Report - www.borueidi.com/news/?gcLTU1.doc

Report Overview

Submitted URL
www.borueidi.com/news/?gcLTU1.doc
IP
172.67.138.131
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-30 10:48:42
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
p3.douyinpic.com	23536	2020-12-18T12:20:50Z	2023-03-13T08:24:37Z	386 B	148 kB	47.246.44.224
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.187.220.96
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	50 kB	34.120.237.76
ocsp.buypass.com	157566	2017-01-30T05:59:29Z	2023-03-13T05:11:40Z	340 B	2.2 kB	23.36.76.129
www.yh886.xyz	unknown	2023-01-13T10:33:50Z	2023-01-30T11:48:33Z	464 B	244 kB	104.21.27.47
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	993 B	93.184.220.29
ldbbs.ldmnq.com	unknown	2022-01-01T16:20:18Z	2023-03-13T08:45:56Z	438 B	376 kB	120.52.95.234
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
js.users.51.la	53024	2012-05-30T17:10:11Z	2023-03-13T05:36:53Z	720 B	5.4 kB	103.143.19.103
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-13T05:14:15Z	348 B	1.2 kB	172.64.155.188
ia.51.la	59607	2017-10-31T09:01:51Z	2023-03-13T05:35:03Z	1.1 kB	71 B	112.90.153.37
api.weibo.com	24165	2012-08-07T12:09:33Z	2023-03-10T10:49:13Z	494 B	385 B	36.51.227.13
img.1129555.com	unknown	2022-11-11T14:57:19Z	2023-03-09T01:40:01Z	405 B	182 B	3.36.126.81
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226
www.borueidi.com	unknown	2023-01-30T11:48:28Z	2023-01-30T11:48:28Z	364 B	1.6 kB	104.21.54.119
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	1.1 kB	7.7 kB	104.18.21.226
xinchacha2dv.ocsp-certum.com	unknown	2022-07-28T12:58:17Z	2023-03-13T08:17:56Z	352 B	1.8 kB	23.36.79.17
8499226.com	unknown	2022-10-26T16:59:47Z	2023-03-13T05:55:47Z	384 B	354 kB	172.247.50.229
ocsp.dcocsp.cn	33518	2018-11-07T14:15:36Z	2023-03-13T06:54:43Z	676 B	2.2 kB	47.246.44.227
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-30 10:48:45	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-01-30 10:48:46	low	172.247.50.229	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.yh886.xyz/Tpl/miaopon/demo/js/parts/loading.js	491 B	2023-03-13	2023-10-23
Pretty URL www.yh886.xyz/Tpl/miaopon/demo/js/parts/loading.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:19:50 Last Seen2023-10-23 13:38:28 Times Seen11 Hash 6bafc113755dbe19b65170b712c3a9e0 f489c20b464a683a58d7403d78c3be542671640c 36cb756ce067bf28a51df44d3568e45a93f9ec139e135d2cfb847a53601c250d Loading...

	www.yh886.xyz/	20 kB	2023-03-07	2023-10-23
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-10-23 13:38:28 Times Seen17 Hash a07ce8496dc93201e76c9519f0778c4e 0bc47bf20c50208daeb4d5db8aa097d8ae2ce043 2461c4c96b0e43de433550d260a86bb16ded6194dcfbfc360125f425a5adaafd Loading...

	www.yh886.xyz/	106 kB	2023-03-07	2023-10-23
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-10-23 13:38:28 Times Seen16 Hash 97ce069d3b7fd51d8f07e79969ffbfa8 8a2a2263d7c1b642cd87215c8905b5dde385d95d 717e6165f2705099d2adcca7cf48670c2003e89de4c1a0660d80c62033bf61d4 Loading...

	www.yh886.xyz/Tpl/miaopon/js/jquery.stem.js?v=	14 kB	2023-03-13	2023-10-23
Pretty URL www.yh886.xyz/Tpl/miaopon/js/jquery.stem.js?v= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:19:50 Last Seen2023-10-23 13:38:28 Times Seen12 Hash bd9fdaa8d1c718d38032eef3c8b101c6 9a31a26b6871564dc992634ec9b8dd9113f49f6e b1baafbb9dcdf3c900c121db495fb5f6eca8225da3ade81e5c68ff0148008f37 Loading...

	www.yh886.xyz/Tpl/miaopon/demo/js/parts/jquery.adaptive.js	5.2 kB	2023-03-08	2023-10-23
Pretty URL www.yh886.xyz/Tpl/miaopon/demo/js/parts/jquery.adaptive.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:15:25 Last Seen2023-10-23 13:38:28 Times Seen17 Hash 5825d6f1b8923299dbd3b645e08684a2 99e33478a1d4737edc6fad9bba47921940ef80bf 01fd782216c2cb7bfedf0e0cb891088245f5bd1a048520ada515bfbfc1551231 Loading...

	www.yh886.xyz/Tpl/miaopon/demo/js/hlhtml.js	108 kB	2023-03-13	2023-07-03
Pretty URL www.yh886.xyz/Tpl/miaopon/demo/js/hlhtml.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:19:50 Last Seen2023-07-03 12:22:53 Times Seen3 Hash 3e975afe2bcf8306096f2d76dcbb2611 0157012bb0f98fb8d7e5baee9b365dd2586e81c9 aba08ecb927f25df7733f8b689ce2c9ace0879e2ddc722b1c083c89a9b0249d7 Loading...

	www.yh886.xyz/Tpl/miaopon/demo/js/jquery.min.js	87 kB	2023-03-07	2023-10-23
Pretty URL www.yh886.xyz/Tpl/miaopon/demo/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-10-23 13:38:28 Times Seen15 Hash 8b2e8c54024f246f8e47f6b596777814 d9a5f0a2fbdfd89b6da428fc83bc0d18b498bb64 485d9125a2a9efa4dead6ce9b1bcbcf08a82045c2e3a84658c14e1535ba2d7e1 Loading...

	www.yh886.xyz/Tpl/miaopon/demo/js/jquery.cookie.js	1.0 kB	2023-03-07	2023-12-24
Pretty URL www.yh886.xyz/Tpl/miaopon/demo/js/jquery.cookie.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:08 Last Seen2023-12-24 04:15:52 Times Seen27 Hash e310e61dfc88600402a68d0ce27ed07e 4b7ae25651db07667ef30240d160a0426c0cf47f c2521d867a375d594e2e0406f43932931d6a779931cb549ca978384a5a1ab4b6 Loading...

	www.yh886.xyz/	173 B	2023-03-13	2023-10-23
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:58:58 Last Seen2023-10-23 13:38:28 Times Seen11 Hash 3eaf6186c8c6b84b5ff5476606d6326f 6d216be725c271d0c2c4da4ef821b5c590ec3bc0 6018bf2a00478a85a57ca04925491f92c1c04fb7fe205dd760ae8b54ba109452 Loading...

	www.yh886.xyz/	123 B	2023-03-07	2023-10-23
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-10-23 13:38:28 Times Seen10 Hash 77323ba65b2b13b531d9b575166a8830 5d0edf5e27430b7f238198fe387973fdf8dbabf0 d00ef804749e879abb3d9da52f350abbaa768874fc6d66c963438f9ee81e8c27 Loading...

	www.yh886.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-25
Pretty URL www.yh886.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 10:52:52 Times Seen54920 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	js.users.51.la/21123471.js	4.9 kB	2023-03-07	2023-03-17
Pretty URL js.users.51.la/21123471.js IP 103.143.19.103 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-03-17 10:31:16 Times Seen1 Hash 713748825d6aaacb9cb7dc74d7a7d86d 475a8619b2a3719b599e4f714a5e3945013a01d3 62e6bcedb3b11e0c9f587253dc0bf494ce26d43c8b99c15e6bfe256dbf8b21e9 Loading...

	www.borueidi.com/news/?gcLTU1.doc	389 B	2023-03-13	2023-03-13
Pretty URL www.borueidi.com/news/?gcLTU1.doc IP 104.21.54.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:58:58 Last Seen2023-03-13 12:19:50 Times Seen1 Hash 7a74779a9683f04197b7bd705ae8d501 4ed02ab4c576063e3156717669c5f12d791a5965 ee55cead1450d7dac732c3beedc10a6444348050e2bdd82b11d52650f192ca88 Loading...

	www.yh886.xyz/	398 B	2023-03-10	2023-10-23
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:42:04 Last Seen2023-10-23 13:38:28 Times Seen8 Hash 570eff5a8b32474d9f7d51ab56912b55 2e99f6201ba651cb754c2cf2debea846c0228c50 4f7f13cf4b863fa0a6c5479b3ae4780cedcf8fe5ab0fdbc8b8069ee2cbaf4c84 Loading...

	www.yh886.xyz/	15 kB	2023-03-07	2023-04-05
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-04-05 01:50:41 Times Seen2 Hash bc9f723f673aaef16cd2cfa1c8d89a80 919d52b272042042e44f735ed9ef3a4798043591 d8b19003c4459bfaa605a9e2934e80feeaa487058bb4f390f7e8f3accc257185 Loading...

	www.yh886.xyz/	99 B	2023-03-13	2023-03-13
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:58:58 Last Seen2023-03-13 19:41:45 Times Seen1 Hash 713e9ffa801b9405ee1253e2d0105742 1abd9fb49107eae953e6c24e83c1a65820258376 740b5617d86a5996d16a5d7b6440e27e02d2284c2eb671b6c4606f287ff6f6ed Loading...

	www.borueidi.com/news/?gcLTU1.doc	974 B	2023-03-10	2023-06-30
Pretty URL www.borueidi.com/news/?gcLTU1.doc IP 104.21.54.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:28:16 Last Seen2023-06-30 01:28:16 Times Seen2 Hash be65cd14c706d8a56330c0b4c41f3748 5eb8f12f45c4cd98d6223cb1ac6a6cd8cce131bd d55c7c13fa304cacc2f796f210fc1ad9e4d4b27e738685095a704102efade3c8 Loading...

	www.yh886.xyz/Tpl/miaopon/demo/js/hlexpand.js?v=	7.2 kB	2023-03-13	2023-10-23
Pretty URL www.yh886.xyz/Tpl/miaopon/demo/js/hlexpand.js?v= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:19:50 Last Seen2023-10-23 13:38:28 Times Seen9 Hash fd0c61389e7f44fbcac504ca50336ad3 249f62e15764188b15b54076ab2abfba542f15c1 1340ad5b4e6d47fcb47ebad67ba987caec3497450c1c80c42b80fd5ce9eaf204 Loading...

	www.yh886.xyz/	2.4 kB	2023-03-07	2023-10-23
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-10-23 13:38:28 Times Seen10 Hash 6d043fdf276776d433695c8024396034 82b7ef78a6daea2a62c68ebf82f0d544a351d65d 1c669cb8679302793438c8e405a7360f12140639085d9c3db294852abc60941b Loading...

	js.users.51.la/21299571.js	4.9 kB	2023-03-07	2023-07-03
Pretty URL js.users.51.la/21299571.js IP 103.143.19.103 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-07-03 12:22:52 Times Seen2 Hash ad4a993207d706275dd9d7389e13bc4b 6e253a88d51ba2c49b214b270a46bb28d55e082f c656b152439a9da120b57db046998c0415224ac867360237a2d1e512f3d84c73 Loading...

	www.yh886.xyz/	4.2 kB	2023-03-07	2023-10-23
Pretty URL www.yh886.xyz/ IP 104.21.27.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:42 Last Seen2023-10-23 13:38:28 Times Seen10 Hash 06f8347875e923456074f8f3644eab9f f2f7f114c22edd85cbe2a4354212fd1c806febd9 6fe0c0ca57b518dd45ca4a7adecd62e50b5e0aeedaa504eee9ec11459fdc733d Loading...

	www.yh886.xyz/Tpl/miaopon/demo/js/jquery.ac.js	25 kB	2023-03-07	2024-04-09
Pretty URL www.yh886.xyz/Tpl/miaopon/demo/js/jquery.ac.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-09 01:11:57 Times Seen424 Hash eef27168e4e9397399dafb5913cb3b18 97205e2886e76320fc92cc20bd3c65a6e267bac0 0c4348f9abb00683f322c8eebea774789dc5baa6f83706f19e269149f03699e1 Loading...

	www.yh886.xyz/Tpl/miaopon/demo/js/home.js	39 kB	2023-03-13	2023-10-23
Pretty URL www.yh886.xyz/Tpl/miaopon/demo/js/home.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:19:50 Last Seen2023-10-23 13:38:28 Times Seen12 Hash 30772dc69a3dae22672e8a1de4b193c1 a6533e2f6df91a56eb38f39d436c06580fee8184 b204d533a6e54c54dec0fae7669b30563c9b5ec3787d5c15871d3895831da17f Loading...

HTTP Transactions (38)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3eb88dea4fe00db1182370e72683c3ab ca520abf1e91bfd2aef40c6a1270a911071e8922 d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6946 Expires: Mon, 30 Jan 2023 12:44:17 GMT Date: Mon, 30 Jan 2023 10:48:31 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5eb7c9bc996a0ff420e58af45526f053 8c2614832b8efe1c9da0bbd465d6f3f172d95a9e c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4683 Expires: Mon, 30 Jan 2023 12:06:34 GMT Date: Mon, 30 Jan 2023 10:48:31 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 30 Jan 2023 10:35:42 GMT content-type: application/json age: 769 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10865 Expires: Mon, 30 Jan 2023 13:49:36 GMT Date: Mon, 30 Jan 2023 10:48:31 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: L2b5+hryeiPvtqf6TZWuSdFQBeqX9yQsIYnrh9m5Dtg5/az7wVoIyiJxVOY44Jo0OGNP+H+NAWw= x-amz-request-id: T93RVX95DE93EZVD content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 30 Jan 2023 10:21:45 GMT age: 1606 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	www.borueidi.com/news/?gcLTU1.doc	104.21.54.119	200 OK	902 B
URL HTTP/1.1 www.borueidi.com/news/?gcLTU1.doc IP 104.21.54.119:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (383) Size 902 B (902 bytes) Hash e93e144834b96c7f9b14ccc1a5d0d189 61e96373c6cec32ca3466264ea597318ec0f4215 8fe663e9900df187d82e7a0c1cb9d1bc7ed9ccf0a20359951a1eda0da683f1f9 HTTP Headers `GET /news/?gcLTU1.doc HTTP/1.1 Host: www.borueidi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Date: Mon, 30 Jan 2023 10:48:31 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding, Accept-Encoding X-Powered-By: PHP/5.4.45 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrXaC4Mh2uso1%2BT%2B7ITCjPGWJd6uihxcmOxkHLv3u3P0zO2tbZ%2B3jo%2BmqLlo6kHO9Oavo18fJonhX8iSUjpcAtmbCAHr3W%2BbJuGkQYpzB4uyRNxew4xfWWXm7FVvUj6FIWQG"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7919a2b8fb38b4e8-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 30 Jan 2023 10:48:31 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 30 Jan 2023 09:49:04 GMT age: 3567 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5579 Expires: Mon, 30 Jan 2023 12:21:30 GMT Date: Mon, 30 Jan 2023 10:48:31 GMT Connection: keep-alive`

	push.services.mozilla.com/	54.187.220.96	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.187.220.96:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 6bGlecbHXQaFEhy0xTW3sA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: c5fPeprIqSGZBpDAO3cvxqn2sm8=`

	ocsp.globalsign.com/gsgccr3dvtlsca2020	104.18.21.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1414 bytes) Hash 532e822d1b4edde70977109d2ab630a3 c55dc6edca82ef763469e25b11f890fa57e5fd13 c977784b5cad59775c40b6de970e867aa0b1d19fb1ec5b292cf96311cb778b59 HTTP Headers `POST /gsgccr3dvtlsca2020 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 30 Jan 2023 10:48:32 GMT Content-Type: application/ocsp-response Content-Length: 1414 Connection: keep-alive Expires: Fri, 03 Feb 2023 09:25:41 GMT ETag: "c55dc6edca82ef763469e25b11f890fa57e5fd13" Last-Modified: Mon, 30 Jan 2023 09:25:42 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2350 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7919a2c32bb2b50b-OSL`

	js.users.51.la/21123471.js	103.143.19.103	200 OK	2.3 kB
URL HTTP/1.1 js.users.51.la/21123471.js IP 103.143.19.103:0 ASN #4837 CHINA UNICOM China169 Backbone File type ASCII text, with very long lines (4898) Size 2.3 kB (2310 bytes) Hash ec74fa894106d90a5315e4bab0dc47cc b24978529a1e50b2e5355e0857af6ab80e2af0ee 155f703b658755257748146cf3f49153e7c25ba18ee9cec599fbc664525960a0 HTTP Headers `GET /21123471.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.borueidi.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Server: CloudWAF Date: Mon, 30 Jan 2023 10:48:33 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: HWWAFSESID=0910bcd4e3e4adec81; path=/ HWWAFSESTIME=1675075712672; path=/ Cache-Control: max-age=360000 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Content-Encoding: gzip`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15034 Expires: Mon, 30 Jan 2023 14:59:07 GMT Date: Mon, 30 Jan 2023 10:48:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15034 Expires: Mon, 30 Jan 2023 14:59:07 GMT Date: Mon, 30 Jan 2023 10:48:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15034 Expires: Mon, 30 Jan 2023 14:59:07 GMT Date: Mon, 30 Jan 2023 10:48:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15034 Expires: Mon, 30 Jan 2023 14:59:07 GMT Date: Mon, 30 Jan 2023 10:48:33 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg	34.120.237.76	200 OK	7.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.7 kB (7679 bytes) Hash 3e04b9eaf7449828136ad59e4c9d69f1 b820be4ed885dcf288eb6460c57e1fa7b1c7c476 df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7679 x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhkEtEfHoAMFaNA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 21:51:22 GMT age: 46631 etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11568 bytes) Hash b7a0759c043594fbe85af422b59b8227 a05cfaad16078f42218dae233da38f6f5dff8487 e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11568 x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e9T3UGA3oAMFSlQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0 x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: HvqpQI-tR9W2NwvIgoi8loQaD--rOgVYFdLdkdlaXMhe4ts9mYqahg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 21:50:16 GMT age: 46697 etag: "a05cfaad16078f42218dae233da38f6f5dff8487" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg	34.120.237.76	200 OK	3.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.7 kB (3678 bytes) Hash e8d680cbaee5ef3e7b8e09b174ed6ecf 6651a0d3041920798240ea67e827c3d458769fa9 4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3678 x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhkEvE-RIAMFpmg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: XbMeLjDaYoPiw42pUbszzOEqWeUdx01NI6zVLJFgp0r3B_2dHHxX-w== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 22:11:45 GMT age: 45408 etag: "6651a0d3041920798240ea67e827c3d458769fa9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg	34.120.237.76	200 OK	6.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.6 kB (6646 bytes) Hash f49153c1aade8aa30bc6c84db4fa09d7 5cce4e085c87e7fbe82907694a36a91cc1bc9bfc 3285916959352e77cdbea34515dad3b3a0315b74bca7f45a8e5a2de4661203e2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6646 x-amzn-requestid: c8a7d4b9-1a13-41c1-8391-853f03f3150c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fbvRsHiaIAMF4Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d49271-634529cc6844e70829b5750f;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: jsqjHdOdOmlotXqpZrEI_u8z7YldTDlDgryiGvDkiYC4HPnK7dlzEA== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 03:45:00 GMT age: 25413 etag: "5cce4e085c87e7fbe82907694a36a91cc1bc9bfc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg	34.120.237.76	200 OK	5.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.9 kB (5934 bytes) Hash 8fce79ef35b4c943c2b60d5092d17b6f d29ce982633d0cc50b2a968ea22893d92b9663e3 297e951e4ab09c3465deb222cbe8f66579f9154d4e8806eec3a52350e577fded HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5934 x-amzn-requestid: 75aeb64a-1ba1-4349-84f3-b94aabeccc9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhklyFUMIAMF3nA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e7be-56d6fb7b337769986c5c567b;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MFuKQ8m9sOQ2Cc0kXzMaJzUBbB5hEUQ8gpr7rYT4vwh8CYs5oqZQfA== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 22:30:54 GMT age: 44259 etag: "d29ce982633d0cc50b2a968ea22893d92b9663e3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg	34.120.237.76	200 OK	8.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.5 kB (8464 bytes) Hash fe31ee140c2fd62e616c8a1edc9e78bb 7aa5fbdc8156514770ae620e81f1afef1c77890f 799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8464 x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhj3qGeboAMFzNw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 21:59:27 GMT age: 46146 etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.globalsign.com/gsgccr3dvtlsca2020	104.18.21.226	200 OK	3.5 kB
URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 3.5 kB (3452 bytes) Hash 02462657cbeb560e23dda8cecd6dda11 83f22bae8f8b241235b56dcc49b6dc04ac8b7b77 88108d08f3a84bfb835e8735d967f1b84ec6263d12ab93239f713f1f521fe8fa HTTP Headers `POST /gsgccr3dvtlsca2020 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 30 Jan 2023 10:48:34 GMT Content-Type: application/ocsp-response Content-Length: 1414 Connection: keep-alive Expires: Fri, 03 Feb 2023 09:25:41 GMT ETag: "c55dc6edca82ef763469e25b11f890fa57e5fd13" Last-Modified: Mon, 30 Jan 2023 09:25:42 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2352 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7919a2ce2eb1b50b-OSL`

	ocsp.buypass.com/	23.36.76.129	200 OK	1.7 kB
URL HTTP/1.1 ocsp.buypass.com/ IP 23.36.76.129:0 ASN #20940 Akamai International B.V. File type data Size 1.7 kB (1701 bytes) Hash f90bff3506a60134bc41d25756f29036 7c187183b3a318aa940cffa0a70ebe43e10bbed1 a1434cbc46c17573438ced203085fb79a287ba5a4d5f94d21006e60f590c65a0 HTTP Headers `POST / HTTP/1.1 Host: ocsp.buypass.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 78 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Access-Control-Allow-Origin: https://www.buypass.no Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale Access-Control-Allow-Credentials: false Access-Control-Allow-Methods: GET,POST MDC-correlationId: e468e386-4fb1-4ffd-89dc-e3fc4a5b786c Content-Length: 1701 Date: Mon, 30 Jan 2023 10:48:34 GMT Connection: keep-alive`

	js.users.51.la/21299571.js	103.143.19.103	200 OK	2.3 kB
URL HTTP/1.1 js.users.51.la/21299571.js IP 103.143.19.103:0 ASN #4837 CHINA UNICOM China169 Backbone File type ASCII text, with very long lines (4898) Size 2.3 kB (2310 bytes) Hash 30854c679413a6e3ec8c952c99986301 7df7426fe3a99e22630a462895ef149c5deec676 0b8eb68b0fe8aca493e9c2e104546c87faed4829e9c35eb4b173dce209954e78 HTTP Headers `GET /21299571.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.yh886.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Server: CloudWAF Date: Mon, 30 Jan 2023 10:48:34 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: HWWAFSESID=d77de1815ee0e604895; path=/ HWWAFSESTIME=1675075713905; path=/ Cache-Control: max-age=360000 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Content-Encoding: gzip`

	www.yh886.xyz/	104.21.27.47	200 OK	243 kB
URL HTTP/2 www.yh886.xyz/ IP 104.21.27.47:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1711), with CRLF, LF line terminators Size 243 kB (243056 bytes) Hash 44232d7ca32802a0c935290dbb31a1c8 708e87805866a2d0946e1244592640f00dbd9c37 657dae59f5aa3b8526d568062168e7c040874e9b0ad8df985cd6c07987921273 HTTP Headers `GET / HTTP/1.1 Host: www.yh886.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.borueidi.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 30 Jan 2023 10:48:33 GMT content-type: text/html;charset=utf-8 vary: Accept-Encoding cache-control: max-age=1800 cf-cache-status: EXPIRED last-modified: Sun, 29 Jan 2023 18:24:23 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTVlgz3oe82J%2BcFDzg%2BPF0eqUtB7OxA4rwsVPZB3%2B7VxiXolx%2BN2ZYRS0lnFQl%2FKr74D2iko0xmWaHusrZ5w%2BBMqPD43pVA3s5ejRdSprFuUfR6qb9C8ahLiFw7eka1K"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7919a2c78a05b50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	zerossl.ocsp.sectigo.com/	172.64.155.188	200 OK	728 B
URL HTTP/1.1 zerossl.ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 728 B (728 bytes) Hash ad9faf1a2a600142cf4840479db57cec e78534752c9000de7d29ce48ce4fe72b3fcf4cf6 394ccc1fcf094ae4e48e57f508a2cfe158456ef1d902ad80bc92c9e78b0ca318 HTTP Headers `POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 30 Jan 2023 10:48:35 GMT Content-Type: application/ocsp-response Content-Length: 728 Connection: keep-alive Last-Modified: Sat, 28 Jan 2023 07:06:40 GMT Expires: Sat, 04 Feb 2023 07:06:39 GMT Etag: "e78534752c9000de7d29ce48ce4fe72b3fcf4cf6" Cache-Control: max-age=418083,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7919a2d35fceb4e8-OSL`

	ocsp.globalsign.com/gsgccr3dvtlsca2020	104.18.21.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1414 bytes) Hash f852be83408ed68eb6f23d3e8d786e6f 0b2dd8c2f58bb2e60276d81c754b3e473190afac 890278300e99a555fc7d36222826be26d0cd7818c69c50aecf2fee17a9ca1c7d HTTP Headers `POST /gsgccr3dvtlsca2020 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 30 Jan 2023 10:48:35 GMT Content-Type: application/ocsp-response Content-Length: 1414 Connection: keep-alive Expires: Fri, 03 Feb 2023 08:57:12 GMT ETag: "0b2dd8c2f58bb2e60276d81c754b3e473190afac" Last-Modified: Mon, 30 Jan 2023 08:57:13 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 3062 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7919a2d4990eb50b-OSL`

	xinchacha2dv.ocsp-certum.com/	23.36.79.17	200 OK	1.5 kB
URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/ IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type data Size 1.5 kB (1538 bytes) Hash 95b2a82365b4b34e3615c5299a58a674 d13ce10850e6b4b8a8e98e8154e2984c9b34e8ab 92c6655ea4687a38a3dd62d6893f74a63c5a3c53ae8e2bf10abe574f88ed43c2 HTTP Headers `POST / HTTP/1.1 Host: xinchacha2dv.ocsp-certum.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 1538 X-Cached: HIT Strict-Transport-Security: max-age=63072000,includeSubDomains,preload Cache-Control: max-age=336 Date: Mon, 30 Jan 2023 10:48:35 GMT Connection: keep-alive X-N: S`

	ia.51.la/go1?id=21299571&rt=1675075726528&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E6%25B5%25B7%25E9%2587%258F%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B&ing=1&ekc=&sid=1675075726528&tt=%25E8%25A7%2582%25E5%25BD%25B1%25E8%25B5%2584%25E6%25BA%2590&kw=%25E6%259C%2580%25E6%2596%25B0%25E7%2594%25B5%25E5%25BD%25B1%25EF%25BC%258C%25E6%259C%2580%25E7%2581%25AB%25E7%259B%25B4%25E6%2592%25AD%25EF%25BC%258C%25E5%2585%25A8%25E7%25BD%2591%25E5%25BD%25B1%25E8%25A7%2586%25E5%2589%25A7&cu=https%253A%252F%252Fwww.yh886.xyz%252F&pu=http%253A%252F%252Fwww.borueidi.com%252F	112.90.153.37	200	0 B
URL HTTP/1.1 ia.51.la/go1?id=21299571&rt=1675075726528&rl=12801024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E6%25B5%25B7%25E9%2587%258F%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B&ing=1&ekc=&sid=1675075726528&tt=%25E8%25A7%2582%25E5%25BD%25B1%25E8%25B5%2584%25E6%25BA%2590&kw=%25E6%259C%2580%25E6%2596%25B0%25E7%2594%25B5%25E5%25BD%25B1%25EF%25BC%258C%25E6%259C%2580%25E7%2581%25AB%25E7%259B%25B4%25E6%2592%25AD%25EF%25BC%258C%25E5%2585%25A8%25E7%25BD%2591%25E5%25BD%25B1%25E8%25A7%2586%25E5%2589%25A7&cu=https%253A%252F%252Fwww.yh886.xyz%252F&pu=http%253A%252F%252Fwww.borueidi.com%252F IP 112.90.153.37:0 ASN #136959 China Unicom Guangdong IP network File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /go1?id=21299571&rt=1675075726528&rl=12801024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E6%25B5%25B7%25E9%2587%258F%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B&ing=1&ekc=&sid=1675075726528&tt=%25E8%25A7%2582%25E5%25BD%25B1%25E8%25B5%2584%25E6%25BA%2590&kw=%25E6%259C%2580%25E6%2596%25B0%25E7%2594%25B5%25E5%25BD%25B1%25EF%25BC%258C%25E6%259C%2580%25E7%2581%25AB%25E7%259B%25B4%25E6%2592%25AD%25EF%25BC%258C%25E5%2585%25A8%25E7%25BD%2591%25E5%25BD%25B1%25E8%25A7%2586%25E5%2589%25A7&cu=https%253A%252F%252Fwww.yh886.xyz%252F&pu=http%253A%252F%252Fwww.borueidi.com%252F HTTP/1.1 Host: ia.51.la User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.yh886.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 Content-Length: 0 Date: Mon, 30 Jan 2023 10:48:35 GMT`

	ocsp.digicert.com/	93.184.220.29	200 OK	727 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 727 B (727 bytes) Hash 371e982222433054fa226c69859f3741 be44dce909e2b658af412893a6be35a1fb33bd04 4598d98e0eb3591d0642034715f081188ccfdfc138ce21d7fad99252487842ad HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1434 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 30 Jan 2023 10:48:35 GMT Last-Modified: Mon, 30 Jan 2023 10:24:43 GMT Server: ECS (amb/6B9D) X-Cache: HIT Content-Length: 727`

	p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a	47.246.44.224	200 OK	147 kB
URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a IP 47.246.44.224:0 ASN #24429 Zhejiang Taobao Network Co.,Ltd File type GIF image data, version 89a, 960 x 120\012- data Size 147 kB (146647 bytes) Hash 3e19d4a109f5442429ab120014d83932 9b3ab408c1543c2a812d99f985ec7f014eb239ee 69a725e47512725f942332b0729ad94fe477f82b0d93055f5265793815bfa4a6 HTTP Headers `GET /obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a HTTP/1.1 Host: p3.douyinpic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: Tengine content-type: image/gif content-length: 146647 date: Sat, 17 Dec 2022 12:44:32 GMT cache-control: max-age=31536000 imagex-fmt: gif2gif last-modified: Sat, 17 Dec 2022 11:05:17 GMT nw-session-id: 20221217190517010212075088049EE35Fpwrzh01dy nw-session-trace: 2022-12-17T19:05:17.505827354+08:00 60 x-bdcdn-cache-status: TCP_HIT x-length: 146647 x-powered-by: ImageX x-response-date: Sat, 17 Dec 2022 19:05:17 GMT x-tt-logid: 20221217190517010212075088049EE35F via: n204-098-222, cache23.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache7.se1[0,0,200-0,H], cache1.se1[2,0] x-request-ip: fdbd:dc01:26:318::66 x-tt-trace-tag: id=03;cdn-cache=hit;type=static x-response-cinfo: 91.90.42.154 x-response-cache: edge_hit server-timing: cdn-cache;desc=HIT,edge;dur=2 x-tt-trace-host: 011f3179f65e79bd56134347320851a7aea6e0a18bf2c1c23c6d8014804fa9b0190235d5d93772c680138c643463983506d475df3a8b72e78a121b4f4f35ee7fedfab41d1744bafee7a1a00aacfbc0761d667083177ceac1c0964125934b59ee2b x-response-lb: image ali-swift-global-savetime: 1671281072 age: 3794643 x-cache: HIT TCP_MEM_HIT dirn:11:346634073 x-swift-savetime: Sat, 17 Dec 2022 13:21:53 GMT x-swift-cachetime: 31533759 timing-allow-origin: , access-control-allow-origin: * eagleid: 2ff62c9516750757156996102e X-Firefox-Spdy: h2

	8499226.com/8499/x/960x120.gif	172.247.50.229	200 OK	354 kB
URL HTTP/2 8499226.com/8499/x/960x120.gif IP 172.247.50.229:0 ASN #40065 CNSERVERS File type GIF image data, version 89a, 960 x 120\012- data Size 354 kB (354036 bytes) Hash 2d6d5452643b03b38c6f14f6306a0079 9e50430b6c7a04abfd8bdbc43dbf00a0595aa78f 1cc8767e7b27b286a7268e16ea46bd799c3ca8b06f79cb675e55a4375497845c HTTP Headers `GET /8499/x/960x120.gif HTTP/1.1 Host: 8499226.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.yh886.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 30 Jan 2023 10:48:35 GMT content-type: image/gif content-length: 354036 last-modified: Sat, 24 Dec 2022 13:22:54 GMT etag: "566f4-5f092ccba76af" server: qq.com x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.dcocsp.cn/	47.246.44.227	200 OK	471 B
URL HTTP/1.1 ocsp.dcocsp.cn/ IP 47.246.44.227:0 ASN #24429 Zhejiang Taobao Network Co.,Ltd File type data Size 471 B (471 bytes) Hash 895fc254dc59c1cd64879a6baccce0a5 78be262b36043904a15fa8a5b887b099c7862655 5e1c0c7d59b0a459b3bb43cb83162b4a0e44b215a7e228d7cfda95667756e61a HTTP Headers `POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: Tengine Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Date: Mon, 30 Jan 2023 10:47:49 GMT Last-Modified: Mon, 30 Jan 2023 00:42:33 GMT ETag: "63d71279-1d7" Expires: Wed, 01 Feb 2023 00:42:33 GMT Accept-Ranges: bytes Ali-Swift-Global-Savetime: 1675075669 Via: cache21.l2de2[0,0,304-0,H], cache1.l2de2[0,0], cache2.se1[23,22,200-0,H], cache2.se1[24,0] Age: 47 X-Cache: HIT TCP_REFRESH_HIT dirn:3:447438281 X-Swift-SaveTime: Mon, 30 Jan 2023 10:48:36 GMT X-Swift-CacheTime: 3553 Timing-Allow-Origin: * EagleId: 2ff62c9616750757166728268e

	ocsp.dcocsp.cn/	47.246.44.227	200 OK	471 B
URL HTTP/1.1 ocsp.dcocsp.cn/ IP 47.246.44.227:0 ASN #24429 Zhejiang Taobao Network Co.,Ltd File type data Size 471 B (471 bytes) Hash 895fc254dc59c1cd64879a6baccce0a5 78be262b36043904a15fa8a5b887b099c7862655 5e1c0c7d59b0a459b3bb43cb83162b4a0e44b215a7e228d7cfda95667756e61a HTTP Headers `POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: Tengine Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Date: Mon, 30 Jan 2023 10:47:49 GMT Last-Modified: Mon, 30 Jan 2023 00:42:33 GMT ETag: "63d71279-1d7" Expires: Wed, 01 Feb 2023 00:42:33 GMT Accept-Ranges: bytes Ali-Swift-Global-Savetime: 1675075669 Via: cache21.l2de2[0,0,304-0,H], cache8.l2de2[0,0], cache1.se1[22,21,200-0,H], cache1.se1[24,0] Age: 47 X-Cache: HIT TCP_REFRESH_HIT dirn:4:111655954 X-Swift-SaveTime: Mon, 30 Jan 2023 10:48:36 GMT X-Swift-CacheTime: 3553 Timing-Allow-Origin: * EagleId: 2ff62c9516750757166726690e

	ldbbs.ldmnq.com/bbs/topic/attachment/2023-1/eff568e0-103d-4700-93b0-c93cec8646a8.gif	120.52.95.234	200 OK	376 kB
URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/attachment/2023-1/eff568e0-103d-4700-93b0-c93cec8646a8.gif IP 120.52.95.234:0 ASN #133119 China Unicom IP network File type GIF image data, version 89a, 960 x 120\012- data Size 376 kB (375505 bytes) Hash 8760156ed30be11e8b10b50cc70e3518 44ab07e99efcc4c51e09f74ceb7a36c5b1a19998 b9b87cff0ae8d4e9174e072716126f4bcde1d59cd8addbcc9810af58f95f4ba8 HTTP Headers `GET /bbs/topic/attachment/2023-1/eff568e0-103d-4700-93b0-c93cec8646a8.gif HTTP/1.1 Host: ldbbs.ldmnq.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.yh886.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Date: Mon, 30 Jan 2023 10:48:35 GMT Content-Type: image/gif Content-Length: 375505 Connection: keep-alive Server: openresty Age: 1810791 CloudServiceDiscount: CDN Content-Encoding: utf-8 ETag: "8760156ed30be11e8b10b50cc70e3518" Last-Modified: Mon, 09 Jan 2023 09:26:17 GMT X-CCDN-CacheTTL: 2592000 nginx-hit: 1 via: CHN-HElangfang-AREACUCC1-CACHE29[2],CHN-HElangfang-AREACUCC1-CACHE13[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE4[8],CHN-TJ-GLOBAL1-CACHE91[0,TCP_HIT,6] x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSrUEhU9TQV6h5hN4CbAdZQIKpOTsz+u x-amz-request-id: 0000018595DA2F52940D3561469BCC08 x-amz-storage-class: STANDARD_IA x-hcs-proxy-type: 1 x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc Accept-Ranges: bytes

	api.weibo.com/2/short_url/shorten.json?source=undefined&url_long=https%3A%2F%2Fwww.yh886.xyz%2F&callback=jQuery33106031997809750959_1675075725930&_=1675075725931	36.51.227.13	400 Bad Request	109 B
URL HTTP/1.1 api.weibo.com/2/short_url/shorten.json?source=undefined&url_long=https%3A%2F%2Fwww.yh886.xyz%2F&callback=jQuery33106031997809750959_1675075725930&_=1675075725931 IP 36.51.227.13:0 ASN #0 File type JSON data\012- , ASCII text Size 109 B (109 bytes) Hash 5dfbdcbe2931dc7a593b288041dce491 831918972fd05d66c2193996d508c95f292821b0 0ade2613ec5ec63935dfd6e910acf8f80f384e0d8678c70058d1bd91ed7d411c HTTP Headers `GET /2/short_url/shorten.json?source=undefined&url_long=https%3A%2F%2Fwww.yh886.xyz%2F&callback=jQuery33106031997809750959_1675075725930&_=1675075725931 HTTP/1.1 Host: api.weibo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.yh886.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 400 Bad Request Server: nginx/1.6.1 Date: Mon, 30 Jan 2023 10:48:36 GMT Content-Type: application/json;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive SINA-LB: aGEuMTY5LmcxLmh5ZHMubGIuc2luYW5vZGUuY29t SINA-TS: OTcwOWMzNjggMCAzOCAzOCA3IDQxCg==`

	img.1129555.com/images/63d7697a2598b83749c21193.gif	3.36.126.81	302 Found	0 B
URL HTTP/2 img.1129555.com/images/63d7697a2598b83749c21193.gif IP 3.36.126.81:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /images/63d7697a2598b83749c21193.gif HTTP/1.1 Host: img.1129555.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.yh886.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 302 Found referrer-policy: no-referrer cache-control: max-age=3600 location: https://p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML