Overview

URLnils-holgerson.com/
IP 172.121.89.17 (United States)
ASN#18779 EGIHOSTING
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-24 14:05:58 UTC
StatusLoading report..
IDS alerts0
Blocklist alert8
urlquery alerts No alerts detected
Tags None

Domain Summary (79)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
kvkddd.top (2) 0 2022-05-01 09:53:48 UTC 2022-11-23 08:53:47 UTC 104.21.233.183 Unknown ranking
sz88.oss-cn-shenzhen.aliyuncs.com (2) 0 2022-06-01 18:03:12 UTC 2022-11-24 09:53:42 UTC 120.77.166.72 Domain (aliyuncs.com) ranked at: 1959
613711567.com (1) 0 No data No data 47.75.19.145 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-24 05:36:55 UTC 34.102.187.140
ocsp.digicert.cn (5) 37572 No data No data 47.246.44.205
si1.go2yd.com (2) 325918 2018-06-23 18:58:20 UTC 2020-04-26 02:29:18 UTC 163.171.140.79
kvkhhh.top (1) 0 2022-11-08 06:35:52 UTC 2022-11-23 09:31:05 UTC 172.67.188.239 Unknown ranking
8499225.com (1) 0 No data No data 172.247.50.228 Unknown ranking
ob699.cc (1) 0 2022-09-25 21:28:39 UTC 2022-11-23 17:37:15 UTC 45.153.131.58 Unknown ranking
ocsp2.globalsign.com (5) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.21.226
fmlb.netlbtu.com (6) 187701 2021-09-14 11:57:06 UTC 2022-11-24 06:44:20 UTC 172.247.77.250
592773xgg.com (1) 0 No data No data 45.61.212.123 Unknown ranking
kvthhh.top (2) 0 2022-07-28 11:10:32 UTC 2022-11-24 11:22:16 UTC 104.21.235.66 Unknown ranking
585227ybn.com (1) 0 No data No data 103.170.15.95 Unknown ranking
api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2020-05-14 13:49:44 UTC 182.61.201.93
kvmaa.com (1) 0 2015-11-06 04:44:54 UTC 2022-11-24 11:22:15 UTC 170.178.176.170 Unknown ranking
i.ibb.co (1) 13485 2018-11-25 10:13:48 UTC 2022-11-24 06:15:51 UTC 51.210.3.236
sszhan.oss-cn-shenzhen.aliyuncs.com (1) 0 2022-08-12 16:47:21 UTC 2022-11-24 04:52:24 UTC 120.77.166.119 Domain (aliyuncs.com) ranked at: 1959
kvtnnn.top (1) 0 2022-08-16 10:58:10 UTC 2022-11-23 17:37:17 UTC 104.21.234.86 Unknown ranking
static.qwahk.com (1) 0 No data No data 206.119.105.161 Unknown ranking
img.u1779.com (1) 0 No data No data 91.199.87.220 Unknown ranking
ocsp.buypass.com (2) 157566 2018-06-15 05:12:14 UTC 2020-04-24 21:44:29 UTC 23.36.76.129
api.79zxcv.com (3) 0 No data No data 3.1.205.26 Unknown ranking
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
kveff.com (1) 0 2022-08-16 11:07:26 UTC 2022-11-24 09:53:42 UTC 64.32.13.142 Unknown ranking
www.jxys88.net (3) 0 2022-01-15 01:49:35 UTC 2022-11-24 02:43:12 UTC 173.231.12.68 Unknown ranking
zhibo128x.xyz (2) 0 No data No data 154.83.25.141 Unknown ranking
6937555.com (1) 0 2020-11-21 09:40:36 UTC 2021-01-28 05:04:40 UTC 104.149.145.170 Unknown ranking
r3.o.lencr.org (19) 344 No data No data 23.36.76.226
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
hm.baidu.com (5) 8254 2012-05-26 08:38:45 UTC 2020-02-11 02:47:13 UTC 103.235.46.191
www.jxys13.xyz (11) 0 2022-08-17 05:55:21 UTC 2022-11-23 08:40:16 UTC 173.231.38.5 Unknown ranking
imagedelivery.net (2) 255311 2021-09-20 12:34:55 UTC 2022-11-24 10:23:13 UTC 104.18.2.36
200.benbenys.com (1) 0 2022-11-10 04:20:23 UTC 2022-11-24 04:17:22 UTC 23.224.61.222 Unknown ranking
sysupload.csiteadmin.com (17) 0 No data No data 52.184.85.118 Unknown ranking
www.nils-holgerson.com (4) 0 2013-08-19 01:22:20 UTC 2022-11-23 13:04:28 UTC 172.121.89.17 Unknown ranking
ads-6686.top (2) 0 2022-09-06 08:15:05 UTC 2022-11-24 12:55:25 UTC 123.253.107.62 Unknown ranking
pic.picnewsss.com (1) 0 2022-06-19 23:06:23 UTC 2022-11-24 02:43:16 UTC 23.225.139.251 Unknown ranking
img.8961x.com (1) 0 No data No data 91.199.87.220 Unknown ranking
yzf.qq.com (2) 627844 No data No data 113.96.208.98
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
img.1129555.com (1) 0 No data No data 91.199.87.220 Unknown ranking
taiwtp1.com (3) 0 2022-04-08 07:06:08 UTC 2022-11-24 07:23:40 UTC 220.128.218.220 Unknown ranking
push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2020-04-25 10:56:18 UTC 112.34.113.148
dimg04.c-ctrip.com (2) 139731 2014-05-08 16:11:11 UTC 2019-09-28 12:59:51 UTC 104.110.17.24
kvemm.com (2) 222018 2021-10-18 01:51:02 UTC 2022-11-24 11:22:15 UTC 64.32.13.142
ocsp.digicert.com (15) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-24 05:30:55 UTC 34.117.237.239
ocsp.sectigo.com (10) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
zerossl.ocsp.sectigo.com (9) 4049 No data No data 172.64.155.188
339282bdb.com (1) 0 No data No data 103.170.15.115 Unknown ranking
nils-holgerson.com (1) 0 2016-05-06 14:31:28 UTC 2022-11-23 05:05:02 UTC 172.121.89.17 Unknown ranking
acoosso.top (1) 631702 2021-11-15 06:18:20 UTC 2022-11-24 02:43:16 UTC 91.195.240.12
539397377.com (1) 0 No data No data 47.75.19.145 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.160.51.228
ocsp.globalsign.com (2) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
kzecc.com (1) 0 2017-01-29 04:39:36 UTC 2022-11-24 11:22:16 UTC 45.154.215.92 Unknown ranking
223969ufy.com (1) 0 No data No data 45.61.212.60 Unknown ranking
1088hg01.oss-cn-hongkong.aliyuncs.com (1) 0 2022-10-18 16:59:25 UTC 2022-11-24 02:43:15 UTC 47.75.19.69 Domain (aliyuncs.com) ranked at: 1959
img.u1158.com (1) 0 No data No data 91.199.87.220 Unknown ranking
362728tdg.com (1) 0 No data No data 103.170.15.100 Unknown ranking
p.qlogo.cn (3) 48578 2014-01-15 11:11:45 UTC 2020-05-03 00:28:53 UTC 43.154.254.32
img.9717x.com (1) 0 No data No data 91.199.87.220 Unknown ranking
ak-d.tripcdn.com (4) 71581 No data No data 96.6.16.143
lbfm.lbpictupian.com (23) 0 2022-10-09 16:47:38 UTC 2022-11-24 06:44:20 UTC 104.22.12.214 Unknown ranking
dvcasha2.ocsp-certum.com (2) 71753 2014-11-27 08:04:42 UTC 2020-02-10 00:10:06 UTC 23.36.79.10
tt.1468tu.com (1) 0 No data No data 43.153.174.204 Unknown ranking
8499163.com (1) 0 No data No data 23.224.101.37 Unknown ranking
acoozzh.top (2) 439448 2022-01-10 01:59:44 UTC 2022-11-24 11:22:16 UTC 104.21.33.100
p3.douyinpic.com (5) 23536 No data No data 47.246.44.225
img.9712x.com (1) 0 No data No data 91.199.87.220 Unknown ranking
885364.com (1) 0 No data No data 47.75.19.145 Unknown ranking
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com (1) 0 2022-06-02 10:46:58 UTC 2022-11-24 02:43:16 UTC 47.56.33.17 Domain (aliyuncs.com) ranked at: 1959
e1.o.lencr.org (6) 6159 No data No data 23.36.77.32
kvezz.com (1) 237784 2021-10-17 08:32:09 UTC 2022-11-24 10:36:50 UTC 64.32.13.142
kvevv.com (2) 0 2022-05-01 01:44:50 UTC 2022-11-24 11:22:15 UTC 45.154.215.92 Unknown ranking
nvhbbb.top (1) 0 2022-04-10 08:43:59 UTC 2022-11-23 17:37:16 UTC 172.67.170.188 Unknown ranking
628536nyv.com (1) 0 No data No data 45.61.212.130 Unknown ranking
829355rff.com (1) 0 No data No data 45.61.212.47 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-24 2 ads-6686.top Sinkholed
2022-11-24 2 ads-6686.top Sinkholed
2022-11-24 2 339282bdb.com Sinkholed
2022-11-24 2 223969ufy.com Sinkholed
2022-11-24 2 628536nyv.com Sinkholed
2022-11-24 2 362728tdg.com Sinkholed
2022-11-24 2 829355rff.com Sinkholed
2022-11-24 2 585227ybn.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.121.89.17
Date UQ / IDS / BL URL IP
2023-01-11 16:04:33 +0000 0 - 1 - 6 nils-holgerson.com/ 172.121.89.17
2023-01-07 06:04:40 +0000 0 - 4 - 8 nils-holgerson.com/ 172.121.89.17
2023-01-07 02:04:42 +0000 0 - 1 - 7 nils-holgerson.com/ 172.121.89.17
2023-01-05 04:04:56 +0000 0 - 4 - 5 nils-holgerson.com/ 172.121.89.17
2022-12-23 09:04:28 +0000 0 - 2 - 9 nils-holgerson.com/ 172.121.89.17


Last 5 reports on ASN: EGIHOSTING
Date UQ / IDS / BL URL IP
2023-02-07 05:44:35 +0000 0 - 4 - 20 25b.top/ 142.111.175.236
2023-02-07 04:58:33 +0000 0 - 8 - 3 1koo.top/ 23.27.7.62
2023-02-07 02:29:09 +0000 0 - 3 - 5 iraqaviationexpo.net/wp-admin/includes/papa/p (...) 107.165.145.241
2023-02-07 02:04:15 +0000 0 - 4 - 9 www.sdobke.com/ny18/?-ZoXL=rI5S/ItQJYXutxxfnV (...) 23.27.72.243
2023-02-07 02:01:13 +0000 0 - 4 - 1 groupmillions.com/ 104.164.239.190


Last 5 reports on domain: nils-holgerson.com
Date UQ / IDS / BL URL IP
2023-01-11 16:04:33 +0000 0 - 1 - 6 nils-holgerson.com/ 172.121.89.17
2023-01-07 06:04:40 +0000 0 - 4 - 8 nils-holgerson.com/ 172.121.89.17
2023-01-07 02:04:42 +0000 0 - 1 - 7 nils-holgerson.com/ 172.121.89.17
2023-01-05 04:04:56 +0000 0 - 4 - 5 nils-holgerson.com/ 172.121.89.17
2022-12-23 09:04:28 +0000 0 - 2 - 9 nils-holgerson.com/ 172.121.89.17


No other reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (1)
#1 JavaScript::Eval (size: 474) - SHA256: 9535900244363e49fe3037b56b5794492da85e58a5af5a6e45074409015ac946
document.write('<title>93@�э�
        Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="https:/ / www.jxys88.net / news / index.php "></iframe></div><style type="
        text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');

Executed Writes (4)
#1 JavaScript::Write (size: 351) - SHA256: bc6eefa90005a569493948d8ae97575bf163beae520323be99102d7d8fb217a1
< div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 35%; z-index: 19999 !important; right: 2px;" > < a target = "_blank"
href = "https://kmf02lldh.cc" > < img src = "https://www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>
#2 JavaScript::Write (size: 455) - SHA256: 64e30e5b66ab752a8b3e31c0a921933b63a84c10d17af1ce6011c1d502462672
< title > 93@� э� Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="https:/ / www.jxys88.net / news / index.php "></iframe></div><style type="
text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
#3 JavaScript::Write (size: 201) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca
< style > # o63092 {
    animation - duration: 10000 ms;
    animation - iteration - count: infinite;
    animation - timing - function: linear;
}@
keyframes spin {
    from {
        transform: rotate(0 deg);
    }
    to {
        transform: rotate(360 deg);
    }
} < /style>
#4 JavaScript::Write (size: 325) - SHA256: e967b17ccec9ca604894134066a952a06cb54f663cedb925c3d8575a80a7b0c8
< div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 52%; z-index: 19999 !important; right: 2px;" > < a target = "_blank"
href = "https://xinzzfdslkjkc111.com/e01/jxy.html" > < img src = "https://taiwtp1.com/xin/200200.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>


HTTP Transactions (242)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2491
Expires: Thu, 24 Nov 2022 14:47:14 GMT
Date: Thu, 24 Nov 2022 14:05:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4642
Cache-Control: max-age=164570
Date: Thu, 24 Nov 2022 14:05:43 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:48:33 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13951
Expires: Thu, 24 Nov 2022 17:58:15 GMT
Date: Thu, 24 Nov 2022 14:05:44 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 13:17:17 GMT
cache-control: public,max-age=3600
age: 2907
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: IYoWZZTOUChqsU59mqKI9YNC3Jl+AU1opjbUJW26beTc1pk5RYwkAjlLXQ7w+Ndm8Wy3WWiiIyk=
x-amz-request-id: MSCJ1W6TR2V9M481
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 13:43:25 GMT
age: 1339
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: nils-holgerson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.121.89.17
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 24 Nov 2022 14:05:43 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.nils-holgerson.com/index.php

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:44 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 13:08:53 GMT
cache-control: public,max-age=3600
age: 3411
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /index.php HTTP/1.1 
Host: www.nils-holgerson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.121.89.17
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 24 Nov 2022 14:05:44 GMT
Content-Length: 785
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   785
Md5:    449979d226b4709e707902a1275adecd
Sha1:   bc5083da744f7892a81e1a630855e6250b5f3959
Sha256: 235f81865fe0e97383deb1b88df3ba218d51bfc6cedb0ecbf0ad24f7029f1c0c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5571
Cache-Control: max-age=160436
Date: Thu, 24 Nov 2022 14:05:44 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:39:40 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tj.js HTTP/1.1 
Host: www.nils-holgerson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

search
                                         172.121.89.17
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 24 Nov 2022 14:05:44 GMT
Content-Length: 520
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   520
Md5:    c641843bbee2dbe645c9de13d8f953ed
Sha1:   1a93b5d7b8540d5acbaae9c8bc00c16926a23588
Sha256: 4604c89ab81e21b0a8e7e762b60c0190dd44643056504ae5c28ebd2b4e739ed7
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0q+O1b5pZcQNHJr4/UTIPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.160.51.228
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yoenlwa8U4YMzpTo5cNONxijeb4=

                                        
                                            GET /common.js HTTP/1.1 
Host: www.nils-holgerson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

search
                                         172.121.89.17
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 24 Nov 2022 14:05:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size:   738
Md5:    70670d0986c3d241b2799f9b5ae5e100
Sha1:   e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
Sha256: 788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/

search
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Thu, 24 Nov 2022 14:05:45 GMT
Etag: "4078521116"
Expires: Fri, 24 Nov 2023 14:05:45 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=E032C4726B189AC295172C78EF9BDBD2:FG=1; max-age=31536000; expires=Fri, 24-Nov-23 14:05:45 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:45 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 28 Nov 2022 12:10:26 GMT
ETag: "0a397e5c91864d241b0db69916046aaa61bd07a1"
Last-Modified: Thu, 24 Nov 2022 12:10:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2899
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f2b3871859b524-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    c3fe0621c298f4b4d2a2754cdf6289a1
Sha1:   0a397e5c91864d241b0db69916046aaa61bd07a1
Sha256: 0e06fad4d81d1cca9845ff18a5e157a17233097451ff4569c88a863098672f9f
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:45 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 28 Nov 2022 12:10:26 GMT
ETag: "0a397e5c91864d241b0db69916046aaa61bd07a1"
Last-Modified: Thu, 24 Nov 2022 12:10:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2899
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f2b3871ab9b515-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    c3fe0621c298f4b4d2a2754cdf6289a1
Sha1:   0a397e5c91864d241b0db69916046aaa61bd07a1
Sha256: 0e06fad4d81d1cca9845ff18a5e157a17233097451ff4569c88a863098672f9f
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.nils-holgerson.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

search
                                         172.121.89.17
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Thu, 24 Nov 2022 14:05:45 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 29 Nov 2022 14:05:45 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A1B84584D4150C52D2FC0175F72368A12EC3FB9D5221101E084A09007D0C3DBF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10914
Expires: Thu, 24 Nov 2022 17:07:39 GMT
Date: Thu, 24 Nov 2022 14:05:45 GMT
Connection: keep-alive

                                        
                                            GET /s.gif?l=http://www.nils-holgerson.com/index.php HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/

search
                                         182.61.201.93
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Thu, 24 Nov 2022 14:05:45 GMT

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17261
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 14:05:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17261
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 14:05:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17261
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 14:05:46 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 58674
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 32478
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 58599
etag: "89accd230fba95fe0049678070817b36ead015fa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5070
Md5:    0856fdb55f19f03a1bec38b3d6e0ac77
Sha1:   89accd230fba95fe0049678070817b36ead015fa
Sha256: 17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 57450
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7462
Md5:    b4157f2c5c3c77ce699324ecb08f47c7
Sha1:   a7d9135f9d01ba13c3cdaf8b038c70212f159297
Sha256: 2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 24922
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6789
Md5:    d9d93b2a6875d446c3467eb49767eef5
Sha1:   303c571b13b05fcf27ee1159d8fdf6369aaef0a2
Sha256: 2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 57988
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13882
Md5:    64d79191f005c9876b952c5f948aa0f7
Sha1:   1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
Sha256: 00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
                                        
                                            GET /hm.js?fec0eaa8fc52795617f18f518d42aaab HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Date: Thu, 24 Nov 2022 14:05:45 GMT
Etag: 5bb5f6c140438eee63fe7182d6e2bb13
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6B0962F550C918F5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (616)
Size:   11254
Md5:    2887da3ce95d1db5e03a9f631668585f
Sha1:   a13516f4a8de2a41e17e886999babd1aee667898
Sha256: a1015733c2c6ce815781f2e832d310fb9cbf77c8294440f6e430561b6b5c6ad1
                                        
                                            GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Date: Thu, 24 Nov 2022 14:05:45 GMT
Etag: 1ec4af42495b97d07f6af85ed3dbecf2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FA81C8D6E1D7E5C1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (619)
Size:   11257
Md5:    7aa48de00c464c64a8198f0b2fedfd15
Sha1:   8abacf72cbf1d52689d0bf976f701e91e6b8d0fa
Sha256: 79a72235e29ff0d7f277b552bbce7a74678cf96358bdb417cff049e71dbad162
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1118109838&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=56761&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 24 Nov 2022 14:05:46 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=803C3B147967BD5B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2081965670&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=56761&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 24 Nov 2022 14:05:46 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=71FB6A54E0B7F6A3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8502FF84AEEE8B73DECDD11E42884F0393559410CFD069EA9CE9950632450B13"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 24 Nov 2022 20:05:47 GMT
Date: Thu, 24 Nov 2022 14:05:47 GMT
Connection: keep-alive

                                        
                                            GET /template/m1938pc/html9/ads/1.gif HTTP/1.1 
Host: www.jxys13.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.38.5
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:48 GMT
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Sat, 24 Dec 2022 14:05:48 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 17\012- data
Size:   254
Md5:    b013f8fa3ec997fe20dc80b82af0ad0a
Sha1:   e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
Sha256: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
                                        
                                            GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1 
Host: www.jxys13.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.38.5
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:48 GMT
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Sat, 24 Dec 2022 14:05:48 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 90\012- data
Size:   193193
Md5:    a0f25aca4ee2af38f3d3f5cbfde1bdf8
Sha1:   252b04cdfaa6918b897fc8ef8ae759469ca831eb
Sha256: 89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2
                                        
                                            GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1 
Host: www.jxys13.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.38.5
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:48 GMT
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Fri, 25 Nov 2022 02:05:48 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3381
Md5:    7d321e96a2e1093b2ef5a0e6f4925005
Sha1:   f5eae03fb46ae4c3c342d1bcebbbaa0081558f38
Sha256: b4c70b080befb37f8a4f511d52f41434ddb538ff82e1644ee4472fb8b07d1559
                                        
                                            GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1 
Host: www.jxys13.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys13.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.38.5
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:48 GMT
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size:   13408
Md5:    99af6debcdaba3e7ffe01b4c3cbccacb
Sha1:   4efda64b06cd7c294f6214623bcb634f3def3bd1
Sha256: 1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
                                        
                                            GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1 
Host: www.jxys13.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.38.5
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:48 GMT
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Fri, 25 Nov 2022 02:05:48 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (493), with CRLF line terminators
Size:   38772
Md5:    040dda781a2c7a6218267ea6031e429a
Sha1:   399a9ff7db3b553eba9db6aa4ea53e84d09cd24c
Sha256: 83c0a55f4c4eb82faf386da60f3f5a875154a2ba93af5b6d2c5983132ac49639
                                        
                                            GET /225X135.gif HTTP/1.1 
Host: ads-6686.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         123.253.107.62
HTTP/2 200 OK
content-type: image/gif
                                        
server: load-edge/2.1.1
date: Thu, 24 Nov 2022 14:05:49 GMT
content-length: 11628
last-modified: Tue, 01 Nov 2022 08:29:24 GMT
etag: "6360d8e4-2d6c"
strict-transport-security: max-age=31536000
lp-geo: edge-ahzp
lp-addr: 91.90.42.154
lp-request: f735cb73-095a-48fc-8b62-0f14f8f03eb7
lp-id: f44b1cff2f22865191e6f21411b93381
expires: Thu, 24 Nov 2022 14:10:49 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 225 x 135\012- data
Size:   11628
Md5:    cea5d3c342f46ac6e2646554230f4810
Sha1:   cdfea23fb58f0c2ef60288ff378f7518b14023b1
Sha256: 851d3d959c12a9c5e0002209a5cecee9b9cbf97d5ac5df3bf59ed4b1762b9bd1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "16AFF9CC0C99E7AB1CE8918E332416BE4E5DAEDA76EA2265849088DCBA0CAAD7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9457
Expires: Thu, 24 Nov 2022 16:43:26 GMT
Date: Thu, 24 Nov 2022 14:05:49 GMT
Connection: keep-alive

                                        
                                            GET /images/0102y120009tf26vrA1E9.gif?proc=autoorient HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 151061
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=8555244
expires: Fri, 03 Mar 2023 14:33:13 GMT
date: Thu, 24 Nov 2022 14:05:49 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   151061
Md5:    89c820a186cb325d9979cdae663875eb
Sha1:   e9dbc77e9d46e03ebec28aaca2bf5e302767064f
Sha256: 9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade
                                        
                                            GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11211715
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Thu, 24 Nov 2022 14:05:49 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   414559
Md5:    1a2cba8175d957d2379d06e6d2d4250d
Sha1:   190eb918616fa53aaca8a53b917f2627e626fecc
Sha256: 17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
                                        
                                            GET /images/0Z06k2215d3m9fgtcDE68.gif HTTP/1.1 
Host: ak-d.tripcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         96.6.16.143
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 120799
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 32
x-edgeconnect-origin-mex-latency: 41
cache-control: max-age=7702283
expires: Tue, 21 Feb 2023 17:37:12 GMT
date: Thu, 24 Nov 2022 14:05:49 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   120799
Md5:    b0f8e806d4a30c123d6404fd5b9f0876
Sha1:   ad7f7d43d3e5340016ef521d346cd2a6c518bfaa
Sha256: 0785b7dd32685c1301b017a5852d0614edd564035e709b6791823d1bd454a454
                                        
                                            GET /images/0Z0462215cypa2gv406F9.gif HTTP/1.1 
Host: ak-d.tripcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         96.6.16.143
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 457345
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6626671
expires: Thu, 09 Feb 2023 06:50:20 GMT
date: Thu, 24 Nov 2022 14:05:49 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   457345
Md5:    c715f378075493153db049a8d2e70e1c
Sha1:   8c86edc72c9fa616aa484a42b84cff16c35f06b9
Sha256: 7ea2d9498a4d7b0467811099cc382871149c383a4d2639f222b0b928494c91dd
                                        
                                            GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1 
Host: kvemm.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         64.32.13.142
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:49 GMT
content-length: 162
location: https://kvkddd.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1 
Host: ak-d.tripcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         96.6.16.143
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6626744
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Thu, 24 Nov 2022 14:05:49 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   1197751
Md5:    6938343bc2a842c4d2c9c96f4dde0298
Sha1:   00e2b1b902b196b3c005facb934c10e2a2ca1961
Sha256: 5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
                                        
                                            GET /images/0Z05r2224t6z9bba9EA9A.gif HTTP/1.1 
Host: ak-d.tripcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         96.6.16.143
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 917226
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7692748
expires: Tue, 21 Feb 2023 14:58:17 GMT
date: Thu, 24 Nov 2022 14:05:49 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   917226
Md5:    28998a87f539b948e98fdc9c82fc6a69
Sha1:   c0085b4e65a2679d63c10ccf8bcffd7b6014b211
Sha256: 1bcb305b12f83cc84760b87cc0d7088e774e0d67e19657f131fdc6a0fadbec0a
                                        
                                            GET /960-60.gif HTTP/1.1 
Host: ads-6686.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         123.253.107.62
HTTP/2 200 OK
content-type: image/gif
                                        
server: load-edge/2.1.1
date: Thu, 24 Nov 2022 14:05:49 GMT
content-length: 570462
last-modified: Mon, 14 Nov 2022 07:53:17 GMT
etag: "6371f3ed-8b45e"
strict-transport-security: max-age=31536000
lp-geo: edge-ahzp
lp-addr: 91.90.42.154
lp-request: 6435afd1-f62f-4a60-bbb5-308e9119a6f1
lp-id: ebf28d2a14aedb4b987e3c1bc788b88c
expires: Thu, 24 Nov 2022 14:10:49 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   570462
Md5:    60393bbfab3aac9d2d4b557ba0752c41
Sha1:   4da3fa5126e9b68041eec58e3b794b28565ddd0a
Sha256: b7c0b7710cec9c28a60532612d277bfe56400b95f4f524eb7d049a7b4ea73750

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5308
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 14:05:50 GMT
Etag: "637eb887-117"
Last-Modified: Thu, 24 Nov 2022 12:37:23 GMT
Server: ECS (amb/6BBB)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5308
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 14:05:50 GMT
Last-Modified: Thu, 24 Nov 2022 12:37:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1 
Host: imagedelivery.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.2.36
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 308789
cf-ray: 76f2b3a408c1b4e8-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf7jj0DExcr4Eulp_4fW43VFQZ8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
cf-images: internal=ok/- q=0 n=515 c=29+582 v=2022.11.4 l=308789
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
warning: cf-images 299 "original is 182253B smaller"
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   308789
Md5:    799d622d8489838225bdf632d1ae4095
Sha1:   4f6c51fcc2b138919eaffddb4e0552eccd639540
Sha256: ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1581635964&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=56764&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys13.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 24 Nov 2022 14:05:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B7ACB02282F24B2A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1 
Host: imagedelivery.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.2.36
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 24176
cf-ray: 76f2b3a418c8b4e8-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfECSi5uQ1bVzCSelFGwcyrA"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=855 c=1+45 v=2022.10.4 l=24176
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   24176
Md5:    2ca0538b0b77324a38cf2b74f16cb6fe
Sha1:   0ef6374accaaedf856fe2532b8001519894e7fbf
Sha256: 2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4
                                        
                                            GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1 
Host: kvemm.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         64.32.13.142
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 162
location: https://kvkddd.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /xxx12345.gif HTTP/1.1 
Host: ob699.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         45.153.131.58
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 19781
Last-Modified: Sat, 01 Oct 2022 06:45:45 GMT
Connection: keep-alive
ETag: "6337e219-4d45"
Expires: Sat, 24 Dec 2022 14:05:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 225 x 135\012- data
Size:   19781
Md5:    74f156899d26c1a1ef9108ee4023052d
Sha1:   3d2f15dc81ee27a7832947bbb59a7836ccc7f027
Sha256: b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 10:07:53 GMT
ETag: "1b316bf8c0e23cb031171c70ee70ffe9b779008a"
Last-Modified: Thu, 24 Nov 2022 10:07:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1848
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f2b3a67b35b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    449b360a499ffda73336343f9a2261e9
Sha1:   1b316bf8c0e23cb031171c70ee70ffe9b779008a
Sha256: 7fb5f9863fc377873edc2074f65e329080a87f6114630b6df1bdec9b41240c46
                                        
                                            GET /images/63523e155fe50f0585d3ef82.gif HTTP/1.1 
Host: img.u1779.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         91.199.87.220
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    449b360a499ffda73336343f9a2261e9
Sha1:   1b316bf8c0e23cb031171c70ee70ffe9b779008a
Sha256: 7fb5f9863fc377873edc2074f65e329080a87f6114630b6df1bdec9b41240c46
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 10:07:53 GMT
ETag: "1b316bf8c0e23cb031171c70ee70ffe9b779008a"
Last-Modified: Thu, 24 Nov 2022 10:07:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1848
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f2b3a67837b524-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    449b360a499ffda73336343f9a2261e9
Sha1:   1b316bf8c0e23cb031171c70ee70ffe9b779008a
Sha256: 7fb5f9863fc377873edc2074f65e329080a87f6114630b6df1bdec9b41240c46
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 10:07:53 GMT
ETag: "1b316bf8c0e23cb031171c70ee70ffe9b779008a"
Last-Modified: Thu, 24 Nov 2022 10:07:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1848
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f2b3a67b4e1bfa-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    449b360a499ffda73336343f9a2261e9
Sha1:   1b316bf8c0e23cb031171c70ee70ffe9b779008a
Sha256: 7fb5f9863fc377873edc2074f65e329080a87f6114630b6df1bdec9b41240c46
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 00:22:25 GMT
Expires: Tue, 29 Nov 2022 00:22:24 GMT
Etag: "976737c9c834b445fd80b408de8ccfefed7471f3"
Cache-Control: max-age=381993,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2b3a68bfe1c0a-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:05:45 GMT
Expires: Tue, 29 Nov 2022 22:05:44 GMT
Etag: "169b07506a34587443ded2cb51fe798c9b3c9f97"
Cache-Control: max-age=460193,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2b3a67991b4ff-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3F277021F69F354772CA4128127046688524E2CBFC59C93583660747F4F394FB"
Last-Modified: Tue, 22 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2708
Expires: Thu, 24 Nov 2022 14:50:58 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D4C79E89936019B21A3532CCC68C3BAF5B094D356AAEC5A5E322ACBFA996D041"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2486
Expires: Thu, 24 Nov 2022 14:47:16 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 11:29:04 GMT
ETag: "b20c9cf746f84f94314513722f9ad225c0260363"
Last-Modified: Thu, 24 Nov 2022 11:29:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2192
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f2b3a75c73b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    dff53e380c046482d0a17808e5f0cf31
Sha1:   b20c9cf746f84f94314513722f9ad225c0260363
Sha256: d286c5dec924a6dc19d14dcf62241fdec9789f92d5f35904071dfc5f9724d38a
                                        
                                            GET /template/m1938pc/static/css/mm-content.css HTTP/1.1 
Host: www.jxys13.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.38.5
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:48 GMT
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Fri, 25 Nov 2022 02:05:48 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1575
Md5:    b9cdf8bc53ba067bac408e3026cea2f3
Sha1:   47bd333f6f9ee8f21b3a87e19bd951a2d153464e
Sha256: 1a6f5601498dc114025074c2c16958b754a4f2b379a65fcfc01780e20975dfca
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 12:53:40 GMT
ETag: "ad84447aec101005cc75fde5a85e20e7b0c5f024"
Last-Modified: Thu, 24 Nov 2022 12:53:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1702
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f2b3a76cc20afe-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    c2381367e8562c6ccb1f903059aa08c0
Sha1:   ad84447aec101005cc75fde5a85e20e7b0c5f024
Sha256: f0c8a6a686be36bf2d915433c5b4837d726d52661e547c6fc00797b015be5aec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:19:40 GMT
Expires: Wed, 30 Nov 2022 03:19:39 GMT
Etag: "d5099be07a28dc4ace29ed48f4a542900e25f153"
Cache-Control: max-age=479028,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2b3a67a4eb511-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 04:32:08 GMT
Expires: Tue, 29 Nov 2022 04:32:07 GMT
Etag: "f2bf98c511ebe6ffb73c751082a8cc984cd04d30"
Cache-Control: max-age=396976,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2b3a67845b524-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 03:31:13 GMT
Expires: Thu, 01 Dec 2022 03:31:12 GMT
Etag: "7c8118b4e27d144f96f375ae985e1676223229a6"
Cache-Control: max-age=566121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2b3a67b531bfa-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.buypass.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.129
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 230914fc-d100-4f95-a0ca-56b7669e55d8
Content-Length: 1700
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1700
Md5:    494cb2efef59bfe70bf0626da333c957
Sha1:   316f67803e81717befda88cb85db9a77e1ad816f
Sha256: 895324ccf7553d88a7fa1b10abd1f1e0dc4e56c881ed0a8fdac1a9cb6e902fb8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B9C3D040D7DD66D2A01C2DB68EE2F137D6EC60EC8A408C94F00D062CACFEB47D"
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3633
Expires: Thu, 24 Nov 2022 15:06:23 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B9C3D040D7DD66D2A01C2DB68EE2F137D6EC60EC8A408C94F00D062CACFEB47D"
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3633
Expires: Thu, 24 Nov 2022 15:06:23 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            GET /template/m1938pc/static/css/style.css HTTP/1.1 
Host: www.jxys13.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.38.5
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:48 GMT
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Fri, 25 Nov 2022 02:05:48 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14888
Md5:    bb39cb8783d8293bd8e9d4508e115de4
Sha1:   1fcc98aedfdc480fd78b611bc6d9d35740ba02cb
Sha256: 964d792389dce149523cea40e6157364735e7b3042f60fd38f501acc1509fb9b
                                        
                                            GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1 
Host: kvmaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         170.178.176.170
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EACA7F7C80089C7BBFB0D3886EA60C71D31DBE1984EA7F773A20BC38B1D88EA2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4294
Expires: Thu, 24 Nov 2022 15:17:24 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 08:52:33 GMT
Expires: Tue, 29 Nov 2022 08:52:32 GMT
Etag: "c429bc925e26bdc1cfbf8f061c092437c2f980da"
Cache-Control: max-age=412601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2b3a70a6cb4ff-OSL

                                        
                                            GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1 
Host: kzecc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.154.215.92
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 162
location: https://kvkhhh.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.buypass.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.129
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: b5e71f9e-ccac-496d-8633-297eb8b4f249
Content-Length: 1700
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1700
Md5:    3d5f73d090ed98079990698e1eb1c878
Sha1:   875bb2f765777242d870cf1e0e1dca87e57c3430
Sha256: 75e1998066928ad0e29dd5a88e04ee71f46d08a5ea848601f3da047502e331f4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "57964CDDBD17A258FC0CB60FFA508F82E9F5160EF1A4848BFEB834E007576F5A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Thu, 24 Nov 2022 18:59:57 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "268C4D940A7A31BB53331ED027CEAFBC562D00004AAFBC17256DD31551C1903A"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19093
Expires: Thu, 24 Nov 2022 19:24:03 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4C206274B25F0699275DCA281F1B7605442A52FC3FEC9141D78DACA584720CC8"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6463
Expires: Thu, 24 Nov 2022 15:53:33 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Thu, 24 Nov 2022 14:05:50 GMT
Last-Modified: Thu, 24 Nov 2022 00:18:50 GMT
ETag: "637eb86a-1d7"
Expires: Sat, 26 Nov 2022 00:18:50 GMT
Cache-Control: max-age=123180
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669298750
Via: cache21.l2de2[6,6,200-0,M], cache21.l2de2[7,0], cache2.se1[29,28,200-0,M], cache2.se1[30,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 24 Nov 2022 14:05:50 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616692987507924219e

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Thu, 24 Nov 2022 14:05:50 GMT
Last-Modified: Thu, 24 Nov 2022 00:18:50 GMT
ETag: "637eb86a-1d7"
Expires: Sat, 26 Nov 2022 00:18:50 GMT
Cache-Control: max-age=123180
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669298750
Via: cache6.l2de2[5,5,200-0,M], cache6.l2de2[7,0], cache3.se1[29,29,200-0,M], cache3.se1[30,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 24 Nov 2022 14:05:50 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716692987507922172e

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3223
Cache-Control: max-age=124256
Date: Thu, 24 Nov 2022 14:05:50 GMT
Etag: "637eb007-116"
Expires: Sat, 26 Nov 2022 00:36:46 GMT
Last-Modified: Wed, 23 Nov 2022 23:43:03 GMT
Server: ECS (amb/6BBB)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /30e6eb2de3e8d7da7879e39548fdfe92.gif HTTP/1.1 
Host: acoozzh.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.33.100
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 158376
last-modified: Mon, 02 May 2022 19:18:16 GMT
etag: "62702e78-26aa8"
expires: Mon, 12 Dec 2022 14:19:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1035990
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymy1GDKV6AcsdBIuN8Pqvvcr%2F1ZPVqa5bR0jdvRGlumYHB00Sq7FQx2VXpcZSegZ5aq078Toq3gkjRgGp7Ty%2FfM8HPxAzr%2FzX5HK6cy2SniFtSat7A9eGjR7Y12o%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2b3a919efb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 300\012- data
Size:   158376
Md5:    55574ea2b72e2fbe45871f66165442a8
Sha1:   7fd461a708c87486335dde3e12740c188af0facd
Sha256: 005f42b2004591c7bdb51b40cab0711f489c32bb10ddc2061c5c48469fd769a0
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12715
Expires: Thu, 24 Nov 2022 17:37:45 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12715
Expires: Thu, 24 Nov 2022 17:37:45 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12715
Expires: Thu, 24 Nov 2022 17:37:45 GMT
Date: Thu, 24 Nov 2022 14:05:50 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2022/11-24/17/hviplus5zcy1730hviplus5zcy125140.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 9276
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10018
content-disposition: inline; filename="hviplus5zcy1730hviplus5zcy125140.webp"
etag: "637f39a4-2722"
last-modified: Thu, 24 Nov 2022 09:30:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96ef71c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   9276
Md5:    c7e9ad2792e5812a811f1554dcbc0b47
Sha1:   0b8291d49705fd25f9a79f4b0ece6a16c5015f60
Sha256: 0e444921e38e4a94bba49430009803b450b6425ee7d19d73c5e447a3ebc3ab33
                                        
                                            GET /upload/vod/2022/11-24/17/paq3janyfq21730paq3janyfq2015130.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 8813
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9450, status=webp_bigger
etag: "637f399a-24ea"
last-modified: Thu, 24 Nov 2022 09:30:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2b3a96efd1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size:   8813
Md5:    dc35ebd6d8bb6bdf37271d627de1efaa
Sha1:   80480cbd1e7d962c7f383bacceac3d67a983b71d
Sha256: 977f8d91885615296256e87bd795761c920a276681e87e895d843f6c61be8039
                                        
                                            GET /get-image/0yFVWR9AM6k HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         163.171.140.79
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 140259
x-application-context: application
x-kss-request-id: 42be03856f37421d8d1834ac0d22900d
etag: "4125d9bf66b1a755f42abaea805ee9af"
content-md5: QSXZv2axp1X0KrrqgF7prw==
last-modified: Mon, 28 Feb 2022 07:48:08 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:9 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:10 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:17 (Cdn Cache Server V2.0)
x-ws-request-id: 637f7a3e_PShlamstdAMS1se91_28085-53550
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 376\012- data
Size:   140259
Md5:    4125d9bf66b1a755f42abaea805ee9af
Sha1:   17232f64827beb19e2a717d1bdbf384b3e938249
Sha256: d3c1b29a4d2c0fa6fc41d308d6c110eeb868276c2a74697766283838ebe1f732
                                        
                                            GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1 
Host: kvezz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         64.32.13.142
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 162
location: https://acoozzh.top/800a83efcf662b60b2ec0c6bb37ce110.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /upload/vod/2022/11-24/17/dfyev5oojrb1730dfyev5oojrb025132.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 5604
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7240
content-disposition: inline; filename="dfyev5oojrb1730dfyev5oojrb025132.webp"
etag: "637f399a-1c48"
last-modified: Thu, 24 Nov 2022 09:30:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96efc1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5604
Md5:    affb97a58936c5ddf4e628cc0fdbc081
Sha1:   5a162880bea4ebd05ab325a5fcfffc2b1b670d03
Sha256: 64c841e5194ac6e0539c395ae82cb351840ddf28b9fde3d651da565bcda56947
                                        
                                            GET /get-image/0yFQ28gLGhP HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         163.171.140.79
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 279676
server: Tengine
x-application-context: application
x-kss-request-id: 7619a86ae5664556a23b9964f031b63f
etag: "b25d41aed5450abed3b57ce91edeb1ef"
content-md5: sl1BrtVFCr7TtXzpHt6x7w==
last-modified: Mon, 28 Feb 2022 06:31:20 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjzwdx5aa31:0 (Cdn Cache Server V2.0), 1.1 jszjsx22:12 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:6 (Cdn Cache Server V2.0)
x-ws-request-id: 637f7a3e_PShlamstdAMS1se91_28085-53549
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 600 x 350\012- data
Size:   279676
Md5:    b25d41aed5450abed3b57ce91edeb1ef
Sha1:   32246d3032e682f04be554c60fa343835bf7a1c9
Sha256: 3198df78ef5491bd63c4dbd8fea3604f34dad6baa285ea8629ec250954f405ba
                                        
                                            GET /upload/vod/2022/11-24/17/o0kpydpwigp1730o0kpydpwigp105134.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 8482
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11388
content-disposition: inline; filename="o0kpydpwigp1730o0kpydpwigp105134.webp"
etag: "637f39a2-2c7c"
last-modified: Thu, 24 Nov 2022 09:30:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96f081c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   8482
Md5:    1a08b9ae07c2a93955ad8b80543a3793
Sha1:   5563920aff337e459779d6100a3f143ac0148508
Sha256: 0e484d86dd62950118ea6365707b35542e9985a7472041f8bfcfb87ddb1369d0
                                        
                                            GET /upload/vod/2022/11-24/17/o3yn2uqzidd1730o3yn2uqzidd165148.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 17498
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=17811, status=webp_bigger
etag: "637f39a8-4593"
last-modified: Thu, 24 Nov 2022 09:30:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2b3a96f091c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size:   17498
Md5:    25a5583166b86e213eaaede1031422e4
Sha1:   fba42029f892d891991d1a21732f1d511d4c5901
Sha256: c6ddcc50385259f60eefadc59abe19e08d5228bde940e308c45b8f1365207897
                                        
                                            GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1 
Host: kvevv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.154.215.92
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 162
location: https://kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /upload/vod/2022/11-24/17/1el045t00pv17301el045t00pv145144.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 9718
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10270, status=webp_bigger
etag: "637f39a6-281e"
last-modified: Thu, 24 Nov 2022 09:30:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2b3a96f0b1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Size:   9718
Md5:    97a079367349730dd3374b2250d89560
Sha1:   a3bf3c527e4e61c01193401cfb677abcfd9c971c
Sha256: 23c9c7cc617206a3b83068a8d88196d1c09530f22c84188475938d3501f8220f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2943
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 14:05:51 GMT
Etag: "637e96bc-2d7"
Last-Modified: Thu, 24 Nov 2022 13:16:48 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /upload/vod/2022/11-24/17/udqy5husaln1730udqy5husaln135142.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 7492
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8129
content-disposition: inline; filename="udqy5husaln1730udqy5husaln135142.webp"
etag: "637f39a5-1fc1"
last-modified: Thu, 24 Nov 2022 09:30:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96f0d1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7492
Md5:    b7cbb3a5a7aa875e0ec5e04d09e06b7b
Sha1:   451d7d0e3a8929b6029c38acdc30a12adbb1fa05
Sha256: 452e88a310328abf6648527e0bb0888484859af496020ab2169cd144497da9c6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=134350
Date: Thu, 24 Nov 2022 14:05:50 GMT
Etag: "637ee40c-1d7"
Expires: Sat, 26 Nov 2022 03:25:00 GMT
Last-Modified: Thu, 24 Nov 2022 03:25:00 GMT
Server: nginx
Content-Length: 471

                                        
                                            GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1 
Host: kvevv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.154.215.92
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 162
location: https://kvthhh.top/7546c860e55fa3bf22e5cd95994dd097.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1 
Host: acoozzh.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys13.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.33.100
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 24 Nov 2022 14:05:51 GMT
content-length: 739561
last-modified: Mon, 02 May 2022 19:20:49 GMT
etag: "62702f11-b48e9"
expires: Thu, 22 Dec 2022 17:58:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 158864
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwk7D3ISc6%2FvHt6YfYP%2F8qlZ9hr2%2BYVdvLklRdDIJxQ9h175U4OJ5wfatEbVXibPjpJwQOmaKtNVNCIcfIyvlyA7OHafBHqTb9oANUjJJxqQUMOydJ4RE8v0Kn8csQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2b3a9cac8b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   739561
Md5:    5318e42d25e6b9b53726d8166248cc33
Sha1:   762b03c16562865a9a58a02dba471f78608376db
Sha256: b632e7a04d032c4853a8460e9d636ac032f697db8f50cfee6a6016587ed8f62c
                                        
                                            GET /upload/vod/2022/11-24/17/kr2311vbxw51730kr2311vbxw5105136.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 7874
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9027
content-disposition: inline; filename="kr2311vbxw51730kr2311vbxw5105136.webp"
etag: "637f39a3-2343"
last-modified: Thu, 24 Nov 2022 09:30:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96f061c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7874
Md5:    13db57111e466476e6663a55dfeaac51
Sha1:   d83c735da4bb38f5dbbc91fe6b7969f715f486b6
Sha256: d3c76b6057a0fda40ea7393dcd28807c36ac64c92d3b09995f9560502b83d077
                                        
                                            GET /upload/vod/2022/11-24/17/zo0cu4ncgin1730zo0cu4ncgin195156.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 3826
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6398
content-disposition: inline; filename="zo0cu4ncgin1730zo0cu4ncgin195156.webp"
etag: "637f39ac-18fe"
last-modified: Thu, 24 Nov 2022 09:30:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96f0e1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   3826
Md5:    68e4cdf8dd763758e678ffac2f3a4e3f
Sha1:   caf27432ba37cfbd3faa0468b576944d62acfcd2
Sha256: a95f7d24b0cde73874e7dd3a2e9215fd943e1d1a66d313738278b39a65cde98e
                                        
                                            GET /upload/vod/2022/11-24/17/sunqzepigob1730sunqzepigob195154.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 7766
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9211
content-disposition: inline; filename="sunqzepigob1730sunqzepigob195154.webp"
etag: "637f39ab-23fb"
last-modified: Thu, 24 Nov 2022 09:30:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96f0f1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7766
Md5:    7a314f5595738bedb10b9086cc300500
Sha1:   958e1fab4f608a2e981198bdc7ee4964dd05124f
Sha256: 4a2ec5493e2e6c98e6c069ff425250a61322d1320ca2357cb4c8696ee85094f9
                                        
                                            GET /upload/vod/2022/11-24/17/30cfvwvgjak173030cfvwvgjak115138.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 12476
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12724
content-disposition: inline; filename="30cfvwvgjak173030cfvwvgjak115138.webp"
etag: "637f39a3-31b4"
last-modified: Thu, 24 Nov 2022 09:30:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96f031c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   12476
Md5:    cd1a02d4532c85de5a1e06cd1564c54e
Sha1:   f6da14f362ddfd39c98e303d59ee90baadde593f
Sha256: 6e2057790947b4ec53238dfed15323049c39b8dd00fec609858011c780f867e6
                                        
                                            GET /upload/vod/2022/11-24/17/2g2feuszfwc17302g2feuszfwc175150.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 11872
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12539
content-disposition: inline; filename="2g2feuszfwc17302g2feuszfwc175150.webp"
etag: "637f39a9-30fb"
last-modified: Thu, 24 Nov 2022 09:30:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96f131c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   11872
Md5:    823360a32f93f11714821ae293e1ad96
Sha1:   2ae4a2a5ad64ac245d972a481220798c3e4cfdbd
Sha256: 0d49ba9edbbf026753ee6439f489e9fcc1c0f3d244f602dc06fb1ac4986eec02
                                        
                                            GET /upload/vod/2022/11-24/17/0rur5rubhdo17300rur5rubhdo155146.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 10467
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11206, status=webp_bigger
etag: "637f39a7-2bc6"
last-modified: Thu, 24 Nov 2022 09:30:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2b3a96f0a1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Size:   10467
Md5:    2184a18ed38cce5f44abc5bb33d31710
Sha1:   6984d5b2a2759b4a18624c3230a7f2098fc58da1
Sha256: c2464f080c766dcbf2c24de7d6e39b872856538809eb2693f73d4a51d58f9d89
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2943
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 14:05:51 GMT
Etag: "637e96bc-2d7"
Last-Modified: Thu, 24 Nov 2022 13:16:48 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /upload/vod/2022/11-24/17/apdnmrxfrel1730apdnmrxfrel185152.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 14:05:50 GMT
content-length: 16823
cf-bgj: imgq:85,h2pri
cf-polished: origSize=17763, status=webp_bigger
etag: "637f39aa-4563"
last-modified: Thu, 24 Nov 2022 09:30:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4581
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2b3a96f111c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size:   16823
Md5:    59e9557523e7a7837a6781a14afbbc61
Sha1:   96fd7272b0eb0c3ea7ec545aeec702909d4fa217
Sha256: 5a3feb5fc60e0e9bc4074859234e170109a013fd6cf4900f4fc0ed9005558a51
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2343
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 14:05:51 GMT
Last-Modified: Thu, 24 Nov 2022 13:26:48 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 727

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B2DE299EBBEF36D74CC7EDEF70900928A9862820DC2C2E1CF569774F9395AC6E"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9500
Expires: Thu, 24 Nov 2022 16:44:11 GMT
Date: Thu, 24 Nov 2022 14:05:51 GMT
Connection: keep-alive

                                        
                                            GET /sh/328.js HTTP/1.1 
Host: api.79zxcv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.1.205.26
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS


--- Additional Info ---
Magic:  ASCII text, with very long lines (463), with no line terminators
Size:   463
Md5:    4ada6e293a75c07ce69d0e9aa7cabe73
Sha1:   a17400b9941f0fa71105caac6ce7e18eea16b7c9
Sha256: 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493
                                        
                                            GET /tL26d3m/240x140.gif HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         51.210.3.236
HTTP/2 404 Not Found
content-type: image/png
                                        
server: nginx
date: Thu, 24 Nov 2022 14:05:51 GMT
content-length: 1031
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size:   1031
Md5:    7325e2012a6cf941a6ea14f0061ff764
Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769
Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
                                        
                                            GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1 
Host: 200.benbenys.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         23.224.61.222
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Server: Apache
Expires: Sat, 24 Dec 2022 14:05:50 GMT
Pragma: cache
Cache-Control: max-age=2592000
Upgrade: h2
Connection: Upgrade, close
Content-Length: 57375


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data
Size:   57375
Md5:    61b977b3527d7c0e27e2af877b5a5c59
Sha1:   4a1f0beee6c8215da2bfda76b5f1c87d62925bfc
Sha256: 945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1833
Cache-Control: max-age=141948
Date: Thu, 24 Nov 2022 14:05:51 GMT
Etag: "637efa92-117"
Expires: Sat, 26 Nov 2022 05:31:39 GMT
Last-Modified: Thu, 24 Nov 2022 05:01:06 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 14:05:51 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 16:39:34 GMT
Expires: Tue, 29 Nov 2022 16:39:33 GMT
Etag: "26672ecd71a9a3b8e762df907a7cb850ff9da8b6"
Cache-Control: max-age=440621,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2b3a93e880afe-OSL

                                        
                                            GET /obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         47.246.44.225
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 561802
date: Wed, 23 Nov 2022 18:17:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 23 Nov 2022 09:43:01 GMT
nw-session-id: 20221123174301010131136052464A87C3qsdgc03dy
nw-session-trace: 2022-11-23T17:43:01.694902751+08:00 92
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Wed, 23 Nov 2022 17:43:01 GMT
x-tt-logid: 20221123174301010131136052464A87C3
via: n150-053-221, cache9.l2de2[0,0,206-0,H], cache16.l2de2[0,0], cache16.l2de2[3,0], cache8.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc02:20:306::101
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01de7516b2be8a6c589dcb05e98f0ccb4f6b92a652c9eae433a3fd2c1a5c90af0b97726c0fe129406d127bf5700a608187a0c670a5c5ad3aa2fe89dda228ae09e1dd713c780a0352432c3386c21829dd51023f17bf2655687c66b54dc3cddef6d5
x-response-lb: image
ali-swift-global-savetime: 1669227478
age: 71273
x-cache: HIT TCP_MEM_HIT dirn:11:339660254 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 06:46:42 GMT
x-swift-cachetime: 31491076
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616692987510734393e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   561802
Md5:    6992b4cd488bb4437ec954ab09a3fa00
Sha1:   e41fc5970be04ab5801e80ce785ff0832b305793
Sha256: 54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
                                        
                                            GET /obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         47.246.44.225
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 366541
date: Thu, 17 Nov 2022 09:57:38 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:55:33 GMT
nw-session-id: 202211171755330101351600153CA97837jtqbj03dy
nw-session-trace: 2022-11-17T17:55:33.515252114+08:00 348
x-bdcdn-cache-status: TCP_HIT
x-length: 366541
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:55:33 GMT
x-tt-logid: 202211171755330101351600153CA97837
via: n150-062-144, cache19.l2de2[0,0,206-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[3,0]
x-request-ip: fdbd:dc02:19:466::76
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 0110eacfba1d3294f86dd74dc0b7b71efc055ca732c6600bba2d6741b693d82f2d1590ac9ee4aaedb3b340de3ae0e5d8206554d70f1b5f0128f5ddf57f5761d5d118ed9bfd3ce7ed23b9f7c85bc468e1789327cf0f953a0eefbb84065abddde000
x-response-lb: image
ali-swift-global-savetime: 1668679059
age: 619692
x-cache: HIT TCP_MEM_HIT dirn:11:63435800
x-swift-savetime: Thu, 17 Nov 2022 09:58:21 GMT
x-swift-cachetime: 31535958
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616692987510634385e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   366541
Md5:    c9e86d7a56b581cc32a6a4380112c0ce
Sha1:   0d35256c35a6f9a4716ae254265428d2f4240c87
Sha256: 5870de497beb45d424d67b39a4aaa841f675d3162780e738bcc26e8ca3e81fc2
                                        
                                            GET /obj/tos-cn-i-dy/9f72c309b4cd48799e412b9020cada94 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         47.246.44.225
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 644516
date: Thu, 24 Nov 2022 06:18:46 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 06:18:46 GMT
nw-session-id: 202211241418460101581651440DB5AD38v2zg902dy
nw-session-trace: 2022-11-24T14:18:46.538612731+08:00 29
x-bdcdn-cache-status: TCP_MISS
x-length: 644516
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 14:18:46 GMT
x-tt-logid: 202211241418460101581651440DB5AD38
via: n150-057-099, cache11.l2de2[0,0,206-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01828e55a3aae08103c59996ea14c72a4a21e979d074814c218d8a662ea022b856674fc57746570c3a948a2f0eded123006ad2497e7e72c308828dc3218b230c11465fa10ff416b2089bd0df49809c91f75336f7bd13cf00c67f19a54945aff467
x-response-lb: image
ali-swift-global-savetime: 1669270726
age: 28025
x-cache: HIT TCP_MEM_HIT dirn:11:339664198 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 06:46:44 GMT
x-swift-cachetime: 31534322
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616692987510624384e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   644516
Md5:    6f4d0e5c73acef4297be21786b04ec66
Sha1:   b585f8035533ae8f2e026816a8541f41c1531a61
Sha256: bc7cc9d3368c6dad22e3ab42ed2ace33d4f111f651cb7e8460377d5c62cb00b7
                                        
                                            GET /obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         47.246.44.225
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 420442
date: Thu, 17 Nov 2022 08:05:12 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 08:04:55 GMT
nw-session-id: 20221117160455010175088205489D283Edffxv02dy
nw-session-trace: 2022-11-17T16:04:55.135790407+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 16:04:55 GMT
x-tt-logid: 20221117160455010175088205489D283E
via: n150-056-038, cache1.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[0,0]
x-request-ip: fdbd:dc02:22:591::147
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=0
x-tt-trace-host: 01307a3fb6122614a2cf2861b66f794cde44fb789caf024a9d7b2c6561afdf19f775a092f1c68726af9bc843af9d0ac960e24a539cf77cbcdda5d0e4291dcc3344458d0ed78fd87e483c6a160aeb1e5530716a4a1a22319dfa833dc91d61d824ef
x-response-lb: image
ali-swift-global-savetime: 1668672312
age: 626439
x-cache: HIT TCP_MEM_HIT dirn:1:303239936
x-swift-savetime: Thu, 17 Nov 2022 08:34:25 GMT
x-swift-cachetime: 31534247
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616692987510834400e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   420442
Md5:    7020ecb5ebdf5d2d41668f76d36f5982
Sha1:   30c768ceb1463fffc0145f1e73c808f8f6d2bb51
Sha256: 3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=140115
Date: Thu, 24 Nov 2022 14:05:51 GMT
Etag: "637efa92-117"
Expires: Sat, 26 Nov 2022 05:01:06 GMT
Last-Modified: Thu, 24 Nov 2022 05:01:06 GMT
Server: nginx
Content-Length: 279

                                        
                                            GET /47a7724b974a47a0a7ff9b1c9af7a26c.gif HTTP/1.1 
Host: 339282bdb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.170.15.115
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "635b942d-1b9b4"
Date: Fri, 11 Nov 2022 20:55:24 GMT
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:34:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-45
Content-Length: 113076


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 185\012- data
Size:   113076
Md5:    293a0887f1ab0b9517c19b77d51626dd
Sha1:   74adbd76d248f6cfc5cffdfaaaaaf942b69b080b
Sha256: e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sh/317.js HTTP/1.1 
Host: api.79zxcv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.1.205.26
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Date: Thu, 24 Nov 2022 14:05:50 GMT
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS


--- Additional Info ---
Magic:  ASCII text, with very long lines (463), with no line terminators
Size:   463
Md5:    4ada6e293a75c07ce69d0e9aa7cabe73
Sha1:   a17400b9941f0fa71105caac6ce7e18eea16b7c9
Sha256: 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493
                                        
                                            GET /upload/vod/2022/11-24/17/252sxr1ayq41730252sxr1ayq4015128.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:51 GMT
content-length: 7424
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8835
content-disposition: inline; filename="252sxr1ayq41730252sxr1ayq4015128.webp"
etag: "637f3999-2283"
last-modified: Thu, 24 Nov 2022 09:30:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96eff1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7424
Md5:    dbdf9a65329bcbb6d4fa75b68418d9a9
Sha1:   c6bd8605505872007d88f4d97b3b4a8200e9a3ff
Sha256: 95d13e962e8e4158eadeb7000bbfad6bd15c242fcc93101eb113b94d18b20232
                                        
                                            GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:51 GMT
content-length: 5568
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6690
content-disposition: inline; filename="2omtifvgwvo16482omtifvgwvo282149.webp"
etag: "6349225c-1a22"
last-modified: Fri, 14 Oct 2022 08:48:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96f011c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5568
Md5:    187a056e67fd5cb46bc7c783f9a9fdac
Sha1:   4ee4e1bf29186fa2c4d5373fe121a6a6031a8737
Sha256: a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171
                                        
                                            GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 14:05:51 GMT
content-length: 11122
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11646, status=webp_bigger
etag: "5dc4d015-2d7e"
last-modified: Fri, 08 Nov 2019 02:16:53 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2b3a96efb1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size:   11122
Md5:    b022836144761d53fd172695cd436216
Sha1:   71dd9ccacd6072c9aeab040b290e151ff01e8d02
Sha256: 6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918
                                        
                                            GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 24 Nov 2022 14:05:51 GMT
content-length: 4468
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6775
content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp"
etag: "5dc4c133-1a77"
last-modified: Fri, 08 Nov 2019 01:13:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f2b3a96efa1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   4468
Md5:    174c271fbd41b05e66270e9f781e8dc1
Sha1:   6f7b0f3b4e5527db1c55921da243ce6318be9e85
Sha256: 20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85