p8801.co/yy-960x60.gif
107.148.202.17200 OK 37 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644
GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Mon, 06 Mar 2023 08:42:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/p33uukek2g5.jpg
172.67.28.138200 OK 17 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/p33uukek2g5.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash bcbfc37f4cfa30666e3c596b1a37746b
b0baeb44b937e5dbebbc2b3afaf59fb61e8f6682
d7e33db44d7bb6484c2424f04cb2d7f15c527e68390d5f6585b89c926369887f
GET /upload/vod/2022/12/p33uukek2g5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/jpeg
content-length: 17124
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18053, status=webp_bigger
etag: "638da58f-4685"
last-modified: Mon, 05 Dec 2022 08:02:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79421d45ca1bb521-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 83a43d2bb3ccd0f830b773f738f6fb4c
ba5e41fbe47448c91020b7072c40a9885229b46f
d8bad6fec46ff705e4cc1dfe0f5db679032e254f8b81ca2435cc8cd2296d9680
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 11:43:08 GMT
Expires: Thu, 09 Feb 2023 11:43:07 GMT
Etag: "ba5e41fbe47448c91020b7072c40a9885229b46f"
Cache-Control: max-age=442226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d43ca680b3d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e12e7ce250abcb6c82afaaeb23189792
864e8ad550a087e07a51ebdfbacd58868a4febd8
0ab0503b31c34577bdfedd0fcc50882c64e7e128cc4eccb0c0202fd61b88e099
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 16:50:07 GMT
Expires: Thu, 09 Feb 2023 16:50:06 GMT
Etag: "864e8ad550a087e07a51ebdfbacd58868a4febd8"
Cache-Control: max-age=460645,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d44db430b3d-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f7d5b5aa3c148495e308e228eb76dc11
4288a2bf761c2b52a4fee38b4c32f8d8410797d6
6530a0ce40282c87f9d43a8e6979cd127cdd2a182705d077c5f78faf7d1e7a36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6530A0CE40282C87F9D43A8E6979CD127CDD2A182705D077C5F78FAF7D1E7A36"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1736
Expires: Sat, 04 Feb 2023 09:11:36 GMT
Date: Sat, 04 Feb 2023 08:42:40 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/02/gmjlau3nzbz.jpg
172.67.28.138200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/gmjlau3nzbz.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c4f2d962e82b64904d412d6df2426c25
f2517d7a228c6890bd77727a44ec1ac67f053d9c
df5ee9b371707268aee98b25477270d76e9fc135a0ef90a8d93c061ca6451dbb
GET /upload/vod/2023/02/gmjlau3nzbz.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 7578
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8309
content-disposition: inline; filename="gmjlau3nzbz.webp"
etag: "63ddfe21-2075"
last-modified: Sat, 04 Feb 2023 06:41:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d462a7fb521-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/02/dhqld4kdrpv.jpg
172.67.28.138200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/02/dhqld4kdrpv.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05a9210bfa56a655849f52aa64ed95b3
3dbdd0fec3a5c50e9f202562cb450becc669fecc
7c7fb061f13316fbb9028400dd8be46482921b3df41773f6df91000407434ec0
GET /upload/vod/2023/02/dhqld4kdrpv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/webp
content-length: 8288
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9274
content-disposition: inline; filename="dhqld4kdrpv.webp"
etag: "63ddfe4f-243a"
last-modified: Sat, 04 Feb 2023 06:42:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d463a89b521-OSL
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1812306182&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxysabc.xyz%2F&v=1.3.0&lv=1&sn=32385&r=0&ww=1268&u=https%3A%2F%2Fwww.jxy23.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1812306182&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxysabc.xyz%2F&v=1.3.0&lv=1&sn=32385&r=0&ww=1268&u=https%3A%2F%2Fwww.jxy23.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1812306182&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxysabc.xyz%2F&v=1.3.0&lv=1&sn=32385&r=0&ww=1268&u=https%3A%2F%2Fwww.jxy23.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 08:42:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=87732E458DD1B22E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4fc90b344217f2af55d41a51cdb76175
e51ca89f6b224431d741960e3abc9a03d09957ef
eff0df474c01111332398befd64817e17d52a94b0bb1016a233a9a83957fa1e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 03:26:05 GMT
Expires: Fri, 10 Feb 2023 03:26:04 GMT
Etag: "e51ca89f6b224431d741960e3abc9a03d09957ef"
Cache-Control: max-age=498803,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d44fcfe0b31-OSL
lbfm.lbpictupian.com/upload/vod/2023/01/xwvdrsm2zyb.jpg
172.67.28.138200 OK 9.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/xwvdrsm2zyb.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 56baf758f71c00520cb2e8174cc0a01d
749deb90919186ab4f6a6fad8843b2036abc8f4c
2704091e7f98ec6cd01de61ab2337b45cd35c21a3c13d30cedf4eee36f613c6e
GET /upload/vod/2023/01/xwvdrsm2zyb.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:41 GMT
content-type: image/webp
content-length: 9250
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10165
content-disposition: inline; filename="xwvdrsm2zyb.webp"
etag: "63ba99e2-27b5"
last-modified: Sun, 08 Jan 2023 10:24:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
accept-ranges: bytes
server: cloudflare
cf-ray: 79421d466aeab521-OSL
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 09af4e58bca1769c47435a4ff6549b9b
2dbfcf72388778aac590b0669d49c90def6a628b
a572b3428ae8a622ec1f6fad8182dc25d0387a840017ac1386af68e21b08adf1
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:41 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 23:39:24 GMT
Expires: Thu, 09 Feb 2023 23:39:23 GMT
Etag: "2dbfcf72388778aac590b0669d49c90def6a628b"
Cache-Control: max-age=485201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d4638960b49-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 73803e6aa60e01673852cb789b2027fb
31fe59edce7d2a0314b64707ae863cd5aff1c34e
1960be1fc27291c153f4285109fcc60a4ad3c6fee8b723f28267cb3969b84f7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1960BE1FC27291C153F4285109FCC60A4AD3C6FEE8B723F28267CB3969B84F7A"
Last-Modified: Fri, 03 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4036
Expires: Sat, 04 Feb 2023 09:49:57 GMT
Date: Sat, 04 Feb 2023 08:42:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6a66357b0f07ba1406b37b0fe3d9699d
f2e4aa5e2f58e30d052afb9d5bceb0ee625aa09e
9aa902b1661b7993191df3351440f44d472734f5f1b365d3f320c2867c3f00b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA902B1661B7993191DF3351440F44D472734F5F1B365D3F320C2867C3F00B5"
Last-Modified: Thu, 02 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Sat, 04 Feb 2023 14:41:53 GMT
Date: Sat, 04 Feb 2023 08:42:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 117703a11a189eae6adab629975428a8
46637ef290487ee94252b821ab5535b1deeb6b3a
b73398f7b9773e9f746dddbf5b505e209356a22abbc4b4f866537af47d4ada21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5328
Cache-Control: max-age=169472
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:41 GMT
Etag: "63ddf8b1-117"
Expires: Mon, 06 Feb 2023 07:47:13 GMT
Last-Modified: Sat, 04 Feb 2023 06:18:25 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 274105dd767f5f6ea78cfbe6f77310c0
c9828e98d7cb8e760cb7b4ca96f8512d095502b4
dd28fcfc8788a0f46e52fcd5042a9768128b0ea278da86c2252dffa2a7c6c4b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD28FCFC8788A0F46E52FCD5042A9768128B0EA278DA86C2252DFFA2A7C6C4B1"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8316
Expires: Sat, 04 Feb 2023 11:01:17 GMT
Date: Sat, 04 Feb 2023 08:42:41 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash fbfd23b34cf0225a841b7b540ff2d983
19da24ba850d93e4f790d1420d0789a899850fc4
2b1c300b211a86ef7295d693ff18c1c33ad29e29b981a5afeb95ee3e5772f6d9
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:41 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 02:51:08 GMT
Expires: Sat, 11 Feb 2023 02:51:07 GMT
Etag: "19da24ba850d93e4f790d1420d0789a899850fc4"
Cache-Control: max-age=583105,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d46b9000b49-OSL
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 3cfcf9477a4c13eff1ea9423063d2a17
1c2bf3c81c69629f2a38e0a8b41dea3305dd6543
9386d2767d4026b84ba3643da4cb6f2ebd92e68ae8de696725bacc0f68ed7cac
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 7c17760f-2404-4ef1-9cbe-965161cb5cde
Content-Length: 1701
Date: Sat, 04 Feb 2023 08:42:41 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash aaf5de2119ec6b90d012e5e0e18766ad
1d10bdcb160a1c616e46cca8fff8f3259a510df6
bccfb20365d8f374c065d07770158a6617e96f050217252029d212f99f20947e
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: f8ef1a02-e595-42b4-80ce-6cb27c96c96c
Content-Length: 1701
Date: Sat, 04 Feb 2023 08:42:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c352568bc7924b4d157e086c196039c7
73db71f48f7806fd8ca3947e35c19f0d4178b358
b25d4eec849b1c95a2f0d95b4e29c81d3cebf42b39502f0c3ed2dee147677e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B25D4EEC849B1C95A2F0D95B4E29C81D3CEBF42B39502F0C3ED2DEE147677E22"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11333
Expires: Sat, 04 Feb 2023 11:51:34 GMT
Date: Sat, 04 Feb 2023 08:42:41 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash f988abb55c9456a9b58bfcd9e0e83eb0
8cb2765ececa62891ad1493da76892ee38233e62
0a89070f5c3101f8936d072318c37d324b35427323dd7acb50c45a569b72db9e
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: a46a4111-c924-4284-b847-f206f06877a4
Content-Length: 1701
Date: Sat, 04 Feb 2023 08:42:41 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 94ae414ee20b4aa0622ee52b3c445ffc
4c46e93267549bc9b2b0325b866c97a9b5c29436
4a066f182b74467bff8208a3bce9ba3504266cd86e8a36af02e3ebfbb3db3793
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 21:49:37 GMT
Expires: Fri, 10 Feb 2023 21:49:36 GMT
Etag: "4c46e93267549bc9b2b0325b866c97a9b5c29436"
Cache-Control: max-age=565014,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d475d02b4e8-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash fbfd23b34cf0225a841b7b540ff2d983
19da24ba850d93e4f790d1420d0789a899850fc4
2b1c300b211a86ef7295d693ff18c1c33ad29e29b981a5afeb95ee3e5772f6d9
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:41 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 02:51:08 GMT
Expires: Sat, 11 Feb 2023 02:51:07 GMT
Etag: "19da24ba850d93e4f790d1420d0789a899850fc4"
Cache-Control: max-age=583105,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d467feeb50f-OSL
3p8801.co/a-960x60.gif
107.148.202.17200 OK 49 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db
GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Mon, 06 Mar 2023 08:42:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c59f269e10a8f2b2cb96b83244e8322e
241508baa2217c53f8925eb8201b0ade5047583c
a63681a9266450fbc80e18356b019f89edb398e0db267bb68c20b7518e85e9e7
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 08:42:41 GMT
Ali-Swift-Global-Savetime: 1675500161
Via: cache20.l2de2[1087,1087,200-0,M], cache20.l2de2[1088,0], cache5.se1[1111,1112,200-0,M], cache5.se1[1113,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 08:42:41 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916755001601117237e
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e424883dc09d7a6ce56e738c3bb50edf
8ca974ea34b4ce7fe5896531bdef66006fe16ed5
532366d5491fbc677351aee443b45e532766bd206a2e40262004cf21faafa5e8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 20:33:42 GMT
Expires: Thu, 09 Feb 2023 20:33:41 GMT
Etag: "8ca974ea34b4ce7fe5896531bdef66006fe16ed5"
Cache-Control: max-age=474059,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d472f000b31-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 43d22629e79990d013c0b2a8481a999f
5115fc711e5a42aff0e9a31ab95a2aef02bc215d
b9b3998daf229186c1f1d0b795ec2b41c27e2bbbaf6d6bc33b88ccc64aff1472
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 17:58:37 GMT
Expires: Thu, 09 Feb 2023 17:58:36 GMT
Etag: "5115fc711e5a42aff0e9a31ab95a2aef02bc215d"
Cache-Control: max-age=464754,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79421d472db20b3d-OSL
kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif
172.83.155.45200 OK 296 kB URL HTTP/2 kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 296 kB (295930 bytes)
Hash 298c2af98aa06470fcb80ad293146c0f
75be32a4c283cf249855e51c847d4f687d7436ec
e7060057157f5971d5b1031e9fe93528d70ad7bcf07d851bca10563594abae1e
GET /67a0474849f4ee10ccbe3b0d2cebf337.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 295930
last-modified: Mon, 30 Jan 2023 12:14:22 GMT
etag: "63d7b49e-483fa"
expires: Sat, 04 Feb 2023 20:42:40 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 3472
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXGE7nLqfsYyp2TuyHviBQ%2BOa6MbA8HldOLcyYCZvSnIdXD%2Fy4NcO4O1PGF%2BmaNhNbBcIJetWuEAlFtQm5doNbcELror49D9WJlbtXwG4TPlP4fukNoiBK%2Bz%2F%2FBZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 794032192fe42808-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/11-960x60.gif
107.148.202.17200 OK 242 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 242 kB (242091 bytes)
Hash b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Mon, 06 Mar 2023 08:42:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif
49.51.190.27200 OK 167 kB URL HTTP/1.1 help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif
IP 49.51.190.27:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 167 kB (166673 bytes)
Hash a76a21236cc656e7eaa83a578e926243
0a51bf94f4c75963785f61344458936e5e060cb3
b95a0b1af937e5c8b61ef3a67fa638a98024626041d96ec1bd2b033570ec5d1a
GET /datas/feedback/20221217/639d86e9b6b6d.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty
date: Sat, 04 Feb 2023 08:42:40 GMT
content-type: image/gif
content-length: 166673
last-modified: Sat, 17 Dec 2022 09:07:53 GMT
etag: "639d86e9-28b11"
expires: Sun, 19 Feb 2023 08:42:40 GMT
cache-control: max-age=1296000
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 771181635d9c7fe1ddf5bb82d4bf2c12
b146bc4dee082bc0209b582e6fc2705a1ada6abb
fc3f89dd283c7a8ea1a0b75ee6962321fdadc102c0c4edb801038a4bd4590417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4230
Cache-Control: max-age=138185
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:41 GMT
Etag: "63dd82c4-2d7"
Expires: Sun, 05 Feb 2023 23:05:46 GMT
Last-Modified: Fri, 03 Feb 2023 21:55:16 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 727
kvegg.com/32a5b957e230ebec42250e5a4a1cedde.gif
172.83.155.45200 OK 239 kB URL HTTP/2 kvegg.com/32a5b957e230ebec42250e5a4a1cedde.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 374 x 126\012- data
Size 239 kB (239313 bytes)
Hash 426267138e320e27a4b0cffc72c52b8f
88180e2539bae08f81a3bd95a67e21bb4b0f1b01
f2221414922c9bcc08485aba237fb88b36151583a6953d5a39483f208637b1a2
GET /32a5b957e230ebec42250e5a4a1cedde.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:41 GMT
content-type: image/gif
content-length: 239313
last-modified: Sun, 18 Dec 2022 07:33:00 GMT
etag: "639ec22c-3a6d1"
expires: Sat, 04 Feb 2023 20:42:41 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 15512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FwQxmsDwU3LHh6DaSRJUd3W8ce4zhbVTa2anifftdRwQj%2BvKYp8eiOot2oBSyF8zhEm9tD1o58NIm5AvHFoAV1obLnx4d%2BFvDM1o0YyiBaz2a933rQNc%2Bu3IGTn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7941581ccd88c630-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.104200 OK 864 kB URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.104:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 03:10:10 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 8RPuVgfstnLWpGeBSxHDzHS9t2RsH6_LwNvM66CLhRop2kho33FfZQ==
age: 65380
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/9758275ccbb9404887d9537125b38ea9
47.246.44.231200 OK 489 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9758275ccbb9404887d9537125b38ea9
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /obj/tos-cn-i-dy/9758275ccbb9404887d9537125b38ea9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 488987
date: Sun, 08 Jan 2023 17:06:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 08 Jan 2023 17:06:30 GMT
nw-session-id: 20230109010630237CE87A1B921E9239855b2gs03dy
nw-session-trace: 2023-01-09T01:06:30.090734007+08:00 32
x-bdcdn-cache-status: TCP_HIT
x-length: 488987
x-powered-by: ImageX
x-response-date: Mon, 09 Jan 2023 01:06:30 GMT
x-tt-logid: 20230109010630237CE87A1B921E923985
via: n150-050-052, cache4.l2de2[0,0,206-0,H], cache17.l2de2[0,0], cache17.l2de2[1,0], cache4.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc02:20:277::30
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 016ce8fa9a4734806856c36302115b4d3b62e2f46a5e22340a9e0afd68f42535f61b40eb4c87b4eb4d08a76657d3a06f06c194c2fa0f2a8796bc9ed45e4b03583aa8472a5bf216acbaf65500914d0b34d0a0dc701fd8b2ff6e1948ab36c3d97f4f
x-response-lb: image
ali-swift-global-savetime: 1673197598
age: 2302563
x-cache: HIT TCP_MEM_HIT dirn:4:51830946
x-swift-savetime: Sun, 08 Jan 2023 17:16:00 GMT
x-swift-cachetime: 31535438
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16755001614676981e
X-Firefox-Spdy: h2
99887aaa.com/5bcd4bf0b8334404bd4ae2f523a4278a.gif
103.170.15.87200 OK 47 kB URL HTTP/1.1 99887aaa.com/5bcd4bf0b8334404bd4ae2f523a4278a.gif
IP 103.170.15.87:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Hash f7bc8826b4d1fb8058ba712134859f27
3904bda8ed2e2892d338fd0f31a715fafe2d226c
a986f5a6b2fe83b27c3f9bf6cafd6cdadd097eaeb61eb91ea8c782bbd565e259
GET /5bcd4bf0b8334404bd4ae2f523a4278a.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a43822-b70e"
Date: Sat, 14 Jan 2023 00:12:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:57:38 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 46862
zhibo128x.xyz/128/318X216.gif
154.83.25.141200 OK 90 kB URL HTTP/1.1 zhibo128x.xyz/128/318X216.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 318 x 216\012- data
Hash fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d
GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 Feb 2023 08:39:52 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Sat, 31 Dec 2022 05:06:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
pic.picnewsss.com/tu-2022290039/se-1.jpg
23.225.139.251200 OK 27 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/se-1.jpg
IP 23.225.139.251:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Hash d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e
GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Sat, 04 Feb 2023 06:01:55 GMT
etag: "1675490515"
expires: Mon, 06 Mar 2023 06:01:55 GMT
last-modified: Sat, 04 Feb 2023 06:01:55 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 26754
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/954e2828fcde41ccaee7dee63d6bda01
47.246.44.231200 OK 358 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/954e2828fcde41ccaee7dee63d6bda01
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 440 x 240\012- data
Size 358 kB (358276 bytes)
Hash 40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43
GET /obj/tos-cn-i-dy/954e2828fcde41ccaee7dee63d6bda01 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Thu, 17 Nov 2022 09:34:47 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:34:47 GMT
nw-session-id: 2022111717344701015802909741AC3CFF7dbll03dy
nw-session-trace: 2022-11-17T17:34:47.714255732+08:00 208
x-bdcdn-cache-status: TCP_MISS
x-length: 358276
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:34:47 GMT
x-tt-logid: 2022111717344701015802909741AC3CFF
via: n150-059-133, cache6.l2de2[0,0,206-0,H], cache4.l2de2[4,0], cache4.l2de2[4,0], cache7.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015988867d28cc4aacec031178ef98851ccdddec9cedee81c7a16a210e69849d3bd0bb4e2500fe5b66d5c488cf91a78a51c40569931971c1ff3997b9ecdb3aa032fce5de81180b0a11b8eae8bf86b22a7a002d879c063b89335a087f605664e7f0
x-response-lb: image
ali-swift-global-savetime: 1668677687
age: 6822474
x-cache: HIT TCP_MEM_HIT dirn:3:379258966
x-swift-savetime: Fri, 18 Nov 2022 03:31:17 GMT
x-swift-cachetime: 31471410
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16755001614716989e
X-Firefox-Spdy: h2
kzecc.com/e06a35bc848b301fd5c9802d162bdf30.gif
13.227.254.104200 OK 182 kB URL HTTP/2 kzecc.com/e06a35bc848b301fd5c9802d162bdf30.gif
IP 13.227.254.104:0
File type GIF image data, version 89a, 300 x 150\012- data
Size 182 kB (181696 bytes)
Hash ba9dcd35c39e60e245666e70f85fc335
38630969afd73016363a2f6f41bf36eb947405b2
624d0cce85aeb64c935d38705196c4ea696deaf4f5e1895e8557789b8b01380b
GET /e06a35bc848b301fd5c9802d162bdf30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 181696
last-modified: Mon, 19 Dec 2022 08:54:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 07:30:11 GMT
etag: "ba9dcd35c39e60e245666e70f85fc335"
x-cache: Hit from cloudfront
via: 1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 9fO3g41nn-FTqqiP-1z6CNjLtYpdcKmnsrvojSGPPJaOvooEDF15AQ==
age: 4351
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 771181635d9c7fe1ddf5bb82d4bf2c12
b146bc4dee082bc0209b582e6fc2705a1ada6abb
fc3f89dd283c7a8ea1a0b75ee6962321fdadc102c0c4edb801038a4bd4590417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=133955
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:41 GMT
Etag: "63dd82c4-2d7"
Expires: Sun, 05 Feb 2023 21:55:16 GMT
Last-Modified: Fri, 03 Feb 2023 21:55:16 GMT
Server: nginx
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
47.246.44.231200 OK 384 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 80\012- data
Size 384 kB (384491 bytes)
Hash 627acd5c4c2a9bb3bbf10748f1931947
0529b42ebe54b2cc9ed886ab83b50b8f14642062
a62b3a5eba800520fbb7b334c00db2e9f76e438891ae150c3b2d681ef228954a
GET /obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 384491
date: Sun, 13 Nov 2022 13:26:06 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 13 Nov 2022 12:38:36 GMT
nw-session-id: 20221113203836010175073134252D40ED7nb4v02dy
nw-session-trace: 2022-11-13T20:38:36.893240111+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 384491
x-powered-by: ImageX
x-response-date: Sun, 13 Nov 2022 20:38:36 GMT
x-tt-logid: 20221113203836010175073134252D40ED
via: n150-056-026, cache12.l2de2[0,0,206-0,H], cache19.l2de2[2,0], cache19.l2de2[3,0], cache5.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc02:22:46::67
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01fc3ea37d9c1ed5b7d2c200df23bf81d3980363a474adcbcdabe23efbe44349c9ded5894820052b9f65e8b67807703e46e752587a445df11739963b0fc31b09984170a333fed525dbd3f2408a1a3198fd79e91de509e1f853539053e961754b16
x-response-lb: image
ali-swift-global-savetime: 1668345966
age: 7154195
x-cache: HIT TCP_MEM_HIT dirn:1:136048544
x-swift-savetime: Sun, 13 Nov 2022 14:21:50 GMT
x-swift-cachetime: 31532656
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16755001616307168e
X-Firefox-Spdy: h2
66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
103.170.15.87200 OK 553 kB URL HTTP/1.1 66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
IP 103.170.15.87:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
GET /73f23e1f7ead40baa32cf579a4bb735b.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f27ac4-86f72"
Date: Tue, 31 Jan 2023 10:05:18 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:18:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 552818
2835177ccc.com/d3aca4da371b4c23ad593f27caf95ec5.gif
45.61.212.222200 OK 1.1 MB URL HTTP/1.1 2835177ccc.com/d3aca4da371b4c23ad593f27caf95ec5.gif
IP 45.61.212.222:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 1.1 MB (1055788 bytes)
Hash 96708f116e29b6f78c8fe489755203df
6ce25290cb21d6a24b3c59a6453c8b545ebeb474
c520dd0d43ffcc44a57fdd1326c469162fd5ede344e925c21747517452112726
GET /d3aca4da371b4c23ad593f27caf95ec5.gif HTTP/1.1
Host: 2835177ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c162bc-101c2c"
Date: Fri, 03 Feb 2023 05:05:28 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 13 Jan 2023 13:55:08 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-22
Content-Length: 1055788
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
13.227.254.5200 OK 400 kB URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 13.227.254.5:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 13:06:49 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: lkGQj6fanzX_Ai64JRblJFMeX1B7Rq0PKr3tDZMpnZHuAiY_m0PEVA==
age: 70552
X-Firefox-Spdy: h2
kvezz.com/e953bbb6e97dc9683489c4b681b2deb0.gif
13.227.254.5200 OK 52 kB URL HTTP/2 kvezz.com/e953bbb6e97dc9683489c4b681b2deb0.gif
IP 13.227.254.5:0
File type GIF image data, version 89a, 300 x 150\012- data
Hash 15f013bc483418e6e94193fc49f169fc
c2a73adaf83f727a937dd73a986da8f5be0cb934
50e6a3bfefa0c78e03803c5093ce18527edbd6463ded9b4f704aead1ed627454
GET /e953bbb6e97dc9683489c4b681b2deb0.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 51573
date: Fri, 03 Feb 2023 10:53:38 GMT
last-modified: Mon, 19 Dec 2022 08:24:15 GMT
etag: "15f013bc483418e6e94193fc49f169fc"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: TTtVPmZ-WFzKzHQQEbgXKuV_BI8ujvx71nVtWTHbWnJI1XZv4ch7YA==
age: 78544
X-Firefox-Spdy: h2
www.jxysabc.xyz/news/list.php
173.231.38.60200 OK 162 kB URL HTTP/2 www.jxysabc.xyz/news/list.php
IP 173.231.38.60:0
Size 162 kB (162060 bytes)
Hash 12f6b025e77645248e6e35a19d666705
561e90cd978b0a7050a40c0ba654e489a602a714
1cb89b6c75877c9c3549a6bdc1bda0f1f41cfdff8a9b520034d7f775a40828d5
GET /news/list.php HTTP/1.1
Host: www.jxysabc.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxysabc.xyz/news/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
103.170.15.87200 OK 149 kB URL HTTP/1.1 66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
IP 103.170.15.87:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 149 kB (149081 bytes)
Hash ca110f84ebcc10dd498b26dc6c90087b
cfaf975d43693cfc7c2e05305068b0d933748d98
04dff307dc6fdc4da149bad386613e102c1f0e6d2b26974c5666505c7d97ef2e
GET /137dd6d87688482eb020c1c774325059.185.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f2795c-24659"
Date: Tue, 31 Jan 2023 10:05:20 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:12:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 149081
3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif
103.170.15.83200 OK 748 kB URL HTTP/1.1 3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif
IP 103.170.15.83:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 748 kB (747714 bytes)
Hash 190c632a93b23820398e76a78dccf39b
f156cddcc3d508f21aabaa1c08391a976f84e172
602526a271c67646875cf62980d7c3c4a16360b747ebc2810908ca274a8ca1ad
Analyzer Verdict Alert quad9 Sinkholed
GET /31bae057f32c4263a5459428dcd9c2c0.gif HTTP/1.1
Host: 3366812ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b288d0-b68c2"
Date: Thu, 26 Jan 2023 13:38:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 02 Jan 2023 07:33:36 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-13
Content-Length: 747714
3888537ccc.com/a96984034ec34a47aec0e95fd23f1058.gif
45.61.212.218200 OK 88 kB URL HTTP/1.1 3888537ccc.com/a96984034ec34a47aec0e95fd23f1058.gif
IP 45.61.212.218:0
File type GIF image data, version 89a, 320 x 185\012- data
Hash 8d00fbc4b81285815eb1358ff6562dee
3b35d424783d0c9f64bafbfa7e427949115a4e15
1a1af43abebdc6ae261953807be21deea00014561de8652a974e518c1958639e
GET /a96984034ec34a47aec0e95fd23f1058.gif HTTP/1.1
Host: 3888537ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b288f1-15974"
Date: Mon, 02 Jan 2023 08:52:52 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 02 Jan 2023 07:34:09 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-18
Content-Length: 88436
3718896ccc.com/69267e805d7b4aa3b4db75a4ca964b7f.gif
103.170.15.113200 OK 331 kB URL HTTP/1.1 3718896ccc.com/69267e805d7b4aa3b4db75a4ca964b7f.gif
IP 103.170.15.113:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 331 kB (330788 bytes)
Hash 2fed29a7e518cace80f2ca8f57787c31
1f78c67a7a5864d12e6c0e13dd45fa477e80e528
b6407a42c658e82ec3ef6a64b6aff95018b90155c04648247c08e8df83afb35e
GET /69267e805d7b4aa3b4db75a4ca964b7f.gif HTTP/1.1
Host: 3718896ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a801bf-50c24"
Date: Mon, 23 Jan 2023 07:58:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 25 Dec 2022 07:54:39 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Length: 330788
99885aaa.com/2571b5232e904522b532216679441c82.gif
103.170.15.87200 OK 560 kB URL HTTP/1.1 99885aaa.com/2571b5232e904522b532216679441c82.gif
IP 103.170.15.87:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 560 kB (560267 bytes)
Hash 0c24ae98899ba81be2a10b49f953181c
903a7c1e74d3c8e88ca4be6dd68cf2a6d2165dcc
37bd6699258695711ea4919db16ca543d22b9e2d4fa118e87cbda00285027e88
GET /2571b5232e904522b532216679441c82.gif HTTP/1.1
Host: 99885aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a44177-88c8b"
Date: Tue, 24 Jan 2023 11:07:18 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 11:37:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 560267
n18081.com/68a7807de3933bf7079116fa9df99e6f.gif
172.83.155.45200 OK 366 kB URL HTTP/2 n18081.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: n18081.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:41 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sat, 04 Feb 2023 20:42:41 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 2335045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNmKUpoQ83VUdphfP6uSdl7iGmtMfN5Gr%2Bg528dGKOZZlPYud23KqGrxVPKy8L9eFJqPHPB4RTZZuhhVjFVWCSHOvpIWyDoJ5%2BL8AWUW%2FutjNHEZ0Gxh8B0XUWjG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 794106fe9bdc2844-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif
103.170.15.87200 OK 1.1 MB URL HTTP/1.1 99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif
IP 103.170.15.87:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 980 x 80\012- data
Size 1.1 MB (1066629 bytes)
Hash 709be30700e74aafa715f685cba66b67
1d0ee25014c3d61849625bfc386d6ec370181a7d
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53
GET /161f65b0d6174a0a94c6ba6b2e9c589b.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a43809-104685"
Date: Sat, 28 Jan 2023 18:31:21 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:57:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 1066629
8499165.com/8499/220x130.gif
162.209.128.164200 OK 143 kB URL HTTP/2 8499165.com/8499/220x130.gif
IP 162.209.128.164:0
File type GIF image data, version 89a, 220 x 130\012- data
Size 143 kB (143198 bytes)
Hash 2e3ee9276e9fdb03d57612e04313b43b
c2b0c90a434ab607712b6733da6f8f4fce17fcf4
fb8b0f4eaeb403458ec3e2d6cfcd26401b93eb2d857938aed697eae8378c2d97
GET /8499/220x130.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:41 GMT
content-type: image/gif
content-length: 143198
last-modified: Sat, 17 Dec 2022 10:40:27 GMT
etag: "22f5e-5f003b6de04b8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
8499174.com/8499/zzxx/960x100.gif
162.209.128.163200 OK 479 kB URL HTTP/2 8499174.com/8499/zzxx/960x100.gif
IP 162.209.128.163:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 479 kB (479036 bytes)
Hash f586fcd7d6a54725a2d0d26355f16a06
338916b44a69b6820f8b741d0c47e68830e6234a
af1a7ed89fa356285f747cd80c8d7d33b980066a02051706c41083edd567414d
GET /8499/zzxx/960x100.gif HTTP/1.1
Host: 8499174.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:41 GMT
content-type: image/gif
content-length: 479036
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "74f3c-5f092cf09552f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
88886aaa.com/db431bafa2474156b9fddc3d9c277b4d.gif
45.61.212.222200 OK 177 kB URL HTTP/1.1 88886aaa.com/db431bafa2474156b9fddc3d9c277b4d.gif
IP 45.61.212.222:0
File type GIF image data, version 89a, 240 x 140\012- data
Size 177 kB (176976 bytes)
Hash 5c383b781891f009bfe7545eb03e78d9
75d4973454dc1243aeb3e10c8f58033b904f55a0
3fcb048f35db216dd311386f685b6dd7ed68384951f09cc018287cdb49d1d35b
GET /db431bafa2474156b9fddc3d9c277b4d.gif HTTP/1.1
Host: 88886aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62da66b6-2b350"
Date: Wed, 01 Feb 2023 22:43:43 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 22 Jul 2022 08:58:30 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-22
Content-Length: 176976
www.jxy23.xyz/
173.231.38.11200 OK 199 kB IP 173.231.38.11:0
Size 199 kB (198851 bytes)
Hash 009b2519c9c5b179bd9802c23a145d6e
3660ecd72ab80bf83df4f5190fad3472b3f258c4
545b184eb7ec66e11c01dc0d4978e7072ca5637c7857059393e98d9ac8a45cd8
GET / HTTP/1.1
Host: www.jxy23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxysabc.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
zhibo128x.xyz/128/960x120.gif
154.83.25.141200 OK 417 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 417 kB (417166 bytes)
Hash 13c9b946edcde7ff1343201a30e2fd46
c58983acbb24dfd174e7e033c3054b9e5036cb7b
8e817dd37cc60ddd6de4dab6f55edf1132b6793ed7d391de2dd9200cd215a926
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 Feb 2023 08:39:52 GMT
Content-Type: image/gif
Content-Length: 417166
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 21:11:51 GMT
ETag: "63b5eb97-65d8e"
Expires: Fri, 03 Feb 2023 21:14:05 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
www.jxy23.xyz/template/m1938pc/static/css/1.css
173.231.38.11200 OK 68 kB URL HTTP/2 www.jxy23.xyz/template/m1938pc/static/css/1.css
IP 173.231.38.11:0
Hash 3c7cf0d8325ff2759f5c948a7b857ccd
fb0440341dfc062b527452deedfab9a93bbe3c74
fc2e44188f4741a84de57a899c55a02d6d477dc4af72a50be23499b3d6f19b17
GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxy23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Sat, 04 Feb 2023 20:42:39 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
165tuchuang.com/i/2023/01/17/63c69b540146d.gif
13.212.32.147200 OK 628 kB URL HTTP/1.1 165tuchuang.com/i/2023/01/17/63c69b540146d.gif
IP 13.212.32.147:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 628 kB (627616 bytes)
Hash 48befe906b5527df956c92df9f679011
d91ad99eb87b152a46b95fc0fa47e82c4b700e81
f2d0ecc28342ff5c69d076f30b70297bca4cdeeaf8a323f4e943f64119e852ac
GET /i/2023/01/17/63c69b540146d.gif HTTP/1.1
Host: 165tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:42:40 GMT
Content-Type: image/gif
Content-Length: 627616
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 12:57:56 GMT
ETag: "63c69b54-993a0"
Expires: Fri, 24 Feb 2023 15:26:33 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: Tengine
X-Cache-Status: HIT
Accept-Ranges: bytes
3761121ccc.com/650755c8b8df486ab82eac1bf27ba3be.gif
103.170.15.109200 OK 482 kB URL HTTP/1.1 3761121ccc.com/650755c8b8df486ab82eac1bf27ba3be.gif
IP 103.170.15.109:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 482 kB (482002 bytes)
Hash 3da86db2ae041b15f2a11260ba84ed8b
e18ee81f88eb5e35200694d419e0cd1140bb893b
48adc6c04538154557653f6eaa6f3cd5e10bbcbd7aa661b78cd61bdec7d72ef8
GET /650755c8b8df486ab82eac1bf27ba3be.gif HTTP/1.1
Host: 3761121ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c16b77-75ad2"
Date: Thu, 02 Feb 2023 13:10:20 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 13 Jan 2023 14:32:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-39
Content-Length: 482002
qp.ezfxpuo.cn/960X60.gif
218.66.171.122200 OK 254 kB IP 218.66.171.122:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /960X60.gif HTTP/1.1
Host: qp.ezfxpuo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Sat, 04 Feb 2023 08:42:41 GMT
content-type: image/gif
content-length: 253519
x-oss-request-id: 63DCC16D4C8B373832AC955A
etag: "F744E995971941B6A95FCD2636F5A545"
last-modified: Tue, 29 Nov 2022 08:27:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
tu.jnctupian.com/jnc/jnc120.gif
206.2.168.128200 OK 831 kB URL HTTP/1.1 tu.jnctupian.com/jnc/jnc120.gif
IP 206.2.168.128:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 960 x 120\012- data
Size 831 kB (831315 bytes)
Hash db6e4f75e800a69c7a52ddd221cf84ea
af333f978eb9eb1c708f1850031fe1caa20286c3
22831c853ecc2ac8a267bf493764e03df3a87ea9ba0e58dafcb0f4732bf4390e
GET /jnc/jnc120.gif HTTP/1.1
Host: tu.jnctupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/onex
Date: Sat, 04 Feb 2023 08:42:41 GMT
Content-Type: image/gif
Content-Length: 831315
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 11:43:49 GMT
ETag: "63d50a75-caf53"
Expires: Fri, 03 Mar 2023 08:22:17 GMT
X-One-Cache: HIT
Accept-Ranges: bytes
static.qwahk.com/240x140.gif
38.6.225.4200 OK 360 kB URL HTTP/1.1 static.qwahk.com/240x140.gif
IP 38.6.225.4:0
File type GIF image data, version 89a, 250 x 140\012- data
Size 360 kB (359778 bytes)
Hash 2373284fae9ce56090a43e645463367a
d8437327a4f709bfc78bb715121f2eff9f59b052
c4739c5646d1f04df546b713a09d526661651c3a3e5be9c3750d75384420ee86
GET /240x140.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 359778
Content-Type: image/gif;charset=UTF-8
Date: Thu, 02 Feb 2023 16:13:52 GMT
ETag: "1675498541"
Last-Modified: Sat, 04 Feb 2023 08:15:41 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSxgHK5oy35:15 (W)
X-Cache: HIT, server, memory
X-Px: ms PSxgHK5oy35000(origin)
X-Reqid: 201921416722819520230203001353MZ1lav2Fsampled
X-Ws-Request-Id: 63dbe140_PS-000-018Gq36_20750-55006
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d464f2afae2f39f848f3ea2ab4449cc
c567ce38fa3bcec80d23829aea54082e6665baef
95b488586bbadb4c02c3f6a7909a5b30af12608f558dfe48e72bb34f5c9844a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
storage.googleapis.com/wab42th-eh4nj5/960x60.gif
142.250.74.48200 OK 432 kB URL HTTP/2 storage.googleapis.com/wab42th-eh4nj5/960x60.gif
IP 142.250.74.48:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 432 kB (432015 bytes)
Hash e0b6d554502d05ae55d9a550c21c46e8
4dd75f80aa90e242f0f3b9e45e05891f3e771c87
9d3b06f6249cd241e9ca47e60bb5aa7a9b9ce729a730489df121c7d9276d09db
GET /wab42th-eh4nj5/960x60.gif HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsr0yS_4yXIQ7JWTNX_BX7cstPN4lCPqvGYaCGlw6Xhvb835n-g8S_xqMGyDhFH8bcuSjS0mfuudPIja8ysBuDxQM6cJ5ZD
vary: X-Goog-Allowed-Resources
x-goog-generation: 1675347598996793
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 432015
x-goog-hash: crc32c=1jl+7Q==, md5=4LbVVFAtBa5V2aVQwhxG6A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 432015
server: UploadServer
date: Sat, 04 Feb 2023 07:48:18 GMT
expires: Sat, 04 Feb 2023 08:48:18 GMT
cache-control: public, max-age=3600
age: 3264
last-modified: Thu, 02 Feb 2023 14:19:59 GMT
etag: "e0b6d554502d05ae55d9a550c21c46e8"
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d464f2afae2f39f848f3ea2ab4449cc
c567ce38fa3bcec80d23829aea54082e6665baef
95b488586bbadb4c02c3f6a7909a5b30af12608f558dfe48e72bb34f5c9844a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:42:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.qwahk.com/960x100.gif
38.6.225.4200 OK 763 kB URL HTTP/1.1 static.qwahk.com/960x100.gif
IP 38.6.225.4:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 763 kB (763448 bytes)
Hash 211b3f3a7f99ee8690441e79bb92c9e6
9696cb1a4c3d265480e2cd96b6751a63515eab5a
72ac7b0afc27e3d1126dd65844d5de46f57ba6d256676286161c5593415842a8
GET /960x100.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 763448
Content-Type: image/gif;charset=UTF-8
Date: Thu, 02 Feb 2023 16:13:46 GMT
ETag: "1675497941"
Last-Modified: Sat, 04 Feb 2023 08:05:41 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSxgHK5oy35:5 (W)
X-Cache: HIT, server, memory
X-Px: ms PSxgHK5oy35000(origin)
X-Reqid: 201921416722818020230203001346GX1DatGAsampled
X-Ws-Request-Id: 63dbe13a_PS-000-018Gq36_20263-12192
img.7629a.com/images/63ac1e40a09b23ceb4ba9cb0.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.7629a.com/images/63ac1e40a09b23ceb4ba9cb0.gif
IP 3.36.126.81:0
GET /images/63ac1e40a09b23ceb4ba9cb0.gif HTTP/1.1
Host: img.7629a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/954e2828fcde41ccaee7dee63d6bda01
X-Firefox-Spdy: h2
www.jxysabc.xyz/news/
173.231.38.60200 OK 0 B IP 173.231.38.60:0
GET /news/ HTTP/1.1
Host: www.jxysabc.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.farzanatradings.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ggtupian.qqdaishuawang.com/64461/960.60se.gif
104.21.39.123200 OK 0 B URL HTTP/2 ggtupian.qqdaishuawang.com/64461/960.60se.gif
IP 104.21.39.123:0
GET /64461/960.60se.gif HTTP/1.1
Host: ggtupian.qqdaishuawang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: image/gif
last-modified: Thu, 26 Jan 2023 11:00:12 GMT
etag: "63d25d3c-7d394"
expires: Wed, 01 Mar 2023 11:37:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 11944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKRVW9AbWAoc8ohTZoOIVrdT%2FPA%2FFZHCjIkhR%2Bq8YL9taRqxQf1a%2BhplffGaQ3TAG5H%2BQHk2LxthTy2MoXyypl%2FqyA0j5lj%2BdTs71lY%2FwUeDtrXhcDlLtnj%2BlEX3OPCfWNi7GDRra71c5X95Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79421d3fc95cb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.jxy23.xyz/template/m1938pc/static/css/bootstrap.min.css
173.231.38.11200 OK 0 B URL HTTP/2 www.jxy23.xyz/template/m1938pc/static/css/bootstrap.min.css
IP 173.231.38.11:0
GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxy23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Sat, 04 Feb 2023 20:42:39 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
link.imgapp.top/images/63ba73b1a92cd2097e833f9d.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/63ba73b1a92cd2097e833f9d.gif
IP 3.36.126.81:0
GET /images/63ba73b1a92cd2097e833f9d.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9758275ccbb9404887d9537125b38ea9
X-Firefox-Spdy: h2
img.9376x.com/images/6399c27b56eec67c33ea8921.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.9376x.com/images/6399c27b56eec67c33ea8921.gif
IP 3.36.126.81:0
GET /images/6399c27b56eec67c33ea8921.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
X-Firefox-Spdy: h2
www.jxy23.xyz/template/m1938pc/static/css/style.css
173.231.38.11200 OK 0 B URL HTTP/2 www.jxy23.xyz/template/m1938pc/static/css/style.css
IP 173.231.38.11:0
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxy23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Sat, 04 Feb 2023 20:42:39 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxysabc.xyz/news/data.php
173.231.38.60200 OK 0 B URL HTTP/2 www.jxysabc.xyz/news/data.php
IP 173.231.38.60:0
GET /news/data.php HTTP/1.1
Host: www.jxysabc.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxysabc.xyz/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxy23.xyz/template/m1938pc/html9/ads/zxf.js
173.231.38.11200 OK 0 B URL HTTP/2 www.jxy23.xyz/template/m1938pc/html9/ads/zxf.js
IP 173.231.38.11:0
GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxy23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:42:39 GMT
content-type: application/javascript
last-modified: Sat, 28 Jan 2023 13:33:08 GMT
vary: Accept-Encoding
etag: W/"63d52414-6ea"
expires: Sat, 04 Feb 2023 20:42:39 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.2.157403 Forbidden 0 B URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.2.157:0
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy23.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sat, 04 Feb 2023 08:42:42 GMT
content-type: application/xml
x-amz-request-id: VB0Y64812X2Y0SCE
x-amz-id-2: UyRgkIR7vccZqZ2x4XYKyfhLqRi8nR5D+4fdSdqv6cEfE07SHHBhvy+GJKM+giyFMLGygQWHqYI=
cf-cache-status: MISS
set-cookie: __cf_bm=4rH4nhq1NhIQj6bT_OE8o4RrBldTZcfvxzR.c5EtEsI-1675500162-0-AQb1UJFYH0Wj2SJciVQ83ZI4b534k+1v0byOX+4WDySbLSprV+/BIXl3c3WfWKsGs5GA14mrzQAjbCo8AwIBAL0=; path=/; expires=Sat, 04-Feb-23 09:12:42 GMT; domain=.pngtree.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 79421d466fc6b518-OSL
content-encoding: br
X-Firefox-Spdy: h2