| 99s42.com/ |  172.67.169.22 | 301 Moved Permanently | 0 B |
IP172.67.169.22:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 99s42.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 15:05:10 GMT
Content-Length: 0
Connection: keep-alive
Location: https://99xing.cc/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jb6i4xwecNo311thyf9TuJJ2dIi9z5%2F%2FUugp6oR%2FPbyPzALaIxPzfeqx13dg%2Bkk9DwugMxO%2Bk%2FIrqHRHbfsSs%2Bv0RkPfS6H4l9C8YJGp2wsetQw5vPEJd8C%2FAE0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703854d8b24b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha9f1d4d98705c281fed3b60343463200 db6f8aa98d2eda4e5473b116a222c3055568bb78 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7328
Expires: Sat, 26 Nov 2022 17:07:18 GMT
Date: Sat, 26 Nov 2022 15:05:10 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash15b59d5e62caedb4bec3ba6724906c1e 960f801e608a56fdd11449f4face29f62cad2b21 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3318
Cache-Control: max-age=159675
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:10 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:26:25 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashd130218d0e2841f39c99610fe1a2ab90 29fbe1e177ee55c7a61ae0a206afff271cf5f945 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 14:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2757
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash71f9c681a82440fd55e76c780a20e55d 3147768cfbcdd06e0c6e69684292e68e99917a80 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17325
Expires: Sat, 26 Nov 2022 19:53:55 GMT
Date: Sat, 26 Nov 2022 15:05:10 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mWYdozSbUyANcji1XuaGo9VCnRyM4g9N0zBPCjy2lDOvbv9N2eo9tS2p7t7ZflHwAkpvHdvrDR8=
x-amz-request-id: SDTD41J7JGDYC32R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 14:41:15 GMT
age: 1435
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:05:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9ecc1fab0464754df668895e089512b1 9814e8ecabb6c0dce495a518d6bafeb10bd73167 6709ba804a155ab3add3b4b311d58d9080b7686198b652eb812c28370d21634a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6709BA804A155AB3ADD3B4B311D58D9080B7686198B652EB812C28370D21634A"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9809
Expires: Sat, 26 Nov 2022 17:48:39 GMT
Date: Sat, 26 Nov 2022 15:05:10 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 14:08:54 GMT
cache-control: public,max-age=3600
age: 3376
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd3df71aab146eefc49acb608796aab63 8401892995193919376dfcd798b09c8261579454 a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4731
Cache-Control: max-age=156032
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:10 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:25:42 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9ecc1fab0464754df668895e089512b1 9814e8ecabb6c0dce495a518d6bafeb10bd73167 6709ba804a155ab3add3b4b311d58d9080b7686198b652eb812c28370d21634a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6709BA804A155AB3ADD3B4B311D58D9080B7686198B652EB812C28370D21634A"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9808
Expires: Sat, 26 Nov 2022 17:48:39 GMT
Date: Sat, 26 Nov 2022 15:05:11 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.39.94.191 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.39.94.191:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h8WFNl7Z9Snwt4xYXjqRjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ErhFrwsUFGDnL8UUKCBgc4vtpWE=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb55bdc7d98b59445770c1769094e9af7 534d9bf2de693a40c421281c41e715f4e2cfa7ea 132f603b27720f7978049573d10cf8a2a3acebd71ebe200f775f8e0dcffb5cd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "132F603B27720F7978049573D10CF8A2A3ACEBD71EBE200F775F8E0DCFFB5CD3"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 26 Nov 2022 16:21:47 GMT
Date: Sat, 26 Nov 2022 15:05:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb55bdc7d98b59445770c1769094e9af7 534d9bf2de693a40c421281c41e715f4e2cfa7ea 132f603b27720f7978049573d10cf8a2a3acebd71ebe200f775f8e0dcffb5cd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "132F603B27720F7978049573D10CF8A2A3ACEBD71EBE200F775F8E0DCFFB5CD3"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 26 Nov 2022 16:21:47 GMT
Date: Sat, 26 Nov 2022 15:05:11 GMT
Connection: keep-alive
|
|
| jjx886.com/99xing/js/t.99xing.js?4fb2ad33bb29a28a40a | 172.64.135.22 | 200 OK | 226 kB |
URL HTTP/2jjx886.com/99xing/js/t.99xing.js?4fb2ad33bb29a28a40a IP172.64.135.22:0
File typeUnicode text, UTF-8 text, with very long lines (64674), with no line terminators Size226 kB (226456 bytes) Hash6625236155521e5593200a1fe05e551a ee177816e55bf2364905c681c9d6f6f103537c47 d108d69397d5570e60667f580accf7352a5624474b909d7c4fdc3878c266bc66
GET /99xing/js/t.99xing.js?4fb2ad33bb29a28a40a HTTP/1.1
Host: jjx886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:11 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 14:56:56 GMT
vary: Accept-Encoding
etag: W/"63822938-c0af2"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=31536000, stale-if-error=7200
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaHM8uwWA2wvC46qXbwlzPz4dfwDYqrWp%2FIZDfpNUBuFKhGNG%2BZT2wT7E%2BKBcxtMR1y7%2FHJCBTRZi91%2F6Q6pDqKSA5deSzlj9zp6ODmSh26Cgt55K2GPUZ0hJ%2BQq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7703855809507320-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8bb181e3f5ca898c6e31a8efc2e28291 eda3a91f8e2cbc5467da08ad85e6f6a30702b66c 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10142
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:05:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8bb181e3f5ca898c6e31a8efc2e28291 eda3a91f8e2cbc5467da08ad85e6f6a30702b66c 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10142
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:05:12 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg | 34.120.237.76 | 200 OK | 3.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha783df85f30f9c555f9df6b99f61744d 61f9bed607e81606be78285596acdc5e0e4f4994 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 40174
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3b1c6878914466cfece680fa7cb73502 47fac81a2dd809df5c42ca1362f71d553572d2b1 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:18:42 GMT
age: 60390
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8bb181e3f5ca898c6e31a8efc2e28291 eda3a91f8e2cbc5467da08ad85e6f6a30702b66c 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10142
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:05:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8bb181e3f5ca898c6e31a8efc2e28291 eda3a91f8e2cbc5467da08ad85e6f6a30702b66c 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10142
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:05:12 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp | 34.120.237.76 | 200 OK | 4.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashabd79421a3c44a8df11ad2cc50083309 8665e5f3026f2c2b9505eb139c478f4d359851c3 3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4366
x-amzn-requestid: ce25f5ab-0c92-431e-ae4e-618829594a74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNZFjHoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-6a3a8dff70e717011e3a0606;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CkXSlYXZ0DFVjVSVin4Km3_9nETFtQ8Qf6f2V5kjuwoCejVH3Qk0Qg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:47:48 GMT
age: 62244
etag: "8665e5f3026f2c2b9505eb139c478f4d359851c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash17ebe470d040a6ea8c57e9b9d4f4e828 1ac7a410cd4f3709f476c776dd5646dd982dcfa8 d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 60437
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| jjx886.com/99xing/css/web.99xing.css?15be772a4c42e | 172.64.135.22 | 200 OK | 132 kB |
URL HTTP/2jjx886.com/99xing/css/web.99xing.css?15be772a4c42e IP172.64.135.22:0
File typeASCII text, with very long lines (65536), with no line terminators Size132 kB (132471 bytes) Hash6764c5d2c4c27ef9b71fec8a70e0995d a0e24775edf1f1dc4c17c7c69b87ee81f20672d9 b652c0bcb71f4e17abbc91f11fb87503df9868dc60727db645edcf48c18a748c
GET /99xing/css/web.99xing.css?15be772a4c42e HTTP/1.1
Host: jjx886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:11 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 11:30:21 GMT
vary: Accept-Encoding
etag: W/"636b8f4d-ba9f8"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=31536000, stale-if-error=7200
cf-cache-status: HIT
age: 157578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJ3qkKZ4WJXVca5sUZoTwFcrhgmV7jqYh5s%2BfxNHayccLhEVZqz35XbLiVYSzKSkzbGgpKIfL1PEP3%2BzSS7QIPXHaJI4CBYbBswSqHeUW4QtunVnFoevAM8pWZzN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7703855809547320-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9bc7c4877bfa24d0c1bbb774cd906af1 75d9a14e98ffba5a71a6f710be721b593338ffdc b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: e8956a92-d016-41a2-99b4-631a6db3b8db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQzsFY3IAMF9iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e7d-2337148b0a824d134aaab9d7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:04:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nqv3cZb0_TFYs1XuLw1pCg4B1HmA87mj4S1Sjh3cgXyWd3GnweAY7w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 11:13:41 GMT
age: 13891
etag: "75d9a14e98ffba5a71a6f710be721b593338ffdc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6fbb9fdf5492d45c30f772d8e675627c 8fc4750023832984c38634eb3687ea086f5151a7 403239c26597958f2729c7961500fc68beb24e6613767c9db97ddcdd525b0d30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "403239C26597958F2729C7961500FC68BEB24E6613767C9DB97DDCDD525B0D30"
Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2457
Expires: Sat, 26 Nov 2022 15:46:09 GMT
Date: Sat, 26 Nov 2022 15:05:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6fbb9fdf5492d45c30f772d8e675627c 8fc4750023832984c38634eb3687ea086f5151a7 403239c26597958f2729c7961500fc68beb24e6613767c9db97ddcdd525b0d30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "403239C26597958F2729C7961500FC68BEB24E6613767C9DB97DDCDD525B0D30"
Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2457
Expires: Sat, 26 Nov 2022 15:46:09 GMT
Date: Sat, 26 Nov 2022 15:05:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash16523aa2ff13b715f7e2052e3baca164 002feb031ec4fdfb44c5aa78749d49c806ca6a40 417ff668c8b9bd0f2c9b8beba1c09bbe61c589739f1d59503afa5201a5bee2ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417FF668C8B9BD0F2C9B8BEBA1C09BBE61C589739F1D59503AFA5201A5BEE2BA"
Last-Modified: Fri, 25 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6881
Expires: Sat, 26 Nov 2022 16:59:54 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash16523aa2ff13b715f7e2052e3baca164 002feb031ec4fdfb44c5aa78749d49c806ca6a40 417ff668c8b9bd0f2c9b8beba1c09bbe61c589739f1d59503afa5201a5bee2ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417FF668C8B9BD0F2C9B8BEBA1C09BBE61C589739F1D59503AFA5201A5BEE2BA"
Last-Modified: Fri, 25 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6881
Expires: Sat, 26 Nov 2022 16:59:54 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ |  104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashf4a8c872c5d098fdd43a34bf1313004c 244d922c09acaa11c54e98843bd532d6d535bb47 7958ef02954a3d76f7d76853e35c7cb31ba024fc4440adf3d9864f74bfa26dab
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:36:46 GMT
Expires: Wed, 30 Nov 2022 03:36:45 GMT
Etag: "244d922c09acaa11c54e98843bd532d6d535bb47"
Cache-Control: max-age=303691,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770385605db81bfe-OSL
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash9589b962f9ad48248d86ac790726bd69 fab7ac728e2ab2400f96facb68af11c99aa32e10 88ae1f49d57c0a7f8d1b199bed08c4ae197dd4ddac6a9f0f01f2a7ba03d3bfd6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169993
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Etag: "63822032-116"
Expires: Mon, 28 Nov 2022 14:18:26 GMT
Last-Modified: Sat, 26 Nov 2022 14:18:26 GMT
Server: nginx
Content-Length: 278
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5484cf8cc9c51878f3082d65c8a05330 41ae75903427a6859fd4cccb2687a6709338bfa9 73b614ca7f39b98c4e79f581bae111b39663e87f2970e1658065aaeb4a21ea84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73B614CA7F39B98C4E79F581BAE111B39663E87F2970E1658065AAEB4A21EA84"
Last-Modified: Thu, 24 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15842
Expires: Sat, 26 Nov 2022 19:29:15 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp2.globalsign.com/gsorganizationvalsha2g2 | 104.18.21.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsorganizationvalsha2g2 IP104.18.21.226:0
Hashcb02d57d26c37027fe0a7d436df5e268 52aeb56ede440661952f90e589e17fa544e9eb18 8c3f9046cbd03104b7abaad221a1971b4576a3db6a5f3fa49d3587cbac5ae964
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 30 Nov 2022 10:44:19 GMT
ETag: "52aeb56ede440661952f90e589e17fa544e9eb18"
Last-Modified: Sat, 26 Nov 2022 10:44:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1650
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77038560ed691c0a-OSL
|
|
| ocsp2.globalsign.com/gsorganizationvalsha2g2 | 104.18.21.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsorganizationvalsha2g2 IP104.18.21.226:0
Hashdd929a249b5a23d607402e74b57c64d2 1858874a1e113b774554ce18e9d9b82970ce156a e62d9af2623b748ca1412aa777949f1d82292da693e3ee93e8dc1998439cd29a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 30 Nov 2022 12:00:44 GMT
ETag: "1858874a1e113b774554ce18e9d9b82970ce156a"
Last-Modified: Sat, 26 Nov 2022 12:00:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77038560fd781c0a-OSL
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash24f5ce0cdb2c988b2c474b2c7f1b9394 922765411a15a8de5cce9582291b9e50278969fc d3b3c852e6d1ea8aab3693dd7123650d67f76b335e296bb977302d74b26c45de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3B3C852E6D1EA8AAB3693DD7123650D67F76B335E296BB977302D74B26C45DE"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20165
Expires: Sat, 26 Nov 2022 20:41:18 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| kvhmm.com/e6fdfe6babffce68e22b9c38b992583e.gif | 45.154.215.90 | 301 Moved Permanently | 162 B |
URL HTTP/2kvhmm.com/e6fdfe6babffce68e22b9c38b992583e.gif IP45.154.215.90:0 ASN#201106 Spartan Host Ltd
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e6fdfe6babffce68e22b9c38b992583e.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/e6fdfe6babffce68e22b9c38b992583e.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| kvhmm.com/3a51d5c56a7a748c2c25ca523628cc04.gif | 45.154.215.90 | 301 Moved Permanently | 162 B |
URL HTTP/2kvhmm.com/3a51d5c56a7a748c2c25ca523628cc04.gif IP45.154.215.90:0 ASN#201106 Spartan Host Ltd
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3a51d5c56a7a748c2c25ca523628cc04.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/3a51d5c56a7a748c2c25ca523628cc04.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| rootnetworksdv.ocsp-certum.com/ | 23.36.79.17 | 200 OK | 1.5 kB |
URL HTTP/1.1rootnetworksdv.ocsp-certum.com/ IP23.36.79.17:0 ASN#20940 Akamai International B.V.
Hash8b43852c62d4e2907e9596cf7d949560 3eacb28319e0ff4b4ba48922a243195ac020d053 6a9539a7222c8221c365aa616982f3408a6ad5663a022da6a26b0eda306db97a
POST / HTTP/1.1
Host: rootnetworksdv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1490
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
X-N: S
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash711e7056dc809e38f542380b70e66640 7c4c2777cf45212c2914210a55a27592b613fbea 6f5e262ba3b64f673d1b2a42cd5398ff8265ae7950a9c6229c177ea49e8d4f30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F5E262BA3B64F673D1B2A42CD5398FF8265AE7950A9C6229C177EA49E8D4F30"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10900
Expires: Sat, 26 Nov 2022 18:06:53 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash9589b962f9ad48248d86ac790726bd69 fab7ac728e2ab2400f96facb68af11c99aa32e10 88ae1f49d57c0a7f8d1b199bed08c4ae197dd4ddac6a9f0f01f2a7ba03d3bfd6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=169993
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Etag: "63822032-116"
Expires: Mon, 28 Nov 2022 14:18:26 GMT
Last-Modified: Sat, 26 Nov 2022 14:18:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashee5ab293e102b8d59eff3b40d4c63ac8 0bdadbda0381470a92b52b3e3b37c30c94591b8f 983239f8d698212f30063e5a99adf923ab18e869ccdbc7062eb9eed963c2a2c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "983239F8D698212F30063E5A99ADF923AB18E869CCDBC7062EB9EED963C2A2C0"
Last-Modified: Thu, 24 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14538
Expires: Sat, 26 Nov 2022 19:07:31 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| kvhnn.com/e1dac3356c0e9d5f1899262d4f5d6b9c.gif | 66.150.130.123 | 301 Moved Permanently | 162 B |
URL HTTP/2kvhnn.com/e1dac3356c0e9d5f1899262d4f5d6b9c.gif IP66.150.130.123:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e1dac3356c0e9d5f1899262d4f5d6b9c.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://max003.top/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| kvhnn.com/805b36721b09ad0e4cb11e51a5f4ae2c.gif | 66.150.130.123 | 301 Moved Permanently | 162 B |
URL HTTP/2kvhnn.com/805b36721b09ad0e4cb11e51a5f4ae2c.gif IP66.150.130.123:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /805b36721b09ad0e4cb11e51a5f4ae2c.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://max003.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6fb5c1efebb1823914a297dab140a643 e50882095f7fba4bab3a2d0de59c4a8a21dd033d 397aeb6087ec50c46e97065256189c3f6731df243b05e4dec17f93eea14813aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "397AEB6087EC50C46E97065256189C3F6731DF243B05E4DEC17F93EEA14813AA"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16642
Expires: Sat, 26 Nov 2022 19:42:35 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5d1d31b2e8a110529805e1ebb95c571b a1f265a45937ea7a0bac6e23178b9159d6aaa53c 36982af77ebe268823d9ee965ddd2f507def3f40c61b4836541b9a3cac9db7d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36982AF77EBE268823D9EE965DDD2F507DEF3F40C61B4836541B9A3CAC9DB7D4"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2413
Expires: Sat, 26 Nov 2022 15:45:26 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| kzeoo.com/145498385d51f6114f01924b07a536b5.gif | 170.178.176.170 | 301 Moved Permanently | 162 B |
URL HTTP/2kzeoo.com/145498385d51f6114f01924b07a536b5.gif IP170.178.176.170:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /145498385d51f6114f01924b07a536b5.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:12 GMT
content-type: text/html
content-length: 162
location: https://max001.top/145498385d51f6114f01924b07a536b5.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc68666c9a900ed8cd2af5ea66ea8414c e9170e35f0aa9a3159a336ca97854d70f128344c 1f71d5a27a1eb72f56856b5df1eea4c9f85e87f49a5074721f1bfa594f43f824
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F71D5A27A1EB72F56856B5DF1EEA4C9F85E87F49A5074721F1BFA594F43F824"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4673
Expires: Sat, 26 Nov 2022 16:23:06 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp.globalsign.com/gsrsaovsslca2018 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp.globalsign.com/gsrsaovsslca2018 IP104.18.21.226:0
Hash350dabdad47c86af3f8ef0c4244f30f8 9e5412cd17652589f4e5d0dc8e139149d2c60915 1f97dd152958f3234ba0b6b099292c59161abc69d0db37af28880f89a6066ca6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 30 Nov 2022 11:13:40 GMT
ETag: "9e5412cd17652589f4e5d0dc8e139149d2c60915"
Last-Modified: Sat, 26 Nov 2022 11:13:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3462
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770385622fafb4ed-OSL
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash75bbbfa5bebb4582a591dcd288d08de8 09353cf566a6f62f02d8e18ef6b247c5456bf61a 6cd989725bfe5a1d9adaf7fb34c7afeaeafd7ef389081eb0b6e7b9d000c2d68e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CD989725BFE5A1D9ADAF7FB34C7AFEAEAFD7EF389081EB0B6E7B9D000C2D68E"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9105
Expires: Sat, 26 Nov 2022 17:36:58 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp.globalsign.com/gsrsaovsslca2018 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp.globalsign.com/gsrsaovsslca2018 IP104.18.21.226:0
Hash350dabdad47c86af3f8ef0c4244f30f8 9e5412cd17652589f4e5d0dc8e139149d2c60915 1f97dd152958f3234ba0b6b099292c59161abc69d0db37af28880f89a6066ca6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 30 Nov 2022 11:13:40 GMT
ETag: "9e5412cd17652589f4e5d0dc8e139149d2c60915"
Last-Modified: Sat, 26 Nov 2022 11:13:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3462
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770385623ce0b503-OSL
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbe0348371bc6a916b7f40ec39bde9853 5dc3bfed8a23520b9402aec1d8d52271d5d81d22 ce741063521a98582bab21caac2262f66fee79331ca69fecdf211c958acbf0a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE741063521A98582BAB21CAAC2262F66FEE79331CA69FECDF211C958ACBF0A9"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1379
Expires: Sat, 26 Nov 2022 15:28:12 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp2.globalsign.com/gsorganizationvalsha2g2 | 104.18.21.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsorganizationvalsha2g2 IP104.18.21.226:0
Hash8dc18c5dabd2a624ba4c4235f15f3acb 9d72c5a5e2ffb5c2d58417a7c7d94d747be07dcf fd5f7246ffef8f82d5307db70e640ba4c1e3b49908cf6950dd7736b951d7edda
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 30 Nov 2022 13:22:04 GMT
ETag: "9d72c5a5e2ffb5c2d58417a7c7d94d747be07dcf"
Last-Modified: Sat, 26 Nov 2022 13:22:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2516
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770385625e9e1c0a-OSL
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash40f32eae205ba646a660eec067b0a707 7c56d12eac5d1b294783bf3dfc46f43cf4bf6836 2410b19888cc92c0b4796081ab784f4dceed7d8809ac4b244244e0293ac3f07f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2410B19888CC92C0B4796081AB784F4DCEED7D8809AC4B244244E0293AC3F07F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15897
Expires: Sat, 26 Nov 2022 19:30:10 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hasha8ccf5b571c6c3ad33c7a00dc73cee15 d5099be07a28dc4ace29ed48f4a542900e25f153 4e067cf255c6b3d102931f21894775dafb9e8c425e1fe13fe6602f4b3c7d2207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:19:40 GMT
Expires: Wed, 30 Nov 2022 03:19:39 GMT
Etag: "d5099be07a28dc4ace29ed48f4a542900e25f153"
Cache-Control: max-age=302665,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770385614e8f1bfe-OSL
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash40f32eae205ba646a660eec067b0a707 7c56d12eac5d1b294783bf3dfc46f43cf4bf6836 2410b19888cc92c0b4796081ab784f4dceed7d8809ac4b244244e0293ac3f07f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2410B19888CC92C0B4796081AB784F4DCEED7D8809AC4B244244E0293AC3F07F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15897
Expires: Sat, 26 Nov 2022 19:30:10 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| kvegg.com/add018a5b09f43561ca6c4803bf187ee.gif | 45.154.215.92 | 301 Moved Permanently | 162 B |
URL HTTP/2kvegg.com/add018a5b09f43561ca6c4803bf187ee.gif IP45.154.215.92:0 ASN#201106 Spartan Host Ltd
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /add018a5b09f43561ca6c4803bf187ee.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://kvtooo.top/add018a5b09f43561ca6c4803bf187ee.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsorganizationvalsha2g2 | 104.18.21.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsorganizationvalsha2g2 IP104.18.21.226:0
Hashbc97ae7e5ed2d72be7e110190724a57b 12edb034861977b349003f33e282e5377622dae5 0cc0f219c47efc713f29a18a88fd77188e3e2839a06a073b749b618b92b65232
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 30 Nov 2022 11:57:14 GMT
ETag: "12edb034861977b349003f33e282e5377622dae5"
Last-Modified: Sat, 26 Nov 2022 11:57:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77038562aee11c0a-OSL
|
|
| ocsp2.globalsign.com/gsorganizationvalsha2g2 | 104.18.21.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsorganizationvalsha2g2 IP104.18.21.226:0
Hashbc97ae7e5ed2d72be7e110190724a57b 12edb034861977b349003f33e282e5377622dae5 0cc0f219c47efc713f29a18a88fd77188e3e2839a06a073b749b618b92b65232
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 30 Nov 2022 11:57:14 GMT
ETag: "12edb034861977b349003f33e282e5377622dae5"
Last-Modified: Sat, 26 Nov 2022 11:57:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77038562bac30b4d-OSL
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash917c6270a3897d6dbc499550fe56c9a2 da1f360effd6e9bc349529f6217ad904fe98fadc 7bc60f85bec74a5196717c8532f08bc86b8685cfd7b43d2de7117be805427d20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 06:50:25 GMT
Expires: Wed, 30 Nov 2022 06:50:24 GMT
Etag: "da1f360effd6e9bc349529f6217ad904fe98fadc"
Cache-Control: max-age=315310,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770385617d4cb512-OSL
|
|
| kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif | 104.143.94.110 | 301 Moved Permanently | 162 B |
URL HTTP/2kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif IP104.143.94.110:0 ASN#201106 Spartan Host Ltd
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: kzeww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://kvhqqq.top/4f5ca562874d2b77c6c37263e48db5c6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif | 64.32.13.142 | 301 Moved Permanently | 162 B |
URL HTTP/2kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif IP64.32.13.142:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc | 142.250.74.35 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc IP142.250.74.35:0
Hash4307acedd4979da9f032c085bcadd3e3 454bfa04ae72274e84b2139fde8b0346a73afcaa 54a87e5038e39b088baea946072fd465dc955259c6e0eddb1a85b448f1e02989
POST /s/gts1p5/L_p3X2a3qXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| kzemm.com/bb7f858c0dad171784517c02e7bff891.gif | 98.126.214.50 | 301 Moved Permanently | 162 B |
URL HTTP/2kzemm.com/bb7f858c0dad171784517c02e7bff891.gif IP98.126.214.50:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe87e83d3f1ef60dac0da32fd75660f33 44e9bb6e308c88de2c723bd924e04b54d1c80db7 c2557c68ca8ba5fe723fa02ab3c82083c465c7ccd971e93d33b868a6ebcdf342
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C2557C68CA8BA5FE723FA02AB3C82083C465C7CCD971E93D33B868A6EBCDF342"
Last-Modified: Thu, 24 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Sat, 26 Nov 2022 19:26:41 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc | 142.250.74.35 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc IP142.250.74.35:0
Hash4307acedd4979da9f032c085bcadd3e3 454bfa04ae72274e84b2139fde8b0346a73afcaa 54a87e5038e39b088baea946072fd465dc955259c6e0eddb1a85b448f1e02989
POST /s/gts1p5/L_p3X2a3qXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif | 45.150.164.88 | 301 Moved Permanently | 162 B |
URL HTTP/2kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif IP45.150.164.88:0 ASN#201106 Spartan Host Ltd
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://kvhxxx.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| max003.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif | 172.67.177.69 | 200 OK | 271 kB |
URL HTTP/2max003.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif IP172.67.177.69:0
File typeGIF image data, version 89a, 960 x 80\012- data Size271 kB (271417 bytes) Hashcfdea1c72fd59cf68b958b877cb9a46d d2db538ef4fe1276fc3c40a35ce41abd5cafb671 35da66e002a18ec097995716e6724d2e1126dde19eda498c2b7af6bfdcbab644
GET /805b36721b09ad0e4cb11e51a5f4ae2c.gif HTTP/1.1
Host: max003.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 271417
last-modified: Sat, 05 Nov 2022 14:46:45 GMT
etag: "63667755-42439"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6468
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck7OOPc9srDCvlr9CkeBjd5LkA3QXJfdnS0m%2BzszGSC4AVzKmjfPAwLPs9lzXOrhoEzpkTvrHTwZq3CmQdincDKapzmb1p4db3E%2BNneljY%2F2x2LnLJJDVApMWNzQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770385638921fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| max003.top/e1dac3356c0e9d5f1899262d4f5d6b9c.gif | 172.67.177.69 | 200 OK | 573 kB |
URL HTTP/2max003.top/e1dac3356c0e9d5f1899262d4f5d6b9c.gif IP172.67.177.69:0
File typeGIF image data, version 89a, 960 x 80\012- data Size573 kB (573384 bytes) Hashb4effa2453ed234460236aa814287055 07e2e8f1fd0f850743ab141de1782070a6502635 33a79ebf1ba58097c89e691d34e1fc3ae2b1367db2addf29b1bc081e66dd2d28
GET /e1dac3356c0e9d5f1899262d4f5d6b9c.gif HTTP/1.1
Host: max003.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 573384
last-modified: Wed, 14 Sep 2022 07:34:15 GMT
etag: "632183f7-8bfc8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvAlcuMC6Tvpblfg0BthnTtoe0FKRWna%2ByUcx%2BVcIS9KXjN%2F9baT%2B54mXPruTeND3KgPbtVisxxrZ8iSEJg4WvAfALN3uo6HaCJzEoxa8XVV0QRFLNe5Ow5i28MT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77038563b933fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kvtfff.top/3a51d5c56a7a748c2c25ca523628cc04.gif | 104.21.233.216 | 200 OK | 524 kB |
URL HTTP/2kvtfff.top/3a51d5c56a7a748c2c25ca523628cc04.gif IP104.21.233.216:0
File typeGIF image data, version 89a, 960 x 80\012- data Size524 kB (524316 bytes) Hashab00ff5aa53f9c2ae0f048518e94911e 84cccff597b536d7d4bd462b369dd9bf42ea4a9a cb96931b2f0f9a849cb8f6ea462315c9e8f7f648a49ddf284e6ed87ef9e36edc
GET /3a51d5c56a7a748c2c25ca523628cc04.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 524316
last-modified: Sun, 21 Aug 2022 08:40:42 GMT
etag: "6301ef8a-8001c"
expires: Tue, 13 Dec 2022 09:13:19 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 1144314
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVgB911Jle0nrk695NNAc8psAOc%2BIYsTk5rIEdZPGd3gZHhd6LA11TOAHGiQLeJQDx9abfaRdKnOK%2F67i5uuRLQxAlzAkPUv0PDTTwf8AlRQqkCcsB23fdRC9Xl8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77038562cb8f8895-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kvtfff.top/e6fdfe6babffce68e22b9c38b992583e.gif | 104.21.233.216 | 200 OK | 423 kB |
URL HTTP/2kvtfff.top/e6fdfe6babffce68e22b9c38b992583e.gif IP104.21.233.216:0
File typeGIF image data, version 89a, 960 x 80\012- data Size423 kB (423171 bytes) Hash870e11855fcf9b4543dd73b8c4d6553f 40547a8f18fe714fca987dc0e8d985ba46244ec1 3040d91b0666a0585ba9a75d3f77a1efd0c4b4bad85e18cc409fba03a7ed559a
GET /e6fdfe6babffce68e22b9c38b992583e.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 423171
last-modified: Sat, 12 Nov 2022 01:03:29 GMT
etag: "636ef0e1-67503"
expires: Mon, 26 Dec 2022 03:09:27 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 42946
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BocU%2F0s15SBOle61aJxvzekTCbMlbBXPwS07Z88q%2BgrZq4bk%2FGs87N74NLMUBaBjnqO96q5YKVQQdMVz29%2FzRJrCqfzTzM9jLQpMLK%2BJFh3ZHrmzo1Is3aHAJTz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77038562cb888895-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash99e51a6bd6ea64e5341186ea238dd28b ea852f41155d1f974f233cc1c51c81f062b96e67 4ab9ca36496449dc0bc884b392bee3629e76b296a7d911042da2b47aa2e2a3f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4AB9CA36496449DC0BC884B392BEE3629E76B296A7D911042DA2B47AA2E2A3F7"
Last-Modified: Fri, 25 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12936
Expires: Sat, 26 Nov 2022 18:40:49 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashd6fb527d0035e48d7e8dfde365021ea3 7e959b288cfc5912899230c500d94a468498ab0b ad62a38509b1c4a0049551debcaf976cce319da53834d1484b7757bdefad7398
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:54:35 GMT
Expires: Sat, 03 Dec 2022 12:54:34 GMT
Etag: "7e959b288cfc5912899230c500d94a468498ab0b"
Cache-Control: max-age=596360,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770385629fa61bfe-OSL
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash40f32eae205ba646a660eec067b0a707 7c56d12eac5d1b294783bf3dfc46f43cf4bf6836 2410b19888cc92c0b4796081ab784f4dceed7d8809ac4b244244e0293ac3f07f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2410B19888CC92C0B4796081AB784F4DCEED7D8809AC4B244244E0293AC3F07F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15897
Expires: Sat, 26 Nov 2022 19:30:10 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| kvtooo.top/add018a5b09f43561ca6c4803bf187ee.gif | 172.67.175.176 | 200 OK | 392 kB |
URL HTTP/2kvtooo.top/add018a5b09f43561ca6c4803bf187ee.gif IP172.67.175.176:0
File typeGIF image data, version 89a, 1000 x 80\012- data Size392 kB (392129 bytes) Hash7d1afd65fbf0aabcd0ff6d5eadd9ab04 3947c4098135c559415549e39cbe35ff2552d1d3 d5cd9a7f8e7e7fc9fa10d3fd23c39930d2a9f87f763905d7e86d6ca9c0fe3240
GET /add018a5b09f43561ca6c4803bf187ee.gif HTTP/1.1
Host: kvtooo.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 392129
last-modified: Tue, 22 Nov 2022 18:04:21 GMT
etag: "637d0f25-5fbc1"
expires: Sun, 25 Dec 2022 15:09:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 86127
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rinv50NxJTiiiqeeSjFkyJl3AWAewFP41vvYkYqmzJHRBu977OBjyiKQP5tTx2iz5BbEO50ec3UVi%2BZO4bTwYjwS7AVCuZFsNolArEr1Gr30CieCVhewPk4AY99p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770385642b66b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kvhdd.com/3d2937201b5e8815339d007a969c7bca.gif | 64.32.13.142 | 301 Moved Permanently | 162 B |
URL HTTP/2kvhdd.com/3d2937201b5e8815339d007a969c7bca.gif IP64.32.13.142:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3d2937201b5e8815339d007a969c7bca.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| dimg04.c-ctrip.com/images/01003120009thg27w15E2.gif | 104.110.17.24 | 200 OK | 56 kB |
URL HTTP/2dimg04.c-ctrip.com/images/01003120009thg27w15E2.gif IP104.110.17.24:0
File typeGIF image data, version 89a, 760 x 70\012- data Hash1a6428da25ae1a7827cd1c5bba54ef18 45e13e8fd9547535326ec8f8ebb866dd4bfbeb1a c17b9cc5abf071007c532b8962edcd945d44c24bbb0fe430241991eb4d52d18c
GET /images/01003120009thg27w15E2.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 55980
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7674457
expires: Thu, 23 Feb 2023 10:52:50 GMT
date: Sat, 26 Nov 2022 15:05:13 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| max001.top/145498385d51f6114f01924b07a536b5.gif | 172.67.217.88 | 200 OK | 419 kB |
URL HTTP/2max001.top/145498385d51f6114f01924b07a536b5.gif IP172.67.217.88:0
File typeGIF image data, version 89a, 1000 x 70\012- data Size419 kB (419407 bytes) Hash1ad3a6e666c8887f86803257e9cd8e60 e2de9f10e84ac7bed0888a6c413f828cd821e363 d7ea8e56a04ae30d7b34c85f2251d385895e999f5f03ecfb03a9a98b4c6f3c92
GET /145498385d51f6114f01924b07a536b5.gif HTTP/1.1
Host: max001.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 419407
last-modified: Tue, 16 Aug 2022 11:20:14 GMT
etag: "62fb7d6e-6664f"
expires: Sun, 25 Dec 2022 15:09:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 86126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Gly72drXb4oL04Q6q7%2BIOa6UvMx9eVFamYUqbTmTLi4s8uyt2FCrrnOi6%2FHtu%2F7scOlv7hLJ7nE%2BX6d8NPOmeuZolFqP7vViKuTKBReXch97DbMarWPIbWSZhdG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770385645c76b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dimg04.c-ctrip.com/images/0106d120009xynp2h4C59.gif?proc=autoorient | 104.110.17.24 | 200 OK | 61 kB |
URL HTTP/2dimg04.c-ctrip.com/images/0106d120009xynp2h4C59.gif?proc=autoorient IP104.110.17.24:0
File typeGIF image data, version 89a, 960 x 80\012- data Hash71d3b226da95d5a5abb3f063324964be 9c72ed2e2e083a71d179f3a5b1d759e898f40d58 565a28ff220536add488d456ca85c28c58b1bd8dc8fe0d359b31a482c6072d31
GET /images/0106d120009xynp2h4C59.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 61146
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=8951894
expires: Fri, 10 Mar 2023 05:43:27 GMT
date: Sat, 26 Nov 2022 15:05:13 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| dimg04.c-ctrip.com/images/0101h12000a5zplxc0A0D.gif | 104.110.17.24 | 200 OK | 854 kB |
URL HTTP/2dimg04.c-ctrip.com/images/0101h12000a5zplxc0A0D.gif IP104.110.17.24:0
File typeGIF image data, version 89a, 960 x 60\012- data Size854 kB (853944 bytes) Hashd79a778e368adfa2f53d664e82abde9e 7dadfb41956752ef565c1abff3503165b425d37d 0935a89bc9ea17037cebcba4feb1cd87fca775504e2b4f5e2c61b4c79dd2ce15
GET /images/0101h12000a5zplxc0A0D.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 853944
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7674501
expires: Thu, 23 Feb 2023 10:53:34 GMT
date: Sat, 26 Nov 2022 15:05:13 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif | 64.32.13.142 | 301 Moved Permanently | 162 B |
URL HTTP/2kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif IP64.32.13.142:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: text/html
content-length: 162
location: https://max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| dimg04.c-ctrip.com/images/0102y12000a3kjdfv5BC0.gif | 104.110.17.24 | 200 OK | 647 kB |
URL HTTP/2dimg04.c-ctrip.com/images/0102y12000a3kjdfv5BC0.gif IP104.110.17.24:0
File typeGIF image data, version 89a, 960 x 80\012- data Size647 kB (646750 bytes) Hash72371f5b3f1ea1f932ea3882fd5aa02d b07f955239aaace3a248b70e6137fc91e31bfe7c f451864300cba47430ddb92cc3f6a9a6602ffacf2c52da2384cce41cb8927912
GET /images/0102y12000a3kjdfv5BC0.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 646750
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7674478
expires: Thu, 23 Feb 2023 10:53:11 GMT
date: Sat, 26 Nov 2022 15:05:13 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| dimg04.c-ctrip.com/images/01025120009xlxvcj935B.gif | 104.110.17.24 | 200 OK | 487 kB |
URL HTTP/2dimg04.c-ctrip.com/images/01025120009xlxvcj935B.gif IP104.110.17.24:0
File typeGIF image data, version 89a, 960 x 80\012- data Size487 kB (486900 bytes) Hash74d02513f3773d3b94765a1315157565 eccace184c4c8b0680d980d3be10d7eb0d1a2e93 37e407b33f89d82ed1e2e38a122150d522e16948daf9d2ba1ab40319dbb2912c
GET /images/01025120009xlxvcj935B.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 486900
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7674500
expires: Thu, 23 Feb 2023 10:53:33 GMT
date: Sat, 26 Nov 2022 15:05:13 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash6887df8c97b617b6044ec88cedbe2135 af308a462dbaf798c530e23c9f313451f452d84d ec10bb9a9e0d9dc84937e32a90e5eb04cf6f1ddcab1fa057b10b7089e30d58af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Etag: "6381530e-116"
Server: ECS (amb/6B93)
Content-Length: 278
|
|
| ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc | 142.250.74.35 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc IP142.250.74.35:0
Hash4307acedd4979da9f032c085bcadd3e3 454bfa04ae72274e84b2139fde8b0346a73afcaa 54a87e5038e39b088baea946072fd465dc955259c6e0eddb1a85b448f1e02989
POST /s/gts1p5/L_p3X2a3qXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb1447a8b35d4f0df8742a6eaef1111ae c0cf3e939ec742ed764b13824539db3e84aba9be 0dfab4caab9fc228cd593e7ed9ed12c4a87642cbb2eb6123622793c009e25c20
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0DFAB4CAAB9FC228CD593E7ED9ED12C4A87642CBB2EB6123622793C009E25C20"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6517
Expires: Sat, 26 Nov 2022 16:53:50 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe87e83d3f1ef60dac0da32fd75660f33 44e9bb6e308c88de2c723bd924e04b54d1c80db7 c2557c68ca8ba5fe723fa02ab3c82083c465c7ccd971e93d33b868a6ebcdf342
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C2557C68CA8BA5FE723FA02AB3C82083C465C7CCD971E93D33B868A6EBCDF342"
Last-Modified: Thu, 24 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Sat, 26 Nov 2022 19:26:41 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif | 104.21.33.100 | 200 OK | 400 kB |
URL HTTP/2acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif IP104.21.33.100:0
File typeGIF image data, version 89a, 960 x 60\012- data Size400 kB (400264 bytes) Hashb722c3905b96f11823e04826aafdd50e 68b63b572a042d40ab210aa313b7ebbc372be5a1 630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Thu, 22 Dec 2022 00:38:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 397627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7pHu56NYhMdYvz3AQd0zioQsWXUIrxdaCtmGbZH4Es0ZVQW%2FUlPIEUvUKmzqfTa25kGBcRucREsADVUutnio0H5i6deYN8efA4aeVoIGO7stXR4v6NU%2BYz0aVlQiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770385656878b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js | 54.230.111.4 | 200 OK | 478 B |
URL HTTP/2s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js IP54.230.111.4:0
File typeASCII text, with very long lines (478), with no line terminators Hash5dd27f8f2b042194c3cdabd62fd80110 c035036a939799d4c29b9c0f7229ae1953d03109 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Sat, 01 Oct 2022 03:33:18 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"5ea522c52117c396"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Tue, 28 Sep 2032 03:33:18 GMT
kcs-via: HIT from w-fc01.lato;MISS from w-sc02.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3RNHYU9mpWrOoXLVqQtfBpUi39sIZb9hubAHnAGG_qNlTOG9dNzBFA==
age: 4879915
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash99e51a6bd6ea64e5341186ea238dd28b ea852f41155d1f974f233cc1c51c81f062b96e67 4ab9ca36496449dc0bc884b392bee3629e76b296a7d911042da2b47aa2e2a3f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4AB9CA36496449DC0BC884B392BEE3629E76B296A7D911042DA2B47AA2E2A3F7"
Last-Modified: Fri, 25 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12936
Expires: Sat, 26 Nov 2022 18:40:49 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| n0622.com/af01a7e6be14422c825639a6e627e2e6.gif | 20.222.165.74 | 200 OK | 80 kB |
URL HTTP/1.1n0622.com/af01a7e6be14422c825639a6e627e2e6.gif IP20.222.165.74:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeGIF image data, version 89a, 900 x 90\012- data Hash99df1a44cf27d618e284221a0c10bd64 9083fb88ae0ed4f6b761a59917e4d6f77ea7cf38 a9d5df8d7177d45eeeabee9b69fca050c3db75daca74e14a6ddb38d5a383a19b
GET /af01a7e6be14422c825639a6e627e2e6.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 16:28:45 GMT
ETag: W/"6379043d-48df7"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 727 B |
IP93.184.220.29:0
Hash91d2c05dcf25e00058c6d9819475b37a a8b1336f319cc3accf3104b900c84258389aef81 daacb3a1012a41f6d76dae0357f19fdb58dc0b5a08169a60534525d59d510a32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3674
Cache-Control: max-age=114668
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Etag: "638139bb-2d7"
Expires: Sun, 27 Nov 2022 22:56:21 GMT
Last-Modified: Fri, 25 Nov 2022 21:55:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 727
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash149b4f0aa975981e1a4d7cf417d3827d b39f59bdaede098a563b69bb7acc68261d0b79c1 549e28f425cb9c2f271015c4617bde6ba6c01fb9dd7434caa55114488631679a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "549E28F425CB9C2F271015C4617BDE6BA6C01FB9DD7434CAA55114488631679A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2282
Expires: Sat, 26 Nov 2022 15:43:15 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashe8402588d93289805ffd63b4cda2e9d7 26e00ba482cf4296d20c9e76b1887c66c001a68e da68dab176e3972fb2c30450261bf083d91430ebdc483fbe692fc16de3c0a565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1549
Cache-Control: max-age=87687
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Etag: "6380d8a3-116"
Expires: Sun, 27 Nov 2022 15:26:40 GMT
Last-Modified: Fri, 25 Nov 2022 15:00:51 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 278
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash53197784996ebfae87b1d4468e513046 a4967f11e8eb3bf0141b38746e0f869a9a0da8d0 40497d3fe25d0fea686899a9a5c978d6e4051cdc7803503ad1701d9c925c4eef
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "40497D3FE25D0FEA686899A9A5C978D6E4051CDC7803503AD1701D9C925C4EEF"
Last-Modified: Sat, 26 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12711
Expires: Sat, 26 Nov 2022 18:37:04 GMT
Date: Sat, 26 Nov 2022 15:05:13 GMT
Connection: keep-alive
|
|
| p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c |  47.246.44.228 | 200 OK | 475 kB |
URL HTTP/2p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c IP47.246.44.228:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
File typeGIF image data, version 89a, 960 x 80\012- data Size475 kB (474754 bytes) Hash187c69beaa798211a2760f0e7944d8cc 645bc6d28abf2cf3756a014fb2fc9075d0f0fe20 50bc3ac7422522639cd47b65d6cb5683ba8f80395087ba0c105e47edb69b81d4
GET /obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 474754
date: Thu, 17 Nov 2022 09:53:03 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:03 GMT
nw-session-id: 202211171753030101750890682AACD1942b4ht02dy
nw-session-trace: 2022-11-17T17:53:03.23957836+08:00 67
x-bdcdn-cache-status: TCP_HIT
x-length: 474754
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:03 GMT
x-tt-logid: 202211171753030101750890682AACD194
via: n150-056-026, cache23.l2de2[0,0,206-0,H], cache23.l2de2[1,0], cache23.l2de2[1,0], cache4.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc02:22:46::67
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0178520ad27bd5d1cf50b17ae5b59e240aa30c95130e560e1e8d0a185386ae24ffb377b40daab87aafd94d72f89d61bd85544593fc41de8fb75c6e06fed521e7c61742629589c4047cac89508c4d043f85587c2fb862e879b70011b77f694a57f7
x-response-lb: image
ali-swift-global-savetime: 1668678783
age: 796330
x-cache: HIT TCP_MEM_HIT dirn:10:1416939761
x-swift-savetime: Thu, 17 Nov 2022 09:54:21 GMT
x-swift-cachetime: 31535922
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916694751139213914e
X-Firefox-Spdy: h2
|
|
| p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e | 47.246.44.228 | 200 OK | 312 kB |
URL HTTP/2p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e IP47.246.44.228:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
File typeGIF image data, version 89a, 960 x 60\012- data Size312 kB (311995 bytes) Hasha78b1d3c4c374bd5a68ee79cd6a32092 78846daf14c2d75e5a82906ac98bdc199928344f 851a82f9cd3832f933509975a4f7a414a5ce9333af9865f8b383bd1851d7b816
GET /obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 311995
date: Sun, 20 Nov 2022 13:54:00 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 20 Nov 2022 06:36:31 GMT
nw-session-id: 202211201436310101381722022DDD7F9Fb6g8902dy
nw-session-trace: 2022-11-20T14:36:31.726034023+08:00 41
x-bdcdn-cache-status: TCP_HIT
x-length: 311995
x-powered-by: ImageX
x-response-date: Sun, 20 Nov 2022 14:36:31 GMT
x-tt-logid: 202211201436310101381722022DDD7F9F
via: n150-056-031, cache5.l2de2[0,0,206-0,H], cache9.l2de2[0,0], cache9.l2de2[1,0], cache7.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc02:19:491::165
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 016bea2383e942e705ce075fa9455599047b3d504f27e4cd54eb6165bfe97009043fe95aa99333313ffdc40041326a1944337247b80640b95b19e0e11b8290eacf8fc52150b89fdbebbec2858e8ae2c4e95469f952782afc40b4db5bc56f12f996
x-response-lb: image
ali-swift-global-savetime: 1668952441
age: 522672
x-cache: HIT TCP_MEM_HIT dirn:7:202607024
x-swift-savetime: Sun, 20 Nov 2022 14:24:15 GMT
x-swift-cachetime: 31534186
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916694751139443927e
X-Firefox-Spdy: h2
|
|
| p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260 | 47.246.44.228 | 200 OK | 562 kB |
URL HTTP/2p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260 IP47.246.44.228:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
File typeGIF image data, version 89a, 960 x 80\012- data Size562 kB (561802 bytes) Hash6992b4cd488bb4437ec954ab09a3fa00 e41fc5970be04ab5801e80ce785ff0832b305793 54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
GET /obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Thu, 17 Nov 2022 09:53:05 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:03 GMT
nw-session-id: 202211171753030101311360521EAF2ADAf5h2j02dy
nw-session-trace: 2022-11-17T17:53:03.607386669+08:00 72
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:03 GMT
x-tt-logid: 202211171753030101311360521EAF2ADA
via: n150-056-037, cache21.l2de2[0,0,206-0,H], cache11.l2de2[2,0], cache11.l2de2[2,0], cache8.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc02:20:487::171
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c183c9ad02fc137ee0bc2538a5ec32e48e06b1ea9b9f7ca52216d0d065f90e22d26f4a0af3d924e6753aa376363f25de93f5a74159eb1fbace21d469a21a004d852c1a4175d95ec3b7c8e5efa3e300b4725cb56ed1f2ca9d2afa60dec78f7555
x-response-lb: image
ali-swift-global-savetime: 1668678785
age: 796328
x-cache: HIT TCP_MEM_HIT dirn:10:1530023021 mlen:0
x-swift-savetime: Thu, 17 Nov 2022 09:54:21 GMT
x-swift-cachetime: 31535924
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916694751139513929e
X-Firefox-Spdy: h2
|
|
| 3p8801.co/11-960x80.gif | 142.0.131.26 | 200 OK | 312 kB |
IP142.0.131.26:0
File typeGIF image data, version 89a, 960 x 80\012- data Size312 kB (312168 bytes) Hash9d0e7356fff9dde88bf887c2f4525664 42556af8ed388e47eb898711485df393aeaa7ca6 53d0fb42ef9a1f70d6434ad60a01fda4ef840514d285445bbf3be41c823c0177
GET /11-960x80.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 312168
last-modified: Sat, 19 Nov 2022 11:23:08 GMT
etag: "6378bc9c-4c368"
expires: Mon, 26 Dec 2022 15:05:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif | 104.21.25.32 | 200 OK | 864 kB |
URL HTTP/2max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif IP104.21.25.32:0
File typeGIF image data, version 89a, 960 x 60\012- data Size864 kB (864004 bytes) Hashd2c820747a9b9b8c3abaab0775436ab7 99651afd10bd3874fb84d7973845482cd2c81f23 8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: max004.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Mon, 26 Dec 2022 12:02:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 10947
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yu206owQ4GZxJzCNpR13D0zoS3q%2Bxg1AHrjHWZoytedrJ5tW7khDQIwO5LItOzQUOK2ityOu320OPTENuNd4Z77MFQj%2BXqdZT5MGt34pQF3DcsjdftZwrK%2FtQDGb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770385666c65b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kvhxxx.top/47fc3dfa6dab926d04bc8c0e76b89995.gif | 104.21.235.31 | 200 OK | 65 kB |
URL HTTP/2kvhxxx.top/47fc3dfa6dab926d04bc8c0e76b89995.gif IP104.21.235.31:0
File typeGIF image data, version 89a, 960 x 60\012- data Hash514c48163ce5b65fb6bf16d8578b478b 6c21c2f7fd18259458573225fbfdf80cd27b6bac 045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvhxxx.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 23:12:50 GMT
etag: "637c05f2-ff86"
expires: Mon, 26 Dec 2022 07:40:43 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 26670
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xn%2B7ke8KPd4IM6RftyTTb9CF4DIHJnppnBuefRsUJc%2BEo%2BfffIgNuBXlUJyU6gBIysNkjm2PlOO3roOJona5L%2BuU8gUmHc3lb1hyYVe70IBInA66aQEHOEOb%2Frwl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770385665f470639-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashfa1495072a01f23281000c3c6a3985a5 d463988eb026a4fd47efbbe9a45a3282ce7e2b63 8b7345769c6fe5226df2b4a37c0fa823bf2779586543993b858d39877a5a3276
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142290
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:13 GMT
Etag: "6381b3fb-117"
Expires: Mon, 28 Nov 2022 06:36:43 GMT
Last-Modified: Sat, 26 Nov 2022 06:36:43 GMT
Server: nginx
Content-Length: 279
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb1447a8b35d4f0df8742a6eaef1111ae c0cf3e939ec742ed764b13824539db3e84aba9be 0dfab4caab9fc228cd593e7ed9ed12c4a87642cbb2eb6123622793c009e25c20
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0DFAB4CAAB9FC228CD593E7ED9ED12C4A87642CBB2EB6123622793C009E25C20"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6516
Expires: Sat, 26 Nov 2022 16:53:50 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif | 104.21.235.61 | 200 OK | 1.6 MB |
URL HTTP/2kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif IP104.21.235.61:0
File typeGIF image data, version 89a, 960 x 60\012- data Size1.6 MB (1590489 bytes) Hash59648e1a4d52551c26255ff6bc625648 165fbacafad21065e9faa33c5e3752cd463549ad eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sat, 01 Oct 2022 05:56:30 GMT
etag: "6337d68e-1844d9"
expires: Sat, 10 Dec 2022 21:07:23 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1360670
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJ72rVrft4laL0NGGcC73Q3u%2BALeETF9BPH4BL7mUcErdZQiwpSEA6Yv%2FpSNzvOTgRWxQT3sai6AbkMz3AUQo8AitpEjdxvml1V9AM1X%2BnXQRxNk5yL1%2FbyA%2Fw96"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77038565bf607490-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash6887df8c97b617b6044ec88cedbe2135 af308a462dbaf798c530e23c9f313451f452d84d ec10bb9a9e0d9dc84937e32a90e5eb04cf6f1ddcab1fa057b10b7089e30d58af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=117476
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:14 GMT
Etag: "6381530e-116"
Expires: Sun, 27 Nov 2022 23:43:10 GMT
Last-Modified: Fri, 25 Nov 2022 23:43:10 GMT
Server: nginx
Content-Length: 278
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash53197784996ebfae87b1d4468e513046 a4967f11e8eb3bf0141b38746e0f869a9a0da8d0 40497d3fe25d0fea686899a9a5c978d6e4051cdc7803503ad1701d9c925c4eef
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "40497D3FE25D0FEA686899A9A5C978D6E4051CDC7803503AD1701D9C925C4EEF"
Last-Modified: Sat, 26 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12710
Expires: Sat, 26 Nov 2022 18:37:04 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash149b4f0aa975981e1a4d7cf417d3827d b39f59bdaede098a563b69bb7acc68261d0b79c1 549e28f425cb9c2f271015c4617bde6ba6c01fb9dd7434caa55114488631679a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "549E28F425CB9C2F271015C4617BDE6BA6C01FB9DD7434CAA55114488631679A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2281
Expires: Sat, 26 Nov 2022 15:43:15 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashe8402588d93289805ffd63b4cda2e9d7 26e00ba482cf4296d20c9e76b1887c66c001a68e da68dab176e3972fb2c30450261bf083d91430ebdc483fbe692fc16de3c0a565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4314
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:14 GMT
Etag: "6380d8a3-116"
Last-Modified: Sat, 26 Nov 2022 13:53:20 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 278
|
|
| kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif | 104.21.233.168 | 200 OK | 631 kB |
URL HTTP/2kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif IP104.21.233.168:0
File typeGIF image data, version 89a, 960 x 80\012- data Size631 kB (631088 bytes) Hash64fbc8087436743e9e2a7d252b9d261c 5ad442d4dda6ee04f4029fb0ada6249689bd7ff3 4a06886a49926cf2a0467794987e296de19189a1b3e6d2add0fd93be42d07e2f
GET /3d2937201b5e8815339d007a969c7bca.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 631088
last-modified: Mon, 03 Oct 2022 14:32:48 GMT
etag: "633af290-9a130"
expires: Sun, 18 Dec 2022 02:16:35 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 737318
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9ezknlh0o4CvadNC7hicPmvgLzRT30fZruYg0u7vO4i4iSJ8ACE9cPrQ1AXi7bOCYcIoqOE6MSqD62d7ptMPyx12jNuGECQgbrWjTG4c3LoXj18%2FNUNkdsZxG5k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770385665f188926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 223969ufy.com/3f0caff920384531a90d6fa6548f7768.gif | 45.61.212.217 | 200 OK | 452 kB |
URL HTTP/1.1223969ufy.com/3f0caff920384531a90d6fa6548f7768.gif IP45.61.212.217:0
File typeGIF image data, version 89a, 960 x 80\012- data Size452 kB (452273 bytes) Hashdf16374d7e4ccf1c7ff3814012167dad bf7f89f135684b9182f4dc5bd4dd296060427eef 670f99c726a10b701a44db00b29b694b79a4461185e623e3e8b5f766d287a54f
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /3f0caff920384531a90d6fa6548f7768.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6364f6e3-6e6b1"
Date: Sat, 19 Nov 2022 17:10:25 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 04 Nov 2022 11:26:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-17
Content-Length: 452273
|
|
| kvhqqq.top/4f5ca562874d2b77c6c37263e48db5c6.gif | 104.21.235.197 | 200 OK | 845 kB |
URL HTTP/2kvhqqq.top/4f5ca562874d2b77c6c37263e48db5c6.gif IP104.21.235.197:0
File typeGIF image data, version 89a, 960 x 60\012- data Size845 kB (845326 bytes) Hashc3e13dfb200737af2e68b42c07f28465 4d8262aecd8d789494afca5d63b5dd50600870dc 3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: kvhqqq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99xing.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: image/gif
content-length: 845326
last-modified: Sat, 01 Oct 2022 05:25:56 GMT
etag: "6337cf64-ce60e"
expires: Thu, 22 Dec 2022 23:48:42 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 314192
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DB9LtaFc6rEav3nzuh5alcccq%2F%2FTs%2BaE5xg%2F4KZkvYlw4MmZGZKsAc4Pt4Gy%2FzeNxQBkwU4Gm3liByBLpzeORV1bs6jm%2BsKafZ0XT0VjjOCM4%2F7jo4ip65I8acQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77038567be6d74e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc5061314bcbcc7bc7d9bba1acdd0b33f fb1e2650997ff270a06d30b3d0859d22ae4f91a5 e64328c26342bd5c955f5d71340e63d1c521eca38107290d7453f44e6c2be73e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64328C26342BD5C955F5D71340E63D1C521ECA38107290D7453F44E6C2BE73E"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3344
Expires: Sat, 26 Nov 2022 16:00:58 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc5061314bcbcc7bc7d9bba1acdd0b33f fb1e2650997ff270a06d30b3d0859d22ae4f91a5 e64328c26342bd5c955f5d71340e63d1c521eca38107290d7453f44e6c2be73e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64328C26342BD5C955F5D71340E63D1C521ECA38107290D7453F44E6C2BE73E"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3344
Expires: Sat, 26 Nov 2022 16:00:58 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc5061314bcbcc7bc7d9bba1acdd0b33f fb1e2650997ff270a06d30b3d0859d22ae4f91a5 e64328c26342bd5c955f5d71340e63d1c521eca38107290d7453f44e6c2be73e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64328C26342BD5C955F5D71340E63D1C521ECA38107290D7453F44E6C2BE73E"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3344
Expires: Sat, 26 Nov 2022 16:00:58 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| n0611.com/b5d740a03c0f480ba5e5338f65d74679.gif |  52.140.202.5 | 200 OK | 101 kB |
URL HTTP/1.1n0611.com/b5d740a03c0f480ba5e5338f65d74679.gif IP52.140.202.5:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeGIF image data, version 89a, 900 x 90\012- data Size101 kB (101366 bytes) Hash5d54824cef41b8a719a4289b7cf5d159 5ecaeea65581483c8f1164594caf625d31e6fdb0 b4a94593f6a48fd7e2dd2b7112e9e94813d1fdd665e5ec1a0e8c0caa526f2343
GET /b5d740a03c0f480ba5e5338f65d74679.gif HTTP/1.1
Host: n0611.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 03 Nov 2022 11:05:47 GMT
ETag: W/"6363a08b-73f79"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
|
|
| 278838mcu.com/cfc4342a0af24f079fa6b7559446feb8.gif |  103.170.15.92 | 200 OK | 202 kB |
URL HTTP/1.1278838mcu.com/cfc4342a0af24f079fa6b7559446feb8.gif IP103.170.15.92:0 ASN#7483 Skycloud Computing co., Ltd.
File typeGIF image data, version 89a, 960 x 80\012- data Size202 kB (202119 bytes) Hash99973a5086ec9ecad6079e54ba989005 eb73602a0dee641759a7ba5849d4e81462f55ff6 e1323eee354085d9a0d259948945ffe484371a118941e98a99a2cfbf54e93e41
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /cfc4342a0af24f079fa6b7559446feb8.gif HTTP/1.1
Host: 278838mcu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637470e4-31587"
Date: Wed, 23 Nov 2022 13:51:54 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 16 Nov 2022 05:11:00 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Length: 202119
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashfa1495072a01f23281000c3c6a3985a5 d463988eb026a4fd47efbbe9a45a3282ce7e2b63 8b7345769c6fe5226df2b4a37c0fa823bf2779586543993b858d39877a5a3276
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142289
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:05:14 GMT
Etag: "6381b3fb-117"
Expires: Mon, 28 Nov 2022 06:36:43 GMT
Last-Modified: Sat, 26 Nov 2022 06:36:43 GMT
Server: nginx
Content-Length: 279
|
|
| dimg04.c-ctrip.com/images/0101m12000a76l1f3D0DA.gif | 104.110.17.24 | 200 OK | 329 kB |
URL HTTP/2dimg04.c-ctrip.com/images/0101m12000a76l1f3D0DA.gif IP104.110.17.24:0
File typeGIF image data, version 89a, 720 x 200\012- data Size329 kB (328709 bytes) Hash4515e2d8856f87796d65b1a0121cb348 c602f63aed7e4666232430630c64e2b6f702fd65 0ea3a2ad0ab242e47321d27fc2639f6ae658e9821461b9af3b45bdfa1a572781
GET /images/0101m12000a76l1f3D0DA.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 328709
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7691117
expires: Thu, 23 Feb 2023 15:30:31 GMT
date: Sat, 26 Nov 2022 15:05:14 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 91av4.top/videos/bd32bdf0475804def56ee2338c116642/cover/5_505_259?u_c_i_t=1 | 172.64.134.22 | 200 OK | 26 kB |
URL HTTP/291av4.top/videos/bd32bdf0475804def56ee2338c116642/cover/5_505_259?u_c_i_t=1 IP172.64.134.22:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 505x259, components 3\012- data Hashed218d2d1f9fb2e3a760ab088dde887c bc6611278b267a07d3a7fd8e8207bc7ee70aea36 90fede3ea28b2df27d1c6944f718deca8a3084f8ed396ecca622027c26aa3f1e
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /videos/bd32bdf0475804def56ee2338c116642/cover/5_505_259?u_c_i_t=1 HTTP/1.1
Host: 91av4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: image/jpg
content-length: 25665
tfc: l
access-control-allow-headers: Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, X-Requested-By, If-Modified-Since, X-File-Name, Cache-Control
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-credentials: True
v-cache: py
etag: "bc6611278b267a07d3a7fd8e8207bc7ee70aea36"
expires: Wed, 25 Jan 2023 14:15:23 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
t-cache: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mdrj3UNSoR3AWTEcJveUHTgp%2FOGbelWzb%2BG6FW1GRLmANj9iGLWmWaE4r%2F3poL9rzrG0BiYTcK6gu5ZCqCkhANPzZu%2FG9RJqXGctSQrmHd3tQY4RpMUgv3BK1UU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77038569497275a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha6dc24e086c3c2c17d227c07f3f0dc06 c5a50719a273b4c92892c8f1a4d8919a73df156f 9582a6e464a8da9b43127fb1a6d10e7aaa956bf17c48c2ccdc90a0a0320dcc7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9582A6E464A8DA9B43127FB1A6D10E7AAA956BF17C48C2CCDC90A0A0320DCC7C"
Last-Modified: Fri, 25 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 21:05:14 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| ocsp.globalsign.com/gsrsaovsslca2018 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp.globalsign.com/gsrsaovsslca2018 IP104.18.21.226:0
Hash04c3a43b6c4d52e99dad07e6fce44697 e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03 a7d6523eec8617d19acea316df8e58db7071823108bf7cc553da72396d7d2042
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 30 Nov 2022 12:15:18 GMT
ETag: "e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03"
Last-Modified: Sat, 26 Nov 2022 12:15:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2123
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7703856a1aa1b4ed-OSL
|
|
| 91av4.top/videos/51975f02843d35f02aac7b4a24e08677/preview.mp4 | 172.64.134.22 | 206 Partial Content | 330 kB |
URL HTTP/291av4.top/videos/51975f02843d35f02aac7b4a24e08677/preview.mp4 IP172.64.134.22:0
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size330 kB (330088 bytes) Hasha6aa3260cb0f0d41248c663b5c3827d3 7cc5ac71dfa257816e29cf06ae1cdc3060da0430 c2bbedaa754161dee98204e8aca07119fc2a1c5b09e817bf5df78f20faffe010
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /videos/51975f02843d35f02aac7b4a24e08677/preview.mp4 HTTP/1.1
Host: 91av4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: video/mp4
content-length: 330088
tfc: l
last-modified: Mon, 01 Aug 2022 07:18:51 GMT
etag: "62e77e5b-50968"
expires: Mon, 23 Jan 2023 04:44:38 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-origin: *
t-cache: MISS
cf-cache-status: HIT
content-range: bytes 0-330087/330088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0soi0aZ%2BLBv%2BOpyKLE2zJH15kEDI9E9STlMGnyz8PceXj6yW3dDdEWqk9UHvaAWqartZc9yg9g%2FTlfnvNXWTkbxfGkn7WP1pmSZ8hDreoXFv2hJwmWPYIqENDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77038569497375a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha6dc24e086c3c2c17d227c07f3f0dc06 c5a50719a273b4c92892c8f1a4d8919a73df156f 9582a6e464a8da9b43127fb1a6d10e7aaa956bf17c48c2ccdc90a0a0320dcc7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9582A6E464A8DA9B43127FB1A6D10E7AAA956BF17C48C2CCDC90A0A0320DCC7C"
Last-Modified: Fri, 25 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 21:05:14 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe4187a43946d8ea5337bb1347757b7a6 05dd65dd513f85c93974052ac7fa227aaf250fe4 495169482368a285ec3b8581b00365be1dd6c011d0278437bc55be18a6231adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "495169482368A285EC3B8581B00365BE1DD6C011D0278437BC55BE18A6231ADF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7222
Expires: Sat, 26 Nov 2022 17:05:36 GMT
Date: Sat, 26 Nov 2022 15:05:14 GMT
Connection: keep-alive
|
|
| 91av4.top/videos/bd32bdf0475804def56ee2338c116642/preview.mp4 | 172.64.134.22 | 206 Partial Content | 456 kB |
URL HTTP/291av4.top/videos/bd32bdf0475804def56ee2338c116642/preview.mp4 IP172.64.134.22:0
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size456 kB (456307 bytes) Hash685cd4d55015982bd6bfc78c1255015b 03ddd6ad76c343f663a0c6e238f280fdc241ddcd daac24a7046cb10c23c4622f6c7ff9e4617d825d1f681a8ee7aa157d0e71505b
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /videos/bd32bdf0475804def56ee2338c116642/preview.mp4 HTTP/1.1
Host: 91av4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: video/mp4
content-length: 456307
tfc: l
last-modified: Sat, 26 Nov 2022 13:43:07 GMT
etag: "638217eb-6f673"
expires: Wed, 25 Jan 2023 14:36:53 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-origin: *
t-cache: MISS
cf-cache-status: HIT
content-range: bytes 0-456306/456307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwTpy9zERVnx3BEreCvj15mDofteLEscOupLjm7%2BoDa9fZh%2BGjh%2BZWL%2F3NE9UN6lTdYjyskaYV0sKzM07znPOr9LkoMc%2FofK80EkEIFT58MUXkDGhh0CcoTk%2B8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77038569395d75a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s10.histats.com/js15_as.js |  46.105.201.240 | 200 OK | 4.7 kB |
URL HTTP/2s10.histats.com/js15_as.js IP46.105.201.240:0
File typeHTML document text\012- HTML document, ASCII text Hash75f10430ff86a00dbc5597365587b44e e8afae9998c375d2e2840a5c9da2e8df2e13adb0 f316f83e7813d4099854e3557bb8446ff867e534e3f124d99c3b419935d07bb1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:00:47 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 279281783
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
|
|
| n0622.com/b3f4ec9f2e7e43568ce7e4a83380bfbf.gif | 20.222.165.74 | 200 OK | 182 kB |
URL HTTP/1.1n0622.com/b3f4ec9f2e7e43568ce7e4a83380bfbf.gif IP20.222.165.74:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeGIF image data, version 89a, 900 x 90\012- data Size182 kB (182070 bytes) Hash995400c9715bce6e284a1537d89682fc 61bbb8f7b15c1095e9e02e28fb8585f19fe8ed6a e9f4b89fcf20519446ed01f0382f3baa0ee783513f44e2efcfb1f61b2708a7b0
GET /b3f4ec9f2e7e43568ce7e4a83380bfbf.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 13 Nov 2022 13:48:00 GMT
ETag: W/"6370f590-5305b"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
|
|
| ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif |  47.110.23.69 | 200 OK | 432 kB |
URL HTTP/1.1ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif IP47.110.23.69:0 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
File typeGIF image data, version 89a, 960 x 80\012- data Size432 kB (432195 bytes) Hash66560dc1fbaeb67885a45dd7dc5831e1 38584ed6146b3cd7f220a7cf5db732f462cf1474 5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: image/gif
Content-Length: 432195
Connection: keep-alive
x-oss-request-id: 63822B293849223332FF2A1B
Accept-Ranges: bytes
ETag: "66560DC1FBAEB67885A45DD7DC5831E1"
Last-Modified: Sun, 06 Nov 2022 07:48:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15586424114477953781
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q==
x-oss-server-time: 2
|
|
| s4.histats.com/stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669475114669&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F99xing.cc%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:-168880493&@b3:1669475115&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F99xing.cc%2Fanyalytics%3Fv%3D_7fd01068e37&@w |  192.99.8.28 | 200 OK | 55 B |
URL HTTP/1.1s4.histats.com/stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669475114669&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F99xing.cc%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:-168880493&@b3:1669475115&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F99xing.cc%2Fanyalytics%3Fv%3D_7fd01068e37&@w IP192.99.8.28:0
File typeASCII text, with no line terminators Hashf42c5fcc7b122173c56eb80fd460e4ee c527814d5c74a355b2280ec08fdadb8dfafcd38b 0046f3099f876ac301e1db193e22e48f45aef817bdd117cf95b43fc609b163f7
GET /stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669475114669&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F99xing.cc%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:-168880493&@b3:1669475115&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F99xing.cc%2Fanyalytics%3Fv%3D_7fd01068e37&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:15 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 55
Connection: close
|
|
| 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif | 120.77.166.19 | 200 OK | 264 kB |
URL HTTP/1.1768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif IP120.77.166.19:0 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
File typeGIF image data, version 89a, 960 x 80\012- data Size264 kB (264494 bytes) Hash672b95e7b6ab24b5606b8287db85dbb4 98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112 4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63822B29D0DEFE39384A1B2F
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
|
|
| s10.histats.com/counters/cc_100.js | 46.105.201.240 | 200 OK | 7.7 kB |
URL HTTP/2s10.histats.com/counters/cc_100.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (19234), with no line terminators Hasheb2e335634e1d042469dc377a3989ff9 bfd517c0fb7e6fa042d4f6bd8b62655371d567ec 9045a6bdc5e51706e78bb09c79ae593f9d03142090e6931ff3e17a093dac89e9
GET /counters/cc_100.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 14:57:21 GMT
etag: "1473736416"
last-modified: Thu, 16 Apr 2020 10:44:22 GMT
x-request-id: 955289024
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7662
X-Firefox-Spdy: h2
|
|
| kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif | 182.140.218.3 | 200 OK | 1.3 MB |
URL HTTP/2kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif IP182.140.218.3:0 ASN#38283 CHINANET SiChuan Telecom Internet Data Center
File typeGIF image data, version 89a, 960 x 60\012- data Size1.3 MB (1296026 bytes) Hash5f356028e5e94176f56a75568e49ae20 3796c4c950687811a1d1f80fd9e31e718bda0f85 c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 1296026
cache-control: max-age=315360000
expires: Tue, 23 Nov 2032 04:51:18 GMT
last-modified: Sat, 26 Nov 2022 04:47:38 GMT
age: 36835
via: http/1.1 ORI-CLOUD-HUN-MIX-30 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-27 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669438278501-0-0-14-62-62;200;200-1669452338279-0-0-0-1-1;200-1669475113485-0-0-0-8-8
X-Firefox-Spdy: h2
|
|
| ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/sxpj96080d.gif | 47.110.23.69 | 200 OK | 451 kB |
URL HTTP/1.1ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/sxpj96080d.gif IP47.110.23.69:0 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
File typeGIF image data, version 89a, 960 x 80\012- data Size451 kB (450794 bytes) Hash4172d77293e54a5ddf4a87f1778cb155 1964277992ae541de680ddf9436984356e6b6e5a 3d4b31364c5f8aaabe6645955b134d5df4c75e98e73ac1707c6b7c51c5b21949
GET /xpj/sxpj96080d.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: image/gif
Content-Length: 450794
Connection: keep-alive
x-oss-request-id: 63822B295C00693933100477
Accept-Ranges: bytes
ETag: "4172D77293E54A5DDF4A87F1778CB155"
Last-Modified: Thu, 17 Nov 2022 05:41:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8061095176570556502
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: QXLXcpPlSl3fSofxd4yxVQ==
x-oss-server-time: 3
|
|
| sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif | 120.77.166.72 | 200 OK | 339 kB |
URL HTTP/1.1sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif IP120.77.166.72:0 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
File typeGIF image data, version 89a, 960 x 80\012- data Size339 kB (339049 bytes) Hash120f3a01e40b1e58017422e07a358e7b 201b8030f1dc57e1c5f503ab15459990f49c0850 f834cdc6d3baa837bcd3cb5dd42ddafbb903ccc07022dcca2822b451c6a0f7a1
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: image/gif
Content-Length: 339049
Connection: keep-alive
x-oss-request-id: 63822B29703D5E343397B26A
Accept-Ranges: bytes
ETag: "120F3A01E40B1E58017422E07A358E7B"
Last-Modified: Sun, 20 Nov 2022 08:09:52 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11820530545471216528
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Eg86AeQLHlgBdCLgejWOew==
x-oss-server-time: 1
|
|
| sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x80-6.gif | 120.77.166.72 | 200 OK | 562 kB |
URL HTTP/1.1sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x80-6.gif IP120.77.166.72:0 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
File typeGIF image data, version 89a, 960 x 80\012- data Size562 kB (562130 bytes) Hash8beed805ef37d0fa42646c105c8aadd8 48ce0717f037a6fb1f489ff1da3537a00ff0f47b 9df49f47b95763d2234554adf562f5a0ba5eb3910a9f7f01a5d90e5f425eccce
GET /af/q960x80-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 26 Nov 2022 15:05:13 GMT
Content-Type: image/gif
Content-Length: 562130
Connection: keep-alive
x-oss-request-id: 63822B29C1979839364AEC0E
Accept-Ranges: bytes
ETag: "8BEED805EF37D0FA42646C105C8AADD8"
Last-Modified: Tue, 27 Sep 2022 07:43:47 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15479893720264865523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i+7YBe830PpCZGwQXIqt2A==
x-oss-server-time: 1
|
|
| sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif |  47.75.19.45 | 200 OK | 251 kB |
URL HTTP/1.1sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif IP47.75.19.45:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeGIF image data, version 89a, 960 x 80\012- data Size251 kB (250863 bytes) Hash146302635db0d447d3779d91b77d8389 281b62ad456eee28791ca926602b14ac6e84d9d7 efd5d5f699b6633ef18e5bb91fe5fd45604d6648f7249bfb1b5a29acc7b9f9b2
GET /3658-365-960x80.gif HTTP/1.1
Host: sezantp.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 26 Nov 2022 15:05:14 GMT
Content-Type: image/gif
Content-Length: 250863
Connection: keep-alive
x-oss-request-id: 63822B2A7E084E37317ABFDA
Accept-Ranges: bytes
ETag: "146302635DB0D447D3779D91B77D8389"
Last-Modified: Fri, 18 Nov 2022 08:30:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3277067101677540170
x-oss-storage-class: Standard
Content-MD5: FGMCY12w1EfTd52Rt32DiQ==
x-oss-server-time: 1
|
|
| p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINQVjyAsibg8licwbkKcqqaSdelXjFX2upYDw/0 | 43.129.255.47 | 200 OK | 263 kB |
URL HTTP/2p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINQVjyAsibg8licwbkKcqqaSdelXjFX2upYDw/0 IP43.129.255.47:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
File typeGIF image data, version 89a, 960 x 80\012- data Size263 kB (263120 bytes) Hash9dace3256b07181fcc7441db25b3dc5b 9fdbf9a11ae083e0e0670c00b31e19a63d0a7117 c3699825cb8490d6d3aa936b4af0594f7b8ca6e99c8e1c6cd21f70cfd80f6bee
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINQVjyAsibg8licwbkKcqqaSdelXjFX2upYDw/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 263120
vary: Accept,Origin
last-modified: Thu, 24 Nov 2022 11:40:45 GMT
cache-control: max-age=2592000
x-delay: 145 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 263120
chid: 0
fid: 0
x-nws-log-uuid: c060b42e-622a-430a-ad8b-e41931d03be6
X-Firefox-Spdy: h2
|
|
| p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0 | 43.129.255.47 | 200 OK | 324 kB |
URL HTTP/2p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0 IP43.129.255.47:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
File typeGIF image data, version 89a, 960 x 80\012- data Size324 kB (323595 bytes) Hash2f8505fde97df017104d6c717f9e29a8 445dbf8879db328bffb9a7ad5771822dd4feb7cd 5170585cb0deb93db41c8db1ad34d06831feaaa4a6941dfeba14090c51870518
GET /qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 323595
vary: Accept,Origin
last-modified: Sun, 09 Oct 2022 12:53:00 GMT
cache-control: max-age=2592000
x-delay: 185 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 323595
chid: 0
fid: 0
x-nws-log-uuid: 8268a46c-60ba-4b2e-8272-6d0611311bd3
X-Firefox-Spdy: h2
|
|
| kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif | 182.140.218.3 | 200 OK | 1.0 MB |
URL HTTP/2kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif IP182.140.218.3:0 ASN#38283 CHINANET SiChuan Telecom Internet Data Center
File typeGIF image data, version 89a, 960 x 60\012- data Size1.0 MB (1021535 bytes) Hash3ee27568f25223c8d290eb4003e1916f 78a1cc6c8e4bca6cb26f7f2ae899ad5bc5154b7d 9d019eccd2bc0f713cab4e42e37f9f3d8fbb022526850ea87248a09bd1c215a4
GET /ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 1021535
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:51:41 GMT
last-modified: Fri, 25 Nov 2022 14:36:11 GMT
age: 87213
via: http/1.1 ORI-CLOUD-HUN-MIX-25 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-27 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387901977-0-0-0-12-12;200;200-1669467423366-0-0-0-1-1;200-1669475113494-0-0-0-1-1
X-Firefox-Spdy: h2
|
|
| kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif | 182.140.218.3 | 200 OK | 689 kB |
URL HTTP/2kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif IP182.140.218.3:0 ASN#38283 CHINANET SiChuan Telecom Internet Data Center
File typeGIF image data, version 89a, 960 x 60\012- data Size689 kB (688878 bytes) Hash38adb06da8d7db34d62dfc1760cda2dd 862c5ecedd5add094b8dfb22c3087b09493a312a 89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
content-length: 688878
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:51:35 GMT
last-modified: Fri, 25 Nov 2022 14:41:35 GMT
age: 87218
via: http/1.1 ORI-CLOUD-HUN-MIX-21 (jcs [cHs f ]), http/1.1 SCchengdu-CT-11-MIX-27 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387895392-0-0-20-62-62;200;200-1669442108435-0-0-0-3-3;200-1669475113685-0-0-0-1-1
X-Firefox-Spdy: h2
|
|
| vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif | 47.75.19.163 | 200 OK | 532 kB |
URL HTTP/1.1vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif IP47.75.19.163:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeGIF image data, version 89a, 960 x 80\012- data Size532 kB (531945 bytes) Hash904c4f51a02c9f03f27ac2593d4c061e faa7b399e3dc1e36e450636f0fafcaaca901f59e 107d811d56db4017059b2c99a4829faa9e20ce7fa395b3182bdb456ff93fbee6
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 26 Nov 2022 15:05:14 GMT
Content-Type: image/gif
Content-Length: 531945
Connection: keep-alive
x-oss-request-id: 63822B2A4C8B373039D5810D
Accept-Ranges: bytes
ETag: "904C4F51A02C9F03F27AC2593D4C061E"
Last-Modified: Sun, 20 Nov 2022 05:06:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9035815038154931791
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgIC4ltzNpBgiIDdlODc5YmI4ZDVjNjQ3ZDk5OTI1NWRlZmIwMjk2Zjc5
Content-MD5: kExPUaAsnwPyesJZPUwGHg==
x-oss-server-time: 1
|
|
| s.360.cn/so/zz.gif?url=https%3A%2F%2F99xing.cc%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1c8c2.bg3nfi2x89592/5/f:2sdpbt | 171.8.167.90 | 200 OK | 0 B |
URL HTTP/1.1s.360.cn/so/zz.gif?url=https%3A%2F%2F99xing.cc%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1c8c2.bg3nfi2x89592/5/f:2sdpbt IP171.8.167.90:0 ASN#137687 Luoyang, Henan Province, P.R.China.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=https%3A%2F%2F99xing.cc%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1c8c2.bg3nfi2x89592/5/f:2sdpbt HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 26 Nov 2022 15:05:15 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Tue, 23 Jul 2019 07:36:18 GMT
Connection: keep-alive
ETag: "5d36b8f2-0"
Accept-Ranges: bytes
|
|
| p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0 | 43.129.255.47 | 200 OK | 1.4 MB |
URL HTTP/2p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0 IP43.129.255.47:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
File typeGIF image data, version 89a, 960 x 80\012- data Size1.4 MB (1360388 bytes) Hash0ae6a6608409a84a0989e5f9d9513482 9ad09095cb4fc3ac1c6c969e96e05f5625b807e5 15c7308a0e529c41f4ff4f9bbc9ff24c9d7f9a23a774e9f5b46ad2bd48dd928f
GET /qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: image/gif
content-length: 1360388
vary: Accept,Origin
last-modified: Wed, 09 Nov 2022 13:41:49 GMT
cache-control: max-age=2592000
x-delay: 644 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1360388
chid: 0
fid: 0
x-nws-log-uuid: c14ba620-0fd9-4855-b2ef-529eca26df4b
X-Firefox-Spdy: h2
|
|
| ocsp.crlocsp.cn/ | 101.198.193.5 | 200 OK | 472 B |
IP101.198.193.5:0 ASN#55992 Beijing Qihu Technology Company Limited
Hashbb5fc8034777824f07e980d8442be708 bd0f6f2dfcaf0adae5ad8f1b1c7b6a7a9630ade4 890f035dd8196ed6a5cd53c1345eb851c62b9ac668898ff913de160f9328ccf8
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Sat, 26 Nov 2022 15:03:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Thu, 24 Nov 2022 03:16:09 GMT
Expires: Thu, 01 Dec 2022 03:16:08 GMT
ETag: "BD0F6F2DFCAF0ADAE5AD8F1B1C7B6A7A9630ADE4"
cache-control: max-age=172800,public,no-transform,must-revalidate
|
|
| sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://99xing.cc/ | 103.235.46.40 | 200 OK | 0 B |
URL HTTP/1.1sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://99xing.cc/ IP103.235.46.40:0 ASN#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://99xing.cc/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 26 Nov 2022 15:05:16 GMT
|
|
| s4.histats.com/stats/4205938.php?4205938&@f16&@g1&@h1&@i1&@j1669475116398&@k0&@l1&@m%E6%88%90%E4%BA%BA%E9%AB%98%E6%B8%85%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7AV%2C%E6%AC%A7%E7%BE%8EAV%20-%2099%E6%9D%8F&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:-1503951&@b3:1669475116&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F99xing.cc%2F&@w | 192.99.8.28 | 200 OK | 47 B |
URL HTTP/1.1s4.histats.com/stats/4205938.php?4205938&@f16&@g1&@h1&@i1&@j1669475116398&@k0&@l1&@m%E6%88%90%E4%BA%BA%E9%AB%98%E6%B8%85%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7AV%2C%E6%AC%A7%E7%BE%8EAV%20-%2099%E6%9D%8F&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:-1503951&@b3:1669475116&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F99xing.cc%2F&@w IP192.99.8.28:0
File typeASCII text, with no line terminators Hash06b05ae9614bafae9b0b09cfbeed559e 9b087683529b7b89a117b2d5cbb35a93e7dcbaca a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/4205938.php?4205938&@f16&@g1&@h1&@i1&@j1669475116398&@k0&@l1&@m%E6%88%90%E4%BA%BA%E9%AB%98%E6%B8%85%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7AV%2C%E6%AC%A7%E7%BE%8EAV%20-%2099%E6%9D%8F&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:-1503951&@b3:1669475116&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F99xing.cc%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:05:17 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
|
|
| s10.histats.com/counters/cc_601.js | 46.105.201.240 | 200 OK | 4.3 kB |
URL HTTP/2s10.histats.com/counters/cc_601.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (13013), with no line terminators Hash8880b670a68556228d84476076882af8 b061690737d09c8fdb4278881c5dc3d163238dee 07c39031971616075a9795825d2d52d31984636b393263ab97f672f43e9d2d64
GET /counters/cc_601.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:01:05 GMT
etag: "-433514832"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 220890310
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4289
X-Firefox-Spdy: h2
|
|
| 99xing.cc/ | 104.21.38.106 | 200 OK | 0 B |
IP104.21.38.106:0
GET / HTTP/1.1
Host: 99xing.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:11 GMT
content-type: text/html; charset=UTF-8
cf-ray: 770385506e52b527-OSL
access-control-allow-origin: *
cache-control: public, max-age=172000, stale-if-error=7200
expires: Wed, 25 Jan 2023 15:05:10 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
cache-key: 99xing:_7fd01068e37:/
ghash: _7fd01068e37
ipcountry: NO
t-ray: ws13
w-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZufcdnhel1LIFaQTW6IQ5BPHwzfGf%2FOJhu4uxeH9RawJlT548IAD0G%2Bp4YTw07ptra%2BEXk%2FykB5ukZmfmqWr0b7ic05FGBp5PA9SmNFtgPYcZvnmy3fYg2MWgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.u2267.com/images/635287bc3ce47c907dcb1486.gif | 185.239.226.23 | 302 Found | 0 B |
URL HTTP/2img.u2267.com/images/635287bc3ce47c907dcb1486.gif IP185.239.226.23:0 ASN#134835 Starry Network Limited
GET /images/635287bc3ce47c907dcb1486.gif HTTP/1.1
Host: img.u2267.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260
cache-control: max-age=3600
X-Firefox-Spdy: h2
|
|
| 91av4.top/videos/b5feffb535fd4028fae3b87b15af6063ecb004c6/cover/5_505_259?u_c_i_t=1652896501 | 172.64.134.22 | 200 OK | 0 B |
URL HTTP/291av4.top/videos/b5feffb535fd4028fae3b87b15af6063ecb004c6/cover/5_505_259?u_c_i_t=1652896501 IP172.64.134.22:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /videos/b5feffb535fd4028fae3b87b15af6063ecb004c6/cover/5_505_259?u_c_i_t=1652896501 HTTP/1.1
Host: 91av4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: application/octet-stream
vary: Accept-Encoding, Accept-Encoding
tfc: l
last-modified: Sat, 24 Sep 2022 02:08:20 GMT
etag: W/"632e6694-a824"
expires: Sun, 22 Jan 2023 16:36:28 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-origin: *
t-cache: MISS
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SugJ0BULsMRvp5rrKHlzHrhB96u9KPpJHR9cnHHA3k%2FpTLhtvM8MAs%2FgCR6INoI8Y4ItMhLzuLnnCqh6FJ%2FnoppB%2Fc2ClASqxtoPAFRhA3TGESHPBggAX42myU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77038569496e75a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| webs19.theavstatic.xyz/static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d | 104.21.234.237 | 200 OK | 0 B |
URL HTTP/2webs19.theavstatic.xyz/static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d IP104.21.234.237:0
GET /static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d HTTP/1.1
Host: webs19.theavstatic.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:13 GMT
content-type: image/gif
last-modified: Wed, 07 Sep 2022 05:30:23 GMT
vary: Accept-Encoding
etag: W/"63182c6f-98d99"
expires: Wed, 30 Nov 2022 03:54:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2286624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m1pT9DDyCo90p1gMhr%2BnzFV%2B4eBgUnNeTMjhfUwuveoMRwAMtnNss6FyBZzE8tTCkTJnQZLRwQXSclDAyqbw%2FmKddCEUYxCHE%2BIE0K16JJqsPj5thyh85UfDxnCEysStMogs4hnH38o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770385610929772b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zz.bdstatic.com/linksubmit/push.js | 58.254.150.48 | 200 OK | 0 B |
URL HTTP/2zz.bdstatic.com/linksubmit/push.js IP58.254.150.48:0 ASN#136958 China Unicom Guangdong IP network
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: application/x-javascript
last-modified: Sat, 28 May 2022 21:42:55 GMT
etag: "6292975f-134"
cache-control: max-age=86400
content-encoding: br
age: 41582
accept-ranges: bytes
tracecode: 14466073160406165002112511
ohc-global-saved-time: Sat, 26 Nov 2022 03:24:06 GMT
ohc-cache-hit: gz3un50 [2], zhuzuncache52 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
|
|
| img.u1557.com/images/636b5b5714dd2ea30a791029.gif | 185.239.226.23 | 302 Found | 0 B |
URL HTTP/2img.u1557.com/images/636b5b5714dd2ea30a791029.gif IP185.239.226.23:0 ASN#134835 Starry Network Limited
GET /images/636b5b5714dd2ea30a791029.gif HTTP/1.1
Host: img.u1557.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c
cache-control: max-age=3600
X-Firefox-Spdy: h2
|
|
| img.9729x.com/images/6379cade0530cc58344548f5.gif | 185.239.226.23 | 302 Found | 0 B |
URL HTTP/2img.9729x.com/images/6379cade0530cc58344548f5.gif IP185.239.226.23:0 ASN#134835 Starry Network Limited
GET /images/6379cade0530cc58344548f5.gif HTTP/1.1
Host: img.9729x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e
cache-control: max-age=3600
X-Firefox-Spdy: h2
|
|
| 91av4.top/videos/51975f02843d35f02aac7b4a24e08677/cover/5_505_259?u_c_i_t=1 | 172.64.134.22 | 200 OK | 0 B |
URL HTTP/291av4.top/videos/51975f02843d35f02aac7b4a24e08677/cover/5_505_259?u_c_i_t=1 IP172.64.134.22:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /videos/51975f02843d35f02aac7b4a24e08677/cover/5_505_259?u_c_i_t=1 HTTP/1.1
Host: 91av4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: application/octet-stream
vary: Accept-Encoding, Accept-Encoding
tfc: l
last-modified: Mon, 01 Aug 2022 07:27:22 GMT
etag: W/"62e7805a-6525"
expires: Sun, 22 Jan 2023 16:37:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-origin: *
t-cache: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hrXK%2B2NAHSJ%2BY3yEBmfCWFBNqSi3sK6xhG%2F1JfpyVlcGhDO8UC5ByaBW2rSsJ8wtKR5IfH4IrNjrQuqEwHNKiT5seXj%2BSxrLa6KgVhOkranluAUVKxWadGwuZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77038569498175a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 91av4.top/videos/b5feffb535fd4028fae3b87b15af6063ecb004c6/preview.mp4 | 172.64.134.22 | 206 Partial Content | 0 B |
URL HTTP/291av4.top/videos/b5feffb535fd4028fae3b87b15af6063ecb004c6/preview.mp4 IP172.64.134.22:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /videos/b5feffb535fd4028fae3b87b15af6063ecb004c6/preview.mp4 HTTP/1.1
Host: 91av4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sat, 26 Nov 2022 15:05:14 GMT
content-type: video/mp4
content-length: 346918
tfc: l
last-modified: Sat, 24 Sep 2022 02:08:54 GMT
etag: "632e66b6-54b26"
expires: Mon, 23 Jan 2023 04:59:58 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-origin: *
t-cache: HIT
cf-cache-status: HIT
content-range: bytes 0-346917/346918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJeL%2FdfbJBbIufubETmKEs5mQccDzwMMXdxPXlR%2F7UFQAUEU%2B9M2cdMXpf5dQ7JxGWkaJS1eXSodp8GPG4FPAg3PXQHEXwYhMFufrvshZqWcMFVl4Uoc0LYiA1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7703856a3aac75a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba | 54.230.111.58 | 200 OK | 0 B |
URL HTTP/2jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba IP54.230.111.58:0
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc03.lato;REVALIDATED from w-sc01.lato
date: Sat, 26 Nov 2022 15:01:08 GMT
cache-control: max-age=600
expires: Sat, 26 Nov 2022 15:09:26 GMT
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HWHE-_OF9rwM9JpC_lFAIrpqqpGb3SGPMC-UJFfBVW7S4FbGk756_Q==
age: 346
X-Firefox-Spdy: h2
|
|
| jjx886.com/99xing/css/b.css?b59f75454791d50cdf13742c5c90f597 | 172.64.135.22 | 200 OK | 0 B |
URL HTTP/2jjx886.com/99xing/css/b.css?b59f75454791d50cdf13742c5c90f597 IP172.64.135.22:0
GET /99xing/css/b.css?b59f75454791d50cdf13742c5c90f597 HTTP/1.1
Host: jjx886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://99xing.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 15:05:11 GMT
content-type: text/css
last-modified: Sun, 30 Oct 2022 09:51:24 GMT
vary: Accept-Encoding
etag: W/"635e491c-224c2"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=31536000, stale-if-error=7200
cf-cache-status: HIT
age: 157578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8JVofxmxMcZ%2BqQlZRcZPxvj4V4QT5b0x7Ondswq7bVSnZWTp2jlB%2BB%2BEtL3%2BTfBXFIcJyfKtr%2BuBTGcb3WCAFU2%2FGIcqLJqa6oDkRzUGbOl6xoqOJN9fiufKcfy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77038558095a7320-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|