r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7103
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 11:53:35 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1899
Cache-Control: max-age=169759
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:53:35 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:02:54 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
juntingdianqi.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: juntingdianqi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 11:53:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.juntingdianqi.com/
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 11:19:56 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2019
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4016
Expires: Fri, 02 Dec 2022 13:00:31 GMT
Date: Fri, 02 Dec 2022 11:53:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wKrK4StC//rgk+k01a9Eu6RUyZgxHImna0NW4Reu8ND6p5aKDmY8OjZy+7MaXEqT2b+9eiNKWzE=
x-amz-request-id: 4BSTHW7WZ3D3F041
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 11:46:41 GMT
age: 414
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:53:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 11:11:15 GMT
cache-control: public,max-age=3600
age: 2541
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.juntingdianqi.com/
200 OK 908 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (786), with CRLF line terminators
Hash fb579a1634da36f8c33d2721c26414cf
ac07aeeb0768c2aa31442dbc9a424d4b39fdfad6
7ed9369ec0170b83718feb56b9a29da2082ddfe69fd2a167f9c90d14c3abdf53
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.juntingdianqi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1893
Cache-Control: max-age=164691
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:53:36 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:38:27 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.juntingdianqi.com/tj.js
200 OK 546 B URL HTTP/1.1 www.juntingdianqi.com/tj.js
IP
File type ISO-8859 text, with CRLF line terminators
Hash 1142e3c5b705ca1f7555069460f1aa10
3c32892ccea56ce2211ac400166276c92a45287e
9618e6e19027dd1d50d4cc29aa340974f639f1fea6aa2bde0e168468450bcba7
Analyzer Verdict Alert fortinet Malware
GET /tj.js HTTP/1.1
Host: www.juntingdianqi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:31 GMT
Content-Type: application/x-javascript
Content-Length: 546
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5iwTd6J5lzzWoK2YL8pBfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pg0fTCgqXKVD/idSFSpAyDXxvM4=
www.juntingdianqi.com/common.js
200 OK 4.0 kB URL HTTP/1.1 www.juntingdianqi.com/common.js
IP
File type ISO-8859 text, with very long lines (451), with CRLF line terminators
Hash bde4b2910686974edaec1547734d2e55
c69eafebf4aa9cb93a4e67536d4d87a5bb2778d1
50de7459dfc1d085e1ea39f41fc1715d49d17c40d9aed0b8b93abc0aeddda941
Analyzer Verdict Alert fortinet Malware
GET /common.js HTTP/1.1
Host: www.juntingdianqi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:32 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 02 Dec 2022 11:53:37 GMT
Etag: "4078521116"
Expires: Sat, 02 Dec 2023 11:53:37 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=00D9817C6CFB2E7C419C31CCDBDFF49E:FG=1; max-age=31536000; expires=Sat, 02-Dec-23 11:53:37 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 7c729c24b0bcb3dadaaaa8c5afe5207f
315131b1980da399d898f41272e5e0e221dd24d8
40b4960fd2e4196578c9cd88d97480644d59dd8eb2dd054b365036f40203e35c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Dec 2022 08:18:41 GMT
ETag: "315131b1980da399d898f41272e5e0e221dd24d8"
Last-Modified: Fri, 02 Dec 2022 08:18:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2724
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7733dcf7f982b515-OSL
hm.baidu.com/hm.js?5ca73d6b1902571c5521c95d0b2d00bd
301 Moved Permanently 94 B URL HTTP/1.1 hm.baidu.com/hm.js?5ca73d6b1902571c5521c95d0b2d00bd
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document, ASCII text
Hash 2556940e444a0bfa423843bab94db3e2
48adc502658303c3df2d2e924fd12c24b2d2e56b
88b87152a1c9e9c65453561ab188caae2ad258975bfdc1e08e077e702fd7fc5d
GET /hm.js?5ca73d6b1902571c5521c95d0b2d00bd HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
HTTP/1.1 301 Moved Permanently
Location: https://hm.baidu.com/hm.js?5ca73d6b1902571c5521c95d0b2d00bd
Date: Fri, 02 Dec 2022 11:53:37 GMT
Content-Length: 94
Content-Type: text/html; charset=utf-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecf6471cfddd1fca035938ff39f7a2bf
2fe12002bb1bc6c68d84e77cc7d1f5c64eb741da
4a4f96818676b04eee2fa99248458dde51bbce847cc3b1873669d6c60c995c9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A4F96818676B04EEE2FA99248458DDE51BBCE847CC3B1873669D6C60C995C9F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21540
Expires: Fri, 02 Dec 2022 17:52:37 GMT
Date: Fri, 02 Dec 2022 11:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5606
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 11:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5606
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 11:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5606
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 11:53:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQ21d2_5JO2Ym-LEnDecub9bK6wUyvM2zUf_XpfMGag83fVWlMjT8w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:09 GMT
age: 50608
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 39523
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:30:28 GMT
age: 80589
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 50524
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 23:43:28 GMT
age: 43809
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 27059
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.juntingdianqi.com/favicon.ico
200 OK 908 B URL HTTP/1.1 www.juntingdianqi.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (786), with CRLF line terminators
Hash fb579a1634da36f8c33d2721c26414cf
ac07aeeb0768c2aa31442dbc9a424d4b39fdfad6
7ed9369ec0170b83718feb56b9a29da2082ddfe69fd2a167f9c90d14c3abdf53
GET /favicon.ico HTTP/1.1
Host: www.juntingdianqi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
api.share.baidu.com/s.gif?l=http://www.juntingdianqi.com/
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.juntingdianqi.com/
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.juntingdianqi.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Dec 2022 11:53:37 GMT
hm.baidu.com/hm.js?0019a463c3db296e6d810a6d6bae5362
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0019a463c3db296e6d810a6d6bae5362
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash dc17889959cda80541a6edcec85edc6f
b2303986b70c240c70526cdac0540102e77f77f0
1f5433782cce2546aaac437a45f541e8f6b981d3cf0e16c6eda7479407b9147a
GET /hm.js?0019a463c3db296e6d810a6d6bae5362 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 11:53:37 GMT
Etag: ac083b96828e3b02f68463cac51384bd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D9ABA15D64999103; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
207.60.180.4/
200 OK 28 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500), with CRLF line terminators
Hash 50dd5ff21adcbf576b474f6ea296598e
f1d3c7142acd32bb5767d4e6a705c93d05bbe952
8869b7e814c50a3dffd8a2f3dd2b5253fb61850d1853918abfacb871185f370c
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:38 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: X_CACHE_KEY=416d1b885e3a18fda1fffff2d17b9c7b; path=/; Expires=Fri, 31-Dec-9999 23:59:59 GMT
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/css/main.css
200 OK 30 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/css/main.css
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e499a3f9cd5b002a5ac3b01435065613
2a41f6ce56b004528e53d6ca9be2ac089368adc7
6b75e8ecd570dcf10b225160202cc996980637cf6dab5170acad1000305ecb46
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/css/main.css HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Nov 2022 06:47:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6385ab00-2a911"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/js/home.js
200 OK 10 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/js/home.js
IP
File type Unicode text, UTF-8 text, with very long lines (2677)
Hash 30b2bada41a0054a62f3567b4c31ca63
f66c00e1d3f869fd8c007b82085232e44d6ffb81
709d4bbcd190acbc71e25572e0f21071c3274f4c14abc2942ec9a0c4a04eae29
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/js/home.js HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Jul 2021 12:35:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f6c31e-9591"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/js/doas_index.js
200 OK 3.2 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/js/doas_index.js
IP
Hash e729a6ae36c8b400857464eba01905dc
3b3c2785368cab30ca0fa6c382ea86d44c161aeb
b380f027db915eac207374eb8c2376b89c2f59edd935397acce3dea282d38b4b
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/js/doas_index.js HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/javascript
Last-Modified: Sun, 13 Nov 2022 12:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6370dd2d-3e16"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/css/orang.css
200 OK 18 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/css/orang.css
IP
File type ASCII text, with very long lines (5764)
Hash 053fb07a0e32dda21f13327d1133b442
11dea600bdf0c2caada4b0a6d9903541a7e04daf
503e65d105412caf62c0891d92d76028a990fae3350a167f5b3b8762bd895a9c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/css/orang.css HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: text/css
Last-Modified: Fri, 08 Jul 2022 18:49:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c87c46-c389"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/js/jquery.easy-autocomplete3.js
200 OK 5.4 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/js/jquery.easy-autocomplete3.js
IP
File type Unicode text, UTF-8 text, with very long lines (15653)
Hash d90753643ec10bbf596467b45d4ab57f
cc0e2c149ce2a27af958b268f3a873b97200faaa
ccd52eb68622415d38bf8b061ac22881c42b378e2560e3c7fc9a491ce1382262
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/js/jquery.easy-autocomplete3.js HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Jul 2021 12:35:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f6c31e-3dd5"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/js/jquery.js
200 OK 37 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/js/jquery.js
IP
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/js/jquery.js HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Jul 2021 12:35:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f6c31e-169d5"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/js/jquery.star-rating-svg.js
200 OK 4.3 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/js/jquery.star-rating-svg.js
IP
File type ASCII text, with very long lines (661)
Hash a582df53f123a07f5172296f8d01b857
d6188fb3c3c292667e4a07aac39ada8c21bcbf49
c637b87f26eda73b53bd08d326ff3f9386657811867b0bec19cc88087db2ade0
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/js/jquery.star-rating-svg.js HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Jul 2021 12:35:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f6c31e-2e4a"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/js/main5.js
200 OK 2.8 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/js/main5.js
IP
Hash d1cad1cf70f6f080e615e764ed4313b8
51d06c4398091e785fb77ba759a2c5e924153777
9f73b1c911bafbe483aaca20c209f58f949c0fe19a37faafcd43cfc9e7c74152
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/js/main5.js HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 21 Jul 2021 14:32:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f82fe6-23fd"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/static/js/jquery.imageupload.js
200 OK 1.9 kB URL HTTP/1.1 207.60.180.4/static/js/jquery.imageupload.js
IP
File type Unicode text, UTF-8 text, with very long lines (3132), with no line terminators
Hash a8f9dc57d7142abad844c6587b2d1e86
b01a818190d41e3f6f00ef3158e6816dabf075c8
af8272cbb4149a0734ed5a3d9bdd9176500001cb8f4e204336992aa267871648
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/jquery.imageupload.js HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 12 Oct 2022 09:33:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"634689cc-c4e"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
207.60.180.4/upload/banner/20221129-1/11e4603918532bd1d8b54c0ba16ae5e4.jpg
200 OK 47 kB URL HTTP/1.1 207.60.180.4/upload/banner/20221129-1/11e4603918532bd1d8b54c0ba16ae5e4.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2022:11:29 14:53:57], progressive, precision 8, 960x120, components 4\012- data
Hash e7283b160cca6430d783429db5b359f1
610ebfff041aeaf511ad8a13cad8fad9124d5985
22e1b2558c1bc0adf1064600b89d3ae25f757962fc4e17e29941d49fcf7ca01c
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/banner/20221129-1/11e4603918532bd1d8b54c0ba16ae5e4.jpg HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: image/jpeg
Content-Length: 46830
Last-Modified: Tue, 29 Nov 2022 07:06:45 GMT
Connection: keep-alive
ETag: "6385af85-b6ee"
Expires: Sun, 01 Jan 2023 11:53:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
207.60.180.4/
200 OK 28 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500), with CRLF line terminators
Hash 50dd5ff21adcbf576b474f6ea296598e
f1d3c7142acd32bb5767d4e6a705c93d05bbe952
8869b7e814c50a3dffd8a2f3dd2b5253fb61850d1853918abfacb871185f370c
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: X_CACHE_KEY=3329f868cef0c6221c0224d9e09834c6; path=/; Expires=Fri, 31-Dec-9999 23:59:59 GMT
X-Cache: HIT
Content-Encoding: gzip
207.60.180.4/template/mb5/ksassets/js/main2.min.js
200 OK 114 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/js/main2.min.js
IP
Size 114 kB (114509 bytes)
Hash bf60145dcd2687e4b1e986af72a84f57
6bb1f94c4f3b40c10e1ecbf29925b7db1d04a9ec
bdcd7a78ce3d52d914824d98241f8915b884e5f80173c3c47fd091246917fe91
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/js/main2.min.js HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Jul 2021 12:35:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f6c31e-58c2d"
Expires: Fri, 02 Dec 2022 23:53:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.js?f6bc2f75f235c883d47532cba44570da
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f6bc2f75f235c883d47532cba44570da
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 500fd4bf93589087de967bece0395881
2b9dee6afc2e2200685cbb6baedc422fc207d161
c75f6b3d14a53097b85b6be9365d40e02c6f3d43daddf8bf643e6471804b1934
GET /hm.js?f6bc2f75f235c883d47532cba44570da HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 11:53:38 GMT
Etag: c00e1d95fd5f82277f410cb056af250b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3E43F5D0421D4987; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 1cc852b3e92b234656cdec8fd00649f7
b5d63731ce7001f442bb979488b79f56077604c6
6193b9cc93c5d8a3cc33c3acd48dd1f19a20c061e8aba137afe5ece93ff1eb0e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 02:12:37 GMT
Expires: Fri, 09 Dec 2022 02:12:36 GMT
Etag: "b5d63731ce7001f442bb979488b79f56077604c6"
Cache-Control: max-age=569336,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7733dd073ac0b4ee-OSL
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 1cc852b3e92b234656cdec8fd00649f7
b5d63731ce7001f442bb979488b79f56077604c6
6193b9cc93c5d8a3cc33c3acd48dd1f19a20c061e8aba137afe5ece93ff1eb0e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 02:12:37 GMT
Expires: Fri, 09 Dec 2022 02:12:36 GMT
Etag: "b5d63731ce7001f442bb979488b79f56077604c6"
Cache-Control: max-age=569336,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7733dd07490c0b59-OSL
207.60.180.4/
200 OK 28 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500), with CRLF line terminators
Hash 50dd5ff21adcbf576b474f6ea296598e
f1d3c7142acd32bb5767d4e6a705c93d05bbe952
8869b7e814c50a3dffd8a2f3dd2b5253fb61850d1853918abfacb871185f370c
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: X_CACHE_KEY=1b5bd2d2d1523ad215869ed558b4530f; path=/; Expires=Fri, 31-Dec-9999 23:59:59 GMT
X-Cache: HIT
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 1dff338153d2617c5e2a65bf7c0907e1
6e6ab5291c7a1ee11710e22ddc5bf30939987194
8797f4bb89a9a12764a8f173f7f0f0d2944a4af5b16425b4490f944d02c2fb56
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 06 Dec 2022 07:34:37 GMT
ETag: "6e6ab5291c7a1ee11710e22ddc5bf30939987194"
Last-Modified: Fri, 02 Dec 2022 07:34:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1954
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7733dd08bb66b524-OSL
207.60.180.4/template/mb5/ksassets/font/icomoon.ttf
200 OK 13 kB URL HTTP/1.1 207.60.180.4/template/mb5/ksassets/font/icomoon.ttf
IP
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash fba3a0ccf68b2ccd46df597c578039cf
ec2ca2c0d52bd1d38d703e89e5b26cd09ff3b989
40ee5cf9bb8e8e2a7a7a97d1b555ab8dabc6a7cd3a338fab44a03786bc0a8db9
Analyzer Verdict Alert quad9 Sinkholed
GET /template/mb5/ksassets/font/icomoon.ttf HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/template/mb5/ksassets/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: application/octet-stream
Content-Length: 12752
Last-Modified: Tue, 20 Jul 2021 11:36:42 GMT
Connection: keep-alive
Set-Cookie: X_CACHE_KEY=70d03e3c59ce03c272533fbd3b2e87af; path=/; Expires=Fri, 31-Dec-9999 23:59:59 GMT
ETag: "60f6b54a-31d0"
Accept-Ranges: bytes
207.60.180.4/upload/banner/20221016-1/925be4ba99d5d3cc15ec351f2b0520a2.gif
200 OK 230 kB URL HTTP/1.1 207.60.180.4/upload/banner/20221016-1/925be4ba99d5d3cc15ec351f2b0520a2.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 230 kB (230477 bytes)
Hash 197224ce1147f6e611fef48af00535e0
81b3ab3d08845ced3140fc23a13f7b575dcda4b4
b7a7280800c8925e65a708ee9381ce5dcf8b84e4c97074b2576a93a145231296
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/banner/20221016-1/925be4ba99d5d3cc15ec351f2b0520a2.gif HTTP/1.1
Host: 207.60.180.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.180.4/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 11:53:39 GMT
Content-Type: image/gif
Content-Length: 230477
Last-Modified: Sat, 15 Oct 2022 17:47:14 GMT
Connection: keep-alive
ETag: "634af222-3844d"
Expires: Sun, 01 Jan 2023 11:53:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=411124707&si=f6bc2f75f235c883d47532cba44570da&su=http%3A%2F%2Fwww.juntingdianqi.com%2F&v=1.3.0&lv=1&sn=19148&r=0&ww=1268&u=http%3A%2F%2F207.60.180.4%2F&tt=%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86-meimeiav99.com-%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86-%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=411124707&si=f6bc2f75f235c883d47532cba44570da&su=http%3A%2F%2Fwww.juntingdianqi.com%2F&v=1.3.0&lv=1&sn=19148&r=0&ww=1268&u=http%3A%2F%2F207.60.180.4%2F&tt=%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86-meimeiav99.com-%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86-%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=411124707&si=f6bc2f75f235c883d47532cba44570da&su=http%3A%2F%2Fwww.juntingdianqi.com%2F&v=1.3.0&lv=1&sn=19148&r=0&ww=1268&u=http%3A%2F%2F207.60.180.4%2F&tt=%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86-meimeiav99.com-%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86-%E5%A6%B9%E5%A6%B9AV%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 02 Dec 2022 11:53:39 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D841795AA27335DD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 7890b4b0a1d1f3d5b607f53e2bd7b651
27338f16477ea9179fffe0f03596550854e3f74b
95e98e65e6863621dc7976e98441ed79d50e8a18e56b0c19595e436de29bd53c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:40 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 19:25:42 GMT
Expires: Wed, 07 Dec 2022 19:25:41 GMT
Etag: "27338f16477ea9179fffe0f03596550854e3f74b"
Cache-Control: max-age=458520,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7733dd099b620b59-OSL
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 47b0c89c0b9602c3858e471df70c8737
1c865b47b8b01f48a53b808b8a1ad3c14c3506a3
b30803b18739f477054981f0763024321e60f6aa70e3bf9cfe483783639c1674
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:40 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:16:00 GMT
Expires: Tue, 06 Dec 2022 08:15:59 GMT
Etag: "1c865b47b8b01f48a53b808b8a1ad3c14c3506a3"
Cache-Control: max-age=331938,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7733dd08fd35b4ee-OSL
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 1cc852b3e92b234656cdec8fd00649f7
b5d63731ce7001f442bb979488b79f56077604c6
6193b9cc93c5d8a3cc33c3acd48dd1f19a20c061e8aba137afe5ece93ff1eb0e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:40 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 02:12:37 GMT
Expires: Fri, 09 Dec 2022 02:12:36 GMT
Etag: "b5d63731ce7001f442bb979488b79f56077604c6"
Cache-Control: max-age=569335,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7733dd07488b1bfe-OSL
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 7890b4b0a1d1f3d5b607f53e2bd7b651
27338f16477ea9179fffe0f03596550854e3f74b
95e98e65e6863621dc7976e98441ed79d50e8a18e56b0c19595e436de29bd53c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:40 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 19:25:42 GMT
Expires: Wed, 07 Dec 2022 19:25:41 GMT
Etag: "27338f16477ea9179fffe0f03596550854e3f74b"
Cache-Control: max-age=458520,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7733dd09acdfb503-OSL
8499136.com/8499/200x200.gif
200 OK 49 kB URL HTTP/2 8499136.com/8499/200x200.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Hash f9cfee83620ed3913a15407857b6197d
3597be679b25e44e95145a07161b4e90cf20bd90
6f4244d3ceee89f0facba0cd11e13fa817910870df4a83631941db13ce5a4297
GET /8499/200x200.gif HTTP/1.1
Host: 8499136.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:53:40 GMT
content-type: image/gif
content-length: 48866
last-modified: Tue, 15 Nov 2022 13:50:54 GMT
etag: "bee2-5ed82a50f01f1"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352753192348.gif
200 OK 429 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352753192348.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 429 kB (428593 bytes)
Hash 60de0e198b93e9f487d4f1c77ed5db88
fa3070711f791e218c5235ff20bba7c086697f75
ab8489fad65bf627642df428a3ba8b3733ce209f60b5c5e4064d76a0d160dd41
GET /static/uploads/image/x22/20221021/1666352753192348.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Sun, 20 Nov 2022 11:46:11 GMT
ETag: "1668944773"
Expires: Tue, 20 Dec 2022 11:46:11 GMT
Last-Modified: Sun, 20 Nov 2022 11:46:13 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352830978201.gif
200 OK 385 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352830978201.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 385 kB (385063 bytes)
Hash c78be403757792bab60796cef35fe914
0f8985a3c906d190aa5a33900151b91960fab66e
7a5a1f6615520a6ec9ad88f5146eb28cafa7589934070658a90c6fa9498ca8aa
GET /static/uploads/image/x22/20221021/1666352830978201.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 21 Nov 2022 04:47:17 GMT
ETag: "1669006037"
Expires: Wed, 21 Dec 2022 04:47:17 GMT
Last-Modified: Mon, 21 Nov 2022 04:47:17 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.sectigo.com/
200 OK 472 B IP
Hash 08a12ac9815166bd3886e0576bf4f355
bfada3197d2a160693ccf1aee601c30317aeebd1
f393cade3b3fa32c76b7f329df2334dcabf3ba75540d23f24291098f7e269afc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:53:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 02:54:13 GMT
Expires: Wed, 07 Dec 2022 02:54:12 GMT
Etag: "bfada3197d2a160693ccf1aee601c30317aeebd1"
Cache-Control: max-age=399030,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7733dd101873b4fd-OSL
8499159.com/8499/hongse/960x120.gif
200 OK 487 kB URL HTTP/2 8499159.com/8499/hongse/960x120.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 487 kB (486580 bytes)
Hash 025ea4d7393db904a62b04d1248d9a65
6333c028655b17e2860b6cd72cf7740e96ef1edb
88a1b2ac6f9746cbced8e0f0b3f33b379d6c88e9e6571b5ffab2305048952928
GET /8499/hongse/960x120.gif HTTP/1.1
Host: 8499159.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:53:40 GMT
content-type: image/gif
content-length: 486580
last-modified: Sat, 12 Nov 2022 04:48:00 GMT
etag: "76cb4-5ed3eb5f953df"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
8499159.com/8499/s/960x120.gif
200 OK 487 kB URL HTTP/2 8499159.com/8499/s/960x120.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 487 kB (486580 bytes)
Hash 025ea4d7393db904a62b04d1248d9a65
6333c028655b17e2860b6cd72cf7740e96ef1edb
88a1b2ac6f9746cbced8e0f0b3f33b379d6c88e9e6571b5ffab2305048952928
GET /8499/s/960x120.gif HTTP/1.1
Host: 8499159.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:53:40 GMT
content-type: image/gif
content-length: 486580
last-modified: Fri, 11 Nov 2022 15:25:13 GMT
etag: "76cb4-5ed337effedaa"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352792388714.gif
200 OK 331 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352792388714.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 331 kB (331164 bytes)
Hash 8df08a88cc552d86ea2da255aa27e043
cde01d50e4b71cc5c3a7f57dcab8fd4711423990
6b21ccec5df61e6eca7a64ece24bde458283cd39e3e5d7340746ca647790b404
GET /static/uploads/image/x22/20221021/1666352792388714.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 21 Nov 2022 04:47:17 GMT
ETag: "1669006037"
Expires: Wed, 21 Dec 2022 04:47:17 GMT
Last-Modified: Mon, 21 Nov 2022 04:47:17 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.digicert.com/
200 OK 727 B IP
Hash 9ea6c0e2433c24be0f573ad0f121b28a
dc534accaae9fea99173df146557f6916525809d
34c81d5abd4f663a0e6408e823c66a04f887dda1bb81553c0dab9be288b547a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:53:41 GMT
Last-Modified: Fri, 02 Dec 2022 10:57:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/bac1b153852e481e80d3a9e6115ac0a5
200 OK 918 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/bac1b153852e481e80d3a9e6115ac0a5
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 120\012- data
Size 918 kB (917885 bytes)
Hash 26adafb0f711b1af8acb056486aefa26
706c5cb03e9a5392e6c686f0e88f16d2b45fd54d
15c16b69b31e967599c18dbdd2b726f483b9dd4bfad233b16dff830dbc356e04
GET /obj/tos-cn-i-dy/bac1b153852e481e80d3a9e6115ac0a5 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 917885
date: Wed, 30 Nov 2022 11:49:38 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 30 Nov 2022 11:43:40 GMT
nw-session-id: 202211301943400102020921561A89847Arvg6p01dy
nw-session-trace: 2022-11-30T19:43:40.663911635+08:00 57
x-bdcdn-cache-status: TCP_HIT
x-length: 917885
x-powered-by: ImageX
x-response-date: Wed, 30 Nov 2022 19:43:40 GMT
x-tt-logid: 202211301943400102020921561A89847A
via: n150-061-089, cache14.l2de2[0,0,206-0,H], cache17.l2de2[0,0], cache17.l2de2[2,0], cache4.se1[0,0,200-0,H], cache7.se1[5,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=5
x-tt-trace-host: 01d915b0d2d115411c0d000cf25952e4904068a21d6eeb99b8f9745656d708ad5575854260012b1e26614c6282df26c99ec72e8fcc2443bb76c04a3b992831b5c96004e8ba1c6e9100fb569ecce45fe605bbf3fd2c175f79816f8e50b9adf30791
x-response-lb: image
ali-swift-global-savetime: 1669808978
age: 173043
x-cache: HIT TCP_MEM_HIT dirn:4:101875844 mlen:0
x-swift-savetime: Fri, 02 Dec 2022 01:30:21 GMT
x-swift-cachetime: 31400357
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16699820215105297e
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
200 OK 599 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 92ce9634640ce6bf45b887e595e1d109
0997b7e8ba67ced86e178154604efa8a868a8ac0
1521d0e5e413e8b56d87b9a4d7c3900658ac611bb7c83813a981784ed6e6a647
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 02 Dec 2022 11:51:37 GMT
last-modified: Fri, 02 Dec 2022 02:10:47 GMT
expires: Fri, 09 Dec 2022 02:10:46 GMT
etag: "0997b7e8ba67ced86e178154604efa8a868a8ac0"
cache-control: max-age=603825,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7733da0a6b1c9bb8-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1669981897
via: cache2.l2de2[37,36,304-0,M], cache17.l2de2[38,0], cache4.se1[0,0,200-0,H], cache8.se1[1,0], cache8.se1[3,0]
age: 124
x-cache: HIT TCP_MEM_HIT dirn:11:180889655
x-swift-savetime: Fri, 02 Dec 2022 11:51:37 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9c16699820216477394e, 2ff62c9c16699820216477394e
ocsp.trust-provider.cn/
200 OK 599 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 92ce9634640ce6bf45b887e595e1d109
0997b7e8ba67ced86e178154604efa8a868a8ac0
1521d0e5e413e8b56d87b9a4d7c3900658ac611bb7c83813a981784ed6e6a647
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 02 Dec 2022 11:51:37 GMT
last-modified: Fri, 02 Dec 2022 02:10:47 GMT
expires: Fri, 09 Dec 2022 02:10:46 GMT
etag: "0997b7e8ba67ced86e178154604efa8a868a8ac0"
cache-control: max-age=603825,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7733da0a6b1c9bb8-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1669981897
via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0], cache1.se1[2,0]
age: 124
x-cache: HIT TCP_MEM_HIT dirn:1:19578912
x-swift-savetime: Fri, 02 Dec 2022 11:53:16 GMT
x-swift-cachetime: 1701
timing-allow-origin: *, *
eagleid: 2ff62c9516699820216532752e, 2ff62c9516699820216532752e
cdn.bootcdn.net/ajax/libs/layer/3.5.1/layer.min.js
200 OK 7.7 kB URL HTTP/2 cdn.bootcdn.net/ajax/libs/layer/3.5.1/layer.min.js
IP
ASN #133119 China Unicom IP network
File type ASCII text, with very long lines (22256), with no line terminators
Hash d8c2392818020782a64f1bfc82d925b7
9ec929085e4e835612f0c121ac556d10fb6cb91a
2d21155156e6a93dac921e15042a88485e72857ef6b86db8efcfc4cc9f329cbc
GET /ajax/libs/layer/3.5.1/layer.min.js HTTP/1.1
Host: cdn.bootcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:53:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 7691
server: openresty
access-control-allow-origin: *
age: 15479331
cf-cache-status: HIT
cf-ray: 716fa0f698f57ed1-LAX
cache-control: public, max-age=30672000
content-encoding: gzip
cross-origin-resource-policy: cross-origin
etag: "60c373da-1e0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 27 May 2023 08:02:57 GMT
last-modified: Fri, 11 Jun 2021 14:31:54 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC29Bdj%2BfvsOeSvfgRE0kNUJC6vXLjNgy5sDPdMVcrQlcebm1XIVOKpVie0xMIyv3OGg3%2BIId5aINuJ27rw5Z%2F7GgvsVd02fJrZAORSmGo7WQ%2B5TjkCVZlDyd5x0Jk2Tu3Ot0wMQ"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
timing-allow-origin: *
x-ccdn-cachettl: 31536000
x-ccdn-expires: 16056680
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cdnjs-via: cfworker/kv
nginx-hit: 1
nginx-vary: Accept-Encoding
via: CHN-HElangfang-AREACUCC1-CACHE53[6],CHN-HElangfang-AREACUCC1-CACHE46[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE72[3],CHN-TJ-GLOBAL1-CACHE105[0,TCP_HIT,0]
x-hcs-proxy-type: 1
vary: Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
200 OK 471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8938cb28fd720e13fe8754bc55a645a6
a6c4524b9a9297bd84f479adff73978aaa862672
01526a0e7a7de3ba98148425d00068c6d15d01db239318ec71186f9958138651
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 02 Dec 2022 11:53:41 GMT
Last-Modified: Fri, 02 Dec 2022 00:18:54 GMT
ETag: "6389446e-1d7"
Expires: Sun, 04 Dec 2022 00:18:54 GMT
Cache-Control: max-age=131113
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669982022
Via: cache10.l2de2[297,296,200-0,M], cache10.l2de2[298,0], cache8.se1[320,320,200-0,M], cache8.se1[322,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 02 Dec 2022 11:53:42 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16699820216807413e
cdn.bootcdn.net/ajax/libs/layer/3.5.1/theme/default/layer.css?v=3.5.1
200 OK 2.8 kB URL HTTP/2 cdn.bootcdn.net/ajax/libs/layer/3.5.1/theme/default/layer.css?v=3.5.1
IP
ASN #133119 China Unicom IP network
File type ASCII text, with very long lines (14271), with no line terminators
Hash 996f889e62020b71039553a6f4ea88cd
1c2204afce145547c73288d9bd63ce792f7fab19
f6433d827282e5b7185c4c2b450b565a55e5f915e47f6a40d39b59227672a91e
GET /ajax/libs/layer/3.5.1/theme/default/layer.css?v=3.5.1 HTTP/1.1
Host: cdn.bootcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:53:42 GMT
content-type: text/css; charset=utf-8
content-length: 2783
server: openresty
access-control-allow-origin: *
age: 15479645
cf-cache-status: HIT
cf-ray: 716f9b5c9bda7c4a-LAX
cache-control: public, max-age=30672000
content-encoding: gzip
cross-origin-resource-policy: cross-origin
etag: "60c373da-adf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 27 May 2023 07:59:08 GMT
last-modified: Fri, 11 Jun 2021 14:31:54 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eeQGq69DAsy%2B1b7u5sDwhV3ka4PXm32HjOyQHzFn6vPHYucWPniKCqxGVZupZctWlDOQ%2BB3OV6ig5DddcFjv1KQaRycwUpiAURsNZoijxeDApyg3YEAk1DoA%2BbvNuwvFpPSJ7dy"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
timing-allow-origin: *
x-ccdn-cachettl: 31536000
x-ccdn-expires: 16056367
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cdnjs-via: cfworker/kv
nginx-hit: 1
nginx-vary: Accept-Encoding
via: CHN-HElangfang-AREACUCC1-CACHE53[2],CHN-HElangfang-AREACUCC1-CACHE11[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE109[4],CHN-TJ-GLOBAL1-CACHE11[0,TCP_HIT,0]
x-hcs-proxy-type: 1
vary: Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2
8499136.com/8499/150x150.gif
200 OK 135 kB URL HTTP/2 8499136.com/8499/150x150.gif
IP
File type GIF image data, version 89a, 150 x 150\012- data
Size 135 kB (134747 bytes)
Hash 48c8ab8ae6b52201e71decda0b783d26
5817a61ac305b0b96542b5aced965e79cf67d010
011e88ae2efb7e2c7a98115adcc443c2b965206d34a45c98f7012d476de9aeb8
GET /8499/150x150.gif HTTP/1.1
Host: 8499136.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:53:41 GMT
content-type: image/gif
content-length: 134747
last-modified: Sun, 13 Nov 2022 10:03:32 GMT
etag: "20e5b-5ed573c48c405"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?34b4c6855066de65658587e8bfd161de
200 OK 127 kB URL HTTP/1.1 hm.baidu.com/hm.js?34b4c6855066de65658587e8bfd161de
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Size 127 kB (127125 bytes)
Hash 02e1497af0b94dbdee18df41e051204f
48f93fc98538b791cce77926269fab769e6a7e35
ac68a8d65695b53232334cdaa7c1650895f293b5636e2f698c0de27a94843402
GET /hm.js?34b4c6855066de65658587e8bfd161de HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 11:53:37 GMT
Etag: 913e44abaa19b1f7862f1f1531bd4045
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2D74DD7CCFD42379; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
video.dqn69j4y.top/news/postarning.php?t=0.5316711002449029
200 OK 1.6 MB URL HTTP/2 video.dqn69j4y.top/news/postarning.php?t=0.5316711002449029
IP
Size 1.6 MB (1607876 bytes)
Hash e24e91bcb62fba3305909747f8bd9988
650fbe18dc1f7433fd26d91f6a025607e5b6d48d
f61e10b5274155618bfe846caf657b9aa213f8ea53e7c303602beceaa53cde1c
POST /news/postarning.php?t=0.5316711002449029 HTTP/1.1
Host: video.dqn69j4y.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 68
Origin: http://www.juntingdianqi.com
Connection: keep-alive
Referer: http://www.juntingdianqi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:53:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
access-control-allow-methods: POST,GET,OPTIONS,DELETE
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
vkhhjp.com/4884323b9f7548a1bea05ace52d22c56.gif
200 OK 445 kB URL HTTP/2 vkhhjp.com/4884323b9f7548a1bea05ace52d22c56.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /4884323b9f7548a1bea05ace52d22c56.gif HTTP/1.1
Host: vkhhjp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c30d5c-6cad4"
server: nginx
date: Wed, 05 Oct 2022 08:16:35 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 15:55:08 GMT
accept-ranges: bytes
x-cache: HIT from megai-cdn121-015
content-length: 445140
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 50748
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.1202555.com/images/638741b720b1cb1fbb117864.gif
302 Found 0 B URL HTTP/2 img.1202555.com/images/638741b720b1cb1fbb117864.gif
IP
ASN #134835 Starry Network Limited
GET /images/638741b720b1cb1fbb117864.gif HTTP/1.1
Host: img.1202555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.180.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/bac1b153852e481e80d3a9e6115ac0a5
X-Firefox-Spdy: h2
108.186.109.143
185.239.226.87
47.246.44.225
103.188.121.25
182.61.240.101
23.36.77.32
93.184.220.29