r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2914
Expires: Wed, 14 Dec 2022 23:14:56 GMT
Date: Wed, 14 Dec 2022 22:26:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3026
Expires: Wed, 14 Dec 2022 23:16:48 GMT
Date: Wed, 14 Dec 2022 22:26:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 21:33:50 GMT
content-type: application/json
age: 3152
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
weightloss-meals.com/gym-and-meals
107.165.125.108301 Moved Permanently 0 B URL HTTP/1.1 weightloss-meals.com/gym-and-meals
IP 107.165.125.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gym-and-meals HTTP/1.1
Host: weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 14 Dec 2022 22:26:22 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.weightloss-meals.com/gym-and-meals
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9145
Expires: Thu, 15 Dec 2022 00:58:47 GMT
Date: Wed, 14 Dec 2022 22:26:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iWHukJg/KEPsQPqH3Hepv6Zcrb1FdKdQobLNy3T8od/OM5gVMO+0PRfcJyVoVxZhKlak4fglrG4=
x-amz-request-id: 14CX10BD8TYHDVQK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 21:50:40 GMT
age: 2142
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 22:07:58 GMT
age: 1105
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.weightloss-meals.com/gym-and-meals
107.165.125.108200 OK 783 B URL HTTP/1.1 www.weightloss-meals.com/gym-and-meals
IP 107.165.125.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash a942daf4507d5ead8823e6851783c6d8
a8a0cd5991f301b6f7e113222b2b5252d6fe5e56
f529b0ebc5e1f012afefc84e9e941c47217795f1aa56578c55d00bbdca4ed34a
GET /gym-and-meals HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 22:26:22 GMT
Content-Type: text/html
Content-Length: 783
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 826
Cache-Control: max-age=125659
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:26:23 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 09:20:42 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.weightloss-meals.com/tj.js
107.165.125.108200 OK 518 B URL HTTP/1.1 www.weightloss-meals.com/tj.js
IP 107.165.125.108:0
File type ASCII text, with CRLF line terminators
Hash 42d13181dd4c01c00e9e51359fa72da3
f42486f56c3ad0f9c1c924173afd2125a58b64f0
ab4722cfa6736dc75c10a0b0049115cb92910e5779f164f5347caadf1efc4fcd
GET /tj.js HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 22:26:23 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive
push.services.mozilla.com/
35.162.50.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.50.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T/6oR2JiG1/UwzicTFNtFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ikCJSA7WrVP91NNywyYKBoe0BDg=
www.weightloss-meals.com/common.js
107.165.125.108200 OK 738 B URL HTTP/1.1 www.weightloss-meals.com/common.js
IP 107.165.125.108:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash 70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6
GET /common.js HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 22:26:23 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 14 Dec 2022 22:26:23 GMT
Etag: "4078521116"
Expires: Thu, 14 Dec 2023 22:26:23 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=1AC1FED6E1369CD2211669B9CC02CB26:FG=1; max-age=31536000; expires=Thu, 14-Dec-23 22:26:23 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 651f7bb33941f3e36b0ccea36efa1a71
60927479dd3094914894013cfee250f688cc7cdf
c4d0312c9e017c04e5bcb16dd8b85819570e236e4109437d4218528b95931a48
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 18 Dec 2022 19:34:48 GMT
ETag: "60927479dd3094914894013cfee250f688cc7cdf"
Last-Modified: Wed, 14 Dec 2022 19:34:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 539
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779a5c654d250b59-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 651f7bb33941f3e36b0ccea36efa1a71
60927479dd3094914894013cfee250f688cc7cdf
c4d0312c9e017c04e5bcb16dd8b85819570e236e4109437d4218528b95931a48
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 18 Dec 2022 19:34:48 GMT
ETag: "60927479dd3094914894013cfee250f688cc7cdf"
Last-Modified: Wed, 14 Dec 2022 19:34:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 539
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779a5c6549adb4f1-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec6f882eea0a6e49e461b370116f5f84
d24918cb4dbe066f423486ca7dbb11a162685ee2
994bd782901021f672e9ae146513a35a37e2d50e0c31e7cfcf7d9a8a9c09a0e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "994BD782901021F672E9AE146513A35A37E2D50E0C31E7CFCF7D9A8A9C09A0E7"
Last-Modified: Wed, 14 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9015
Expires: Thu, 15 Dec 2022 00:56:39 GMT
Date: Wed, 14 Dec 2022 22:26:24 GMT
Connection: keep-alive
www.weightloss-meals.com/favicon.ico
107.165.125.108200 OK 1.2 kB URL HTTP/1.1 www.weightloss-meals.com/favicon.ico
IP 107.165.125.108:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 22:26:24 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 19 Dec 2022 22:26:24 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.weightloss-meals.com/gym-and-meals
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.weightloss-meals.com/gym-and-meals
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.weightloss-meals.com/gym-and-meals HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 14 Dec 2022 22:26:24 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3825
Expires: Wed, 14 Dec 2022 23:30:09 GMT
Date: Wed, 14 Dec 2022 22:26:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3825
Expires: Wed, 14 Dec 2022 23:30:09 GMT
Date: Wed, 14 Dec 2022 22:26:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3825
Expires: Wed, 14 Dec 2022 23:30:09 GMT
Date: Wed, 14 Dec 2022 22:26:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3825
Expires: Wed, 14 Dec 2022 23:30:09 GMT
Date: Wed, 14 Dec 2022 22:26:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2ae931d0f14a81013f782d43b8c7b85
9ec84996b63362ad370ff67b0fd8136a343c1bbf
9b4a2b3e5e2d2b4fac094135fed10a3040598f1208f6b2ec52d95d10aca66ed5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9891
x-amzn-requestid: ef1d7b5b-b6fd-483b-bef7-235b0d76648d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2SlaEzgoAMFebw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63926488-701a5e2b61cc6f647fe41acb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 22:26:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K8OPTRGA7cKydHi7_5T23cXe-9m0MsxYAMzBh-aXD93WSNB4pOnMpA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 20:23:47 GMT
age: 7357
etag: "9ec84996b63362ad370ff67b0fd8136a343c1bbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 513e2d0b516490cfc71d87da2c3165fa
2b34ba2bb73cedd73521fc8691feea59dc5aaf9f
879662e443cc9743d9636e2f019d189d961837c270a3d98b46430784360793b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: 0c022863-fa46-4f77-a7d5-ebb6f09bc511
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8xJE8jIAMFpVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41a0-3b53793f62de069900ac46b1;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nK3dcDhst8WDMgyue78azRSSXz41W4xo6uMYSX1JDuRiU9s6_RLEew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:42:07 GMT
etag: "2b34ba2bb73cedd73521fc8691feea59dc5aaf9f"
content-type: image/jpeg
age: 2657
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 950417131e4e9f1238fc585984f327b5
da28ff9df8e2e423cce7ae247a3e8c8469507c4b
0504b92466cf49c1072ba9d9776d921c76fbe3a1542bc202e9751d9c40566597
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fdd629d-f240-4f70-976e-0a71b7c9ed76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5834
x-amzn-requestid: 4c0c3cf5-4bd8-4147-a203-5e65cb11e16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c83JiHS1IAMFjxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950570-1ba028e85b34b9316f6c1411;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:17:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ekmcF5pvHOgfpv7As7YVEXHrhnO0H3SArdYibWb3Dlzp8-dPAYwraw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 17:12:28 GMT
age: 18836
etag: "da28ff9df8e2e423cce7ae247a3e8c8469507c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2361f592471c52524830ea99ab9f217
884fd2a1cfcef20f2e5e549a0853ec3b27be9968
8732e50c7734c8a787c1305a1edf977f5d6db02f0030a79908d18d39dcf70987
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8421
x-amzn-requestid: e5a0378b-4497-4c27-a99b-98f389364c12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-ERFG5tIAMFVLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639580d3-05d06f8f35895f7b54a2db48;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:03:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iWw7ZVF9o-If8H_QfGf6JFNsCs31r60nJaA5jlt0ifWgHJBg-XHTAg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:54:41 GMT
age: 1903
etag: "884fd2a1cfcef20f2e5e549a0853ec3b27be9968"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b031e56b256ee8ed21093f8c5398815
ef4ac091b1804b68c1d8e073d73f7a57e08739a6
f332c68ba6b31d67c02d16412c85e760cbc2e7a67073876c8799365e80b6dbab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9851
x-amzn-requestid: 38f12682-d3c4-4e4f-9b24-afe81ca85dde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-FX9FsVoAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63958299-3d25cec26bcb2ccf73e3526f;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dBS9TPBeVScdBuJSzheNE2lvUb3RqZTfZjJkWcbyuwkyhu0HrFmkIQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:42:07 GMT
age: 2657
etag: "ef4ac091b1804b68c1d8e073d73f7a57e08739a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67718f84-6fff-48ff-a2eb-1c126c960c8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67718f84-6fff-48ff-a2eb-1c126c960c8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 389dadf2919f0ece2a3efa46303259bb
e3302acd5b173db8a5aa2fde0224faa9ce448e40
a93452a3e32f99069aa747d31c2abadc750b772c00345d338069929b340a91ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67718f84-6fff-48ff-a2eb-1c126c960c8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10650
x-amzn-requestid: 9bb462c3-bf7c-448f-8c02-5f03f988f32e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8yaGmAoAMF7hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41a8-7b4e68860442f801753694ca;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gfj-qmeVPyeZ94vWLbwxaSTEBRuTypit6mJXg1uUZNH3K-tSEU77bg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:51:41 GMT
age: 2083
etag: "e3302acd5b173db8a5aa2fde0224faa9ce448e40"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 81068d4bcb897ef3d36f27d934e3d788
4301255b39a1be851032b7ceef4435c23c6f22dd
3168523615d574c7abcd5efdc2b5b20fc66f71ad8139db0b19cba066aeadc48e
GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Wed, 14 Dec 2022 22:26:24 GMT
Etag: ac9c2eacb5094d686d65ed7ea638d81a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D3EA62812A4A592F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash ca04ccfdf48ef4455379ec3e44fe928f
435f6bafc1db8cf95d7f48c3d639da8e2c6e82b8
4ce1149b9834020bef49ffab5f93de32f4af4c0420b5c456d8c7a1bafb7fb2bf
GET /hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Wed, 14 Dec 2022 22:26:24 GMT
Etag: 87e68eac71021d69b89f94a79d763caa
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D66AF9FE02FAA9C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=156845717&si=a8b62fdc23d9b1fca65d1fb2a7d3b162&v=1.3.0&lv=1&sn=45353&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=156845717&si=a8b62fdc23d9b1fca65d1fb2a7d3b162&v=1.3.0&lv=1&sn=45353&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=156845717&si=a8b62fdc23d9b1fca65d1fb2a7d3b162&v=1.3.0&lv=1&sn=45353&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 14 Dec 2022 22:26:25 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F1C2B88F0C8BF427; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=144758651&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45353&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=144758651&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45353&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=144758651&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45353&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 14 Dec 2022 22:26:25 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B8776B10B00E0822; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.jxys88.net/news/list.php
173.231.12.68200 OK 555 B URL HTTP/2 www.jxys88.net/news/list.php
IP 173.231.12.68:0
Hash 23127585ea781b2ab94e35bd49eaaa5f
b09a700086826419ce6f2d8fdbf6ce2dff25e749
3ad9fb17d4a35c0c89d9e22329c7d642e7c92851ec006711a6c8265f1513a10f
GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxys20.xyz/template/m1938pc/html9/ads/1.gif
173.231.38.5200 OK 254 B URL HTTP/2 www.jxys20.xyz/template/m1938pc/html9/ads/1.gif
IP 173.231.38.5:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:26 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Fri, 13 Jan 2023 22:26:26 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys20.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
173.231.38.5200 OK 13 kB URL HTTP/2 www.jxys20.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP 173.231.38.5:0
File type Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Hash 99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys20.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:27 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
z4a.net/images/2022/12/11/960x60.gif
104.21.234.234200 OK 169 kB URL HTTP/2 z4a.net/images/2022/12/11/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 169 kB (168777 bytes)
Hash 729a348b918f6435c5a38c8938a81587
f82b088813167cd5396bf74feedb4d8e35612dcf
cd580979947876de1d553e460e57bd4d7b432c682097f67c6249b667eb3c6726
GET /images/2022/12/11/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:27 GMT
content-type: image/gif
content-length: 168777
expires: Mon, 11 Dec 2023 13:56:31 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 289796
last-modified: Sun, 11 Dec 2022 13:56:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWL1s4Poi35ajU%2Br7lsd2EbWaES3N6bPFPjlb%2FurFfCzAa51yPuOvCEVNgxQVeejxqQ5fK4vNuytBKXnjwJxSM%2FPyXCJJ%2BBfh9DElcVla2AERsZZST6GaRih"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 779a5c797af87302-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/10/960x60.gif
104.21.234.234200 OK 245 kB URL HTTP/2 z4a.net/images/2022/12/10/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245207 bytes)
Hash 0b25bc78e72da9cce4df6f8b35a75247
26e8c59347f9489d5922e92660d3fc2d44c44cbb
8ff60c94afa37237e7746c8095addb9476b20739a25163536a2cd89217089a88
GET /images/2022/12/10/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:27 GMT
content-type: image/gif
content-length: 245207
expires: Mon, 11 Dec 2023 14:52:57 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 286410
last-modified: Sun, 11 Dec 2022 14:52:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSAo8ac8WtqhKTXtZx7BPkawzB157d23UvFySpxEPz3FCbKM587c0ONrUT1HSZqtpvbGO2H8kOEBUSs6AN1rBBM9Dalyo9%2B3k71sGf0AO%2FmJcXJYmXUS5hwo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 779a5c797af57302-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/11/960x603d5ab8438267da4d.gif
104.21.234.234200 OK 176 kB URL HTTP/2 z4a.net/images/2022/12/11/960x603d5ab8438267da4d.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 176 kB (176400 bytes)
Hash 790f7ce169b014489226f2bc54fcebdb
8c728b76de39bd04e942af210a6742a2727eedd5
111153d903587269530c51cc32126f82d51a9461b42be47237db3f289f6483c6
GET /images/2022/12/11/960x603d5ab8438267da4d.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:27 GMT
content-type: image/gif
content-length: 176400
expires: Thu, 14 Dec 2023 16:44:20 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 20527
last-modified: Wed, 14 Dec 2022 16:44:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BPMBsYL0IPAZn0G0%2BA1G3Ov9KpDWOao4CNw6FPxj7ChwnTt72Zu2mEdPexsMD6tSK8DgkyN93KnI3bfPngsnpJJTo9cZRUlbMmbYqVMo2M%2BBRGP71Dsl%2BjF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 779a5c795ad07302-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/08/960x60.gif
104.21.234.234200 OK 520 kB URL HTTP/2 z4a.net/images/2022/12/08/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 520 kB (520166 bytes)
Hash bb7821f4cd19defe3ab1a58275fe76f7
c64f50d1bd56087a3c8ae8c99290c85b4b15917f
10fcd94cf3afbb586d43a37109f5f9d42f0493f1d43e0730f552e5878857f746
GET /images/2022/12/08/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:27 GMT
content-type: image/gif
content-length: 520166
expires: Fri, 08 Dec 2023 11:07:13 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 559154
last-modified: Thu, 08 Dec 2022 11:07:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS4kWyFIRcXrXo4%2FAcKmDSdU6jQtz3f8aHVefC0HSYWoNiz%2BD0fwQK0FMftcASaES7%2BOEqtYRQl9SZjox59ozyKGVymJhm%2BNG8cOTYWl%2FSHndTnKLyznKwfN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 779a5c797af17302-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/11/20/960x60.gif
104.21.234.234200 OK 578 kB URL HTTP/2 z4a.net/images/2022/11/20/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 578 kB (577945 bytes)
Hash 6ae710163cd11c12a73a693024c46410
43041b87b2040371a052bf1f83d401c263a32178
42da405262416c9fbaa04b2718406d4ea93501bfb99774fae4956b6eab7c1831
GET /images/2022/11/20/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:27 GMT
content-type: image/gif
content-length: 577945
expires: Wed, 06 Dec 2023 00:21:24 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 770703
last-modified: Tue, 06 Dec 2022 00:21:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z77oeqUHHqBmGNRORl6JlAX6Wb2sOmzS8B8xALiK%2BrrQMll9Wk3ZwFklfqw9LnV%2FLYIS9T5yZpBDwaJ4MBi%2BGMhR9KaPvTNdLdlIaO%2FootBSXIGzYx4w8gOT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 779a5c797aef7302-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.jxys20.xyz/template/m1938pc/static/css/swiper.min.css
173.231.38.5200 OK 14 kB URL HTTP/2 www.jxys20.xyz/template/m1938pc/static/css/swiper.min.css
IP 173.231.38.5:0
File type ASCII text, with very long lines (18077), with CRLF, LF line terminators
Hash b3a43eab7fb3f6af832c76d9dbfa3453
d15489640815a865aefbdd2c2bc1e6a95911ca2f
b1d6e703e63e4d2d9f8137366797136d0c9052fa2b6a2cdd117d451e3792e1a8
GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:26 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Thu, 15 Dec 2022 10:26:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2142665221&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=45355&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys20.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2142665221&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=45355&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys20.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2142665221&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=45355&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys20.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 14 Dec 2022 22:26:27 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D7650E5537FE2C4E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img2.njxmd.com/2226/80.gif
172.67.193.40200 OK 477 kB URL HTTP/2 img2.njxmd.com/2226/80.gif
IP 172.67.193.40:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 477 kB (476792 bytes)
Hash 16a25996d9b78d6a2747533fbd4da89d
fb710cb0096cfe70624046e809a4f011c70fc722
9b6a8d1f51b3df478186546fa1fe3b563583772f5766f214d0c705f0ec19e32c
GET /2226/80.gif HTTP/1.1
Host: img2.njxmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:28 GMT
content-type: image/gif
content-length: 476792
last-modified: Thu, 08 Dec 2022 07:57:17 GMT
etag: "639198dd-74678"
expires: Sat, 07 Jan 2023 12:16:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 554995
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gN8C4wcJPqCXowtThU3Cm8Omuwl06Drh5I9pVlGykU2xHeu3k9TjXYnQtTqDR1bN9ZeWYsUxC8ghiuXEtFk%2Beo9oXrqpNqVEtWyVd6z48TKsU7zm69SSqanKQ%2FybxYvFkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c814aed1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tvax3.sinaimg.cn/large/0085yazZgy1h93oiv7uibg306903rjx1.gif
95.101.10.65301 Moved Permanently 169 B URL HTTP/1.1 tvax3.sinaimg.cn/large/0085yazZgy1h93oiv7uibg306903rjx1.gif
IP 95.101.10.65:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8c2170ef3ddebf996718575917956e9c
618ab5fab7445b7797272607a22c0d307465857f
31976ec4fe4abdf91d242f8bacfc9f6cf16acc46d13d0de6e32a2da88076cc55
GET /large/0085yazZgy1h93oiv7uibg306903rjx1.gif HTTP/1.1
Host: tvax3.sinaimg.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Content-Type: text/html
Content-Length: 169
x-ban: MISS,18558
Pragma: public
X-Request-ID: g97.118-1671056260.710000-2403889116
Location: //tvax3.sinaimg.cn/images/default_d_w_large.gif#101
Edge-Copy-Time: 1671056260704
X-Via-CDN: f=Akamai,s=95.101.10.61,c=91.90.42.154;f=edge,s=cmcc.guangzhou.union.7777.nb.sinaedge.com,c=23.32.248.103;f=Edge,s=cmcc.guangzhou.union.79,c=172.16.174.77
X-Via-Edge: 167105626177667f820174dae10ac58abdf13
Access-Control-Allow-Credentials: true
Cache-Control: max-age=15
Date: Wed, 14 Dec 2022 22:26:28 GMT
X-Cache: TCP_MISS from a95-101-10-61.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
Connection: keep-alive
X-Cache-Remote: TCP_REFRESH_MISS from a184-31-15-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (S)
Network_Info: EG_CAIRO_36992, NO_OSLO_50304
SERVED-FROM: e:23.32.248.103
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash d0c0eea82647ebcc93e36363bff83ca6
4f9309249bdffb3b826af3fcfa5b8e66ee333294
fadb374b62bf92da57450f6e743747f53d65299a30b7db5446f45019317f6305
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 18 Dec 2022 18:40:43 GMT
ETag: "4f9309249bdffb3b826af3fcfa5b8e66ee333294"
Last-Modified: Wed, 14 Dec 2022 18:40:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 285
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779a5c828fa91c16-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash d0c0eea82647ebcc93e36363bff83ca6
4f9309249bdffb3b826af3fcfa5b8e66ee333294
fadb374b62bf92da57450f6e743747f53d65299a30b7db5446f45019317f6305
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 18 Dec 2022 18:40:43 GMT
ETag: "4f9309249bdffb3b826af3fcfa5b8e66ee333294"
Last-Modified: Wed, 14 Dec 2022 18:40:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 285
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779a5c828ccf0b69-OSL
tvax3.sinaimg.cn/images/default_d_w_large.gif
95.101.10.65200 OK 8.3 kB URL HTTP/1.1 tvax3.sinaimg.cn/images/default_d_w_large.gif
IP 95.101.10.65:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 480 x 360\012- data
Hash 7e80fb31ec58b1ca2fb3548480e1b95e
fd4401c9eda7b180a8495dc1d321f895249b7a24
5ce9d005c566802d878bf1dffca4d1216b55177ae9f3d2d69b30326444bfb428
GET /images/default_d_w_large.gif HTTP/1.1
Host: tvax3.sinaimg.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/gif
Content-Length: 8308
x-ban: MISS,17897
Last-Modified: Thu, 29 Sep 2022 05:28:39 GMT
ETag: "63352d07-2074"
Accept-Ranges: bytes
Edge-Copy-Time: 1665330675667
X-Via-CDN: f=Akamai,s=95.101.10.61,c=91.90.42.154;f=edge,s=cmcc.guangzhou.union.79.nb.sinaedge.com,c=23.32.248.109;f=Edge,s=ctc.guangzhou.union.56,c=172.16.174.79
X-Via-Edge: 16655103727176df820174fae10ac08c02b99
Access-Control-Allow-Credentials: true
Network_Info: DK_COPENHAGEN_3292, NO_OSLO_50304, NO_OSLO_50304
Cache-Control: max-age=7208885
Expires: Wed, 08 Mar 2023 08:54:33 GMT
Date: Wed, 14 Dec 2022 22:26:28 GMT
X-Cache: TCP_MISS from a95-101-10-61.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
Connection: keep-alive
X-Cache-Remote: TCP_HIT from a95-101-10-62.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
SERVED-FROM: e:184.31.15.44
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash a8ccf659390366703c95cbeed2ec056d
db7c88860cc8c028e888a362740101155153812b
29aa2e06136c475a3cea5beb97701dc8ffb56c0b0f0781535920fabccccdc8a4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 14 Dec 2022 22:26:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 14 Dec 2022 10:57:49 GMT
Expires: Thu, 15 Dec 2022 10:57:49 GMT
ETag: "db7c88860cc8c028e888a362740101155153812b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83935ac65dd64b4386e79ec4294bf9af
f978ba92bfcc353cc69aeb12885e499f9782c6ee
b144eaf11080df267a93aac7133ef8d44349a5c83ca47c95eec42ae4d7d6f425
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B144EAF11080DF267A93AAC7133EF8D44349A5C83CA47C95EEC42AE4D7D6F425"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10708
Expires: Thu, 15 Dec 2022 01:24:56 GMT
Date: Wed, 14 Dec 2022 22:26:28 GMT
Connection: keep-alive
img.9367x.com/images/6399c32956eec67c33ea8925.gif
185.239.226.23302 Found 503 B URL HTTP/2 img.9367x.com/images/6399c32956eec67c33ea8925.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
Hash c3907c806acc6484dc8ba966489ad038
ba8c9d51b9333820ebaf93f15b247ad04e61a28c
c6a3de3dc52a28e10bf398e4cf06ce6a71cdd00e0f575035ded775ce3730a1b8
GET /images/6399c32956eec67c33ea8925.gif HTTP/1.1
Host: img.9367x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
X-Firefox-Spdy: h2
i.postimg.cc/jSgtzdXy/960x60.gif
162.19.61.80200 OK 193 kB URL HTTP/2 i.postimg.cc/jSgtzdXy/960x60.gif
IP 162.19.61.80:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 193 kB (192768 bytes)
Hash b57175166365a3d7dfb51369f434d361
e920bdd0316a32c0f1b63648b9f3ba7904315f68
f3a191abac0d37bd6b48a55e424988d46dc634368f246985e99b739792f848c6
GET /jSgtzdXy/960x60.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 192768
last-modified: Sat, 24 Sep 2022 12:35:31 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6a0ba795b9d1331a3b4449729a9aa672
771d80675926a3e9d81181f1a3e4e04640104eeb
502f35e21344739c39ef06cc0a73a6b2e170b8c3ae47fb8a4235cef431eff163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "502F35E21344739C39EF06CC0A73A6B2E170B8C3AE47FB8A4235CEF431EFF163"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14366
Expires: Thu, 15 Dec 2022 02:25:55 GMT
Date: Wed, 14 Dec 2022 22:26:29 GMT
Connection: keep-alive
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: text/html
content-length: 162
location: https://max008.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
i.postimg.cc/XYDPDpp8/960x60.gif
162.19.61.80200 OK 404 kB URL HTTP/2 i.postimg.cc/XYDPDpp8/960x60.gif
IP 162.19.61.80:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 404 kB (404393 bytes)
Hash bcb5b8132c2435858fb6053027d78e95
7c87d8562099d61bbb65cc733638ee669fbd748b
7e34a9b921255990a7c2bcd0c1c412b0c6b45be20704ceb186768c228464225a
GET /XYDPDpp8/960x60.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 404393
last-modified: Sat, 24 Sep 2022 09:03:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d2adc0a2004bf880334c87bd7b26a237
04aa80af63a59a1ea0388a897f46cd80a585a1a0
7a75e04da5f6c6edce121d2e0120c95529a35ec050a5b0da9b5ac41b2467328c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 11:37:57 GMT
Expires: Wed, 21 Dec 2022 11:37:56 GMT
Etag: "04aa80af63a59a1ea0388a897f46cd80a585a1a0"
Cache-Control: max-age=565286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c852a991c0e-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 31977809048d558acfe671b130f771c9
1292a05a106e5d3187793d69fcc49d1a98608eef
0b4232437aab874b840ddc9a90d6bd9140aa8de853420cd6303386ff0244f0cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 11 Dec 2022 21:14:28 GMT
Expires: Sun, 18 Dec 2022 21:14:27 GMT
Etag: "1292a05a106e5d3187793d69fcc49d1a98608eef"
Cache-Control: max-age=340677,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c852d89b524-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 31977809048d558acfe671b130f771c9
1292a05a106e5d3187793d69fcc49d1a98608eef
0b4232437aab874b840ddc9a90d6bd9140aa8de853420cd6303386ff0244f0cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 11 Dec 2022 21:14:28 GMT
Expires: Sun, 18 Dec 2022 21:14:27 GMT
Etag: "1292a05a106e5d3187793d69fcc49d1a98608eef"
Cache-Control: max-age=340677,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c852adab51e-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3fe8a509475a868140b964bb648dcc5f
9324ce9b03c09d697c6f0414aa4f580787b0f6c3
506018581ee3d57f2edd26dfc34dbc22a6b49b199510fc8e42b27e77c2be4197
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "506018581EE3D57F2EDD26DFC34DBC22A6B49B199510FC8E42B27E77C2BE4197"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11070
Expires: Thu, 15 Dec 2022 01:30:59 GMT
Date: Wed, 14 Dec 2022 22:26:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3fe8a509475a868140b964bb648dcc5f
9324ce9b03c09d697c6f0414aa4f580787b0f6c3
506018581ee3d57f2edd26dfc34dbc22a6b49b199510fc8e42b27e77c2be4197
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "506018581EE3D57F2EDD26DFC34DBC22A6B49B199510FC8E42B27E77C2BE4197"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11070
Expires: Thu, 15 Dec 2022 01:30:59 GMT
Date: Wed, 14 Dec 2022 22:26:29 GMT
Connection: keep-alive
www.jxys20.xyz/template/m1938pc/static/css/white.css
173.231.38.5200 OK 10 kB URL HTTP/2 www.jxys20.xyz/template/m1938pc/static/css/white.css
IP 173.231.38.5:0
Hash 46860c9f22884793d29c905b5a0e454d
2cdccd15317562ad0ef771ebff877c0a5bfb0c61
c4271061cedbdd75b2d3c5b375f789659083983890761703ccfb3aba1ddc1df3
GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:26 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Thu, 15 Dec 2022 10:26:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/etgcwmq0rub.jpg
172.67.28.138200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/etgcwmq0rub.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 19ff2d39cd7d864d05564405d5d52e8d
43d9a704a8982bf147ad4ddf15768bf4bfd11424
184de1e800016039c0cb5d8632bebf31a9ad5feda43aaaae4b5605ae3a5d781f
GET /upload/vod/2022/12/etgcwmq0rub.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 8364
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9724
content-disposition: inline; filename="etgcwmq0rub.webp"
etag: "639973e8-25fc"
last-modified: Wed, 14 Dec 2022 06:57:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6538
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a86eb529-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d337eefc631366ceb6557850c7d08955
9b7bac378c88dd928906687e234e2e2f388222f9
1a63c5ba292fdcd214b9eb0effe7d0118509487e038949671340bc1dfaa35809
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A63C5BA292FDCD214B9EB0EFFE7D0118509487E038949671340BC1DFAA35809"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9862
Expires: Thu, 15 Dec 2022 01:10:51 GMT
Date: Wed, 14 Dec 2022 22:26:29 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/12/3sn34t0gxmy.jpg
172.67.28.138200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/3sn34t0gxmy.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df3a4c4c8b4c77c8c6ac08583db4734d
f9e184a2abc0d4633a350d4abfbf7d00ae37f0e7
5acf4616a57dcf5198708190e0f23cf46f83b12d2152ecc3baf979eb4b2a8202
GET /upload/vod/2022/12/3sn34t0gxmy.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 7428
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8837
content-disposition: inline; filename="3sn34t0gxmy.webp"
etag: "639973e4-2285"
last-modified: Wed, 14 Dec 2022 06:57:40 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6538
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a86db529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wkberwnkzw4.jpg
172.67.28.138200 OK 14 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wkberwnkzw4.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 57ddfa1e381af29c5feff459bd5d5a9f
d6275307afaca5e2dbc155625f30e76b3ef229d2
8629460efef7451eadd3d02f2d955f906d32a21e4b1a7175d4ea4479a9632096
GET /upload/vod/2022/12/wkberwnkzw4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/jpeg
content-length: 14401
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=14581, status=webp_bigger
etag: "639973fd-38f5"
last-modified: Wed, 14 Dec 2022 06:58:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6538
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c85a874b529-OSL
X-Firefox-Spdy: h2
www.jxys20.xyz/template/m1938pc/static/css/mm-content.css
173.231.38.5200 OK 12 kB URL HTTP/2 www.jxys20.xyz/template/m1938pc/static/css/mm-content.css
IP 173.231.38.5:0
Hash 456fb858d655e49837b29d1355ddfb7f
e2d79077de50038b19d76e1ccff6d9e2972b0cf8
e81d779f5352d9eec40366f518f6911e430f749dcd28220b2140a2f810df2acf
GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:26 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Thu, 15 Dec 2022 10:26:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/y4132uimbux.jpg
172.67.28.138200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/y4132uimbux.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cdff1b9886364f5213fe535899f5961b
09a8335ac605df967a2fefb58b26674dfb748a3b
8f3656defff017ae83ab59ea65f2a4411b585219b1fcb25602b3c098bd9251e4
GET /upload/vod/2022/12/y4132uimbux.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 7414
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8458
content-disposition: inline; filename="y4132uimbux.webp"
etag: "63997401-210a"
last-modified: Wed, 14 Dec 2022 06:58:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6538
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a876b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ovldmlmiz4r.jpg
172.67.28.138200 OK 9.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ovldmlmiz4r.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d540434edc1146bbb88de79467c3bb7
f400d938e23b93d320fd75cdffcb2c0e50f9c4d8
270bea718771785dc23ded3dce9b7870eeeb6d218978ca58e5be32ad5c64c3c6
GET /upload/vod/2022/12/ovldmlmiz4r.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 8998
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9972
content-disposition: inline; filename="ovldmlmiz4r.webp"
etag: "63997406-26f4"
last-modified: Wed, 14 Dec 2022 06:58:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6538
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a878b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/uhyu1wybxrp.jpg
172.67.28.138200 OK 6.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/uhyu1wybxrp.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a19bb370887e9d1441981f67e2921a4
e61a9c1e534adc56f45152ad99148abe4e5c07e1
062dbab3319d1dc78c4775078a56b597d9590c33e8584cfa8e5c0b4314404a5b
GET /upload/vod/2022/12/uhyu1wybxrp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 6498
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7849
content-disposition: inline; filename="uhyu1wybxrp.webp"
etag: "639973f8-1ea9"
last-modified: Wed, 14 Dec 2022 06:58:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6538
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a873b529-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fd5d121e586ef3b49e8b0c9d1377cc3
1d6fb3decf99de75cc615cc05bf83bf4d5d7acb6
c4938f45b215ab2c1ea2401e20e399aa09ec5863cbb41cdc63c83796a5ca748c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4938F45B215AB2C1EA2401E20E399AA09EC5863CBB41CDC63C83796A5CA748C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Dec 2022 04:26:29 GMT
Date: Wed, 14 Dec 2022 22:26:29 GMT
Connection: keep-alive
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 31977809048d558acfe671b130f771c9
1292a05a106e5d3187793d69fcc49d1a98608eef
0b4232437aab874b840ddc9a90d6bd9140aa8de853420cd6303386ff0244f0cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 11 Dec 2022 21:14:28 GMT
Expires: Sun, 18 Dec 2022 21:14:27 GMT
Etag: "1292a05a106e5d3187793d69fcc49d1a98608eef"
Cache-Control: max-age=340677,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c85298c0afa-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 31977809048d558acfe671b130f771c9
1292a05a106e5d3187793d69fcc49d1a98608eef
0b4232437aab874b840ddc9a90d6bd9140aa8de853420cd6303386ff0244f0cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 11 Dec 2022 21:14:28 GMT
Expires: Sun, 18 Dec 2022 21:14:27 GMT
Etag: "1292a05a106e5d3187793d69fcc49d1a98608eef"
Cache-Control: max-age=340677,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c8528dab4ff-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db6b3af593b8c6ae2973d51accb09143
a9e0fe137b977c3d2c244e126a19759f3fe991a7
ce42a67797a9987502b4b31f0fac31c91e3b7a0a57725cace8d863211d9eaf7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107527
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:26:29 GMT
Etag: "63994e9c-1d7"
Expires: Fri, 16 Dec 2022 04:18:36 GMT
Last-Modified: Wed, 14 Dec 2022 04:18:36 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db6b3af593b8c6ae2973d51accb09143
a9e0fe137b977c3d2c244e126a19759f3fe991a7
ce42a67797a9987502b4b31f0fac31c91e3b7a0a57725cace8d863211d9eaf7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=107527
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:26:29 GMT
Etag: "63994e9c-1d7"
Expires: Fri, 16 Dec 2022 04:18:36 GMT
Last-Modified: Wed, 14 Dec 2022 04:18:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db6b3af593b8c6ae2973d51accb09143
a9e0fe137b977c3d2c244e126a19759f3fe991a7
ce42a67797a9987502b4b31f0fac31c91e3b7a0a57725cace8d863211d9eaf7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=107527
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:26:29 GMT
Etag: "63994e9c-1d7"
Expires: Fri, 16 Dec 2022 04:18:36 GMT
Last-Modified: Wed, 14 Dec 2022 04:18:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db6b3af593b8c6ae2973d51accb09143
a9e0fe137b977c3d2c244e126a19759f3fe991a7
ce42a67797a9987502b4b31f0fac31c91e3b7a0a57725cace8d863211d9eaf7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107527
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:26:29 GMT
Etag: "63994e9c-1d7"
Expires: Fri, 16 Dec 2022 04:18:36 GMT
Last-Modified: Wed, 14 Dec 2022 04:18:36 GMT
Server: nginx
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 94b4aa2c626e00b8a8913f04b5550684
8294062c2aac766245bd7ab8d0a86d9e6edfa87c
67831e06eb95715be167d3616faa46b8e29b13e176a63dfca3e4dfbbcb755be4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 11:33:05 GMT
Expires: Wed, 21 Dec 2022 11:33:04 GMT
Etag: "8294062c2aac766245bd7ab8d0a86d9e6edfa87c"
Cache-Control: max-age=564994,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c86ac491c0e-OSL
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 7b4f1846def04afafe1b970b786de429
9ca32f51e287761eaa1dc9735197eb5962dd6335
e9136e79036d2d1dbcd7b51bde73cc6844f5743c3f994df5f7730f543c8a7903
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4429
Cache-Control: max-age=88945
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:26:29 GMT
Etag: "6398f4b9-2d7"
Expires: Thu, 15 Dec 2022 23:08:54 GMT
Last-Modified: Tue, 13 Dec 2022 21:55:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 7b4f1846def04afafe1b970b786de429
9ca32f51e287761eaa1dc9735197eb5962dd6335
e9136e79036d2d1dbcd7b51bde73cc6844f5743c3f994df5f7730f543c8a7903
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4429
Cache-Control: max-age=88945
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:26:29 GMT
Etag: "6398f4b9-2d7"
Expires: Thu, 15 Dec 2022 23:08:54 GMT
Last-Modified: Tue, 13 Dec 2022 21:55:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 727
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8813227af90f6067e3c5d07303591c3f
8923282aac1c0d4aeb1238b4285fc6c5695a7734
66df5ed9c560a8a0f19bfa4c0c59d2ba2e4c5acc9c92d87edc28c134042e2f45
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 15:39:04 GMT
Expires: Wed, 21 Dec 2022 15:39:03 GMT
Etag: "8923282aac1c0d4aeb1238b4285fc6c5695a7734"
Cache-Control: max-age=579753,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c86bf6cb524-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db6b3af593b8c6ae2973d51accb09143
a9e0fe137b977c3d2c244e126a19759f3fe991a7
ce42a67797a9987502b4b31f0fac31c91e3b7a0a57725cace8d863211d9eaf7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107527
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 22:26:29 GMT
Etag: "63994e9c-1d7"
Expires: Fri, 16 Dec 2022 04:18:36 GMT
Last-Modified: Wed, 14 Dec 2022 04:18:36 GMT
Server: nginx
Content-Length: 471
p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
47.246.44.231200 OK 384 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 80\012- data
Size 384 kB (384491 bytes)
Hash 627acd5c4c2a9bb3bbf10748f1931947
0529b42ebe54b2cc9ed886ab83b50b8f14642062
a62b3a5eba800520fbb7b334c00db2e9f76e438891ae150c3b2d681ef228954a
GET /obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 384491
date: Sun, 13 Nov 2022 13:26:06 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 13 Nov 2022 12:38:36 GMT
nw-session-id: 20221113203836010175073134252D40ED7nb4v02dy
nw-session-trace: 2022-11-13T20:38:36.893240111+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 384491
x-powered-by: ImageX
x-response-date: Sun, 13 Nov 2022 20:38:36 GMT
x-tt-logid: 20221113203836010175073134252D40ED
via: n150-056-026, cache12.l2de2[0,0,206-0,H], cache19.l2de2[2,0], cache19.l2de2[3,0], cache5.se1[0,0,200-0,H], cache8.se1[2,0]
x-request-ip: fdbd:dc02:22:46::67
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01fc3ea37d9c1ed5b7d2c200df23bf81d3980363a474adcbcdabe23efbe44349c9ded5894820052b9f65e8b67807703e46e752587a445df11739963b0fc31b09984170a333fed525dbd3f2408a1a3198fd79e91de509e1f853539053e961754b16
x-response-lb: image
ali-swift-global-savetime: 1668345966
age: 2710823
x-cache: HIT TCP_MEM_HIT dirn:4:127576898
x-swift-savetime: Sun, 13 Nov 2022 14:21:50 GMT
x-swift-cachetime: 31532656
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16710567895846570e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7a9ff5686e4eb0110b2b9c79b94521ac
919820cbebfd15189eb4e0573a43cefa31f8ee8b
f1fd2cb9a932409a132a8604565720e881d2a86b5b1e1e7cd522a87744808fa9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1FD2CB9A932409A132A8604565720E881D2A86B5B1E1E7CD522A87744808FA9"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2363
Expires: Wed, 14 Dec 2022 23:05:52 GMT
Date: Wed, 14 Dec 2022 22:26:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df52e311aaeeaa22054c542a3186fd0d
5109b14d0784875be64962dab33f5706fc8f30b9
0eff671c48f60bbe9330d459c9e65fa7a8ab1fe1ed64c4650a1c643b53e088a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EFF671C48F60BBE9330D459C9E65FA7A8AB1FE1ED64C4650A1C643B53E088A7"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16878
Expires: Thu, 15 Dec 2022 03:07:47 GMT
Date: Wed, 14 Dec 2022 22:26:29 GMT
Connection: keep-alive
kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
116.202.228.188200 OK 366 kB URL HTTP/2 kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 116.202.228.188:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Thu, 15 Dec 2022 10:26:29 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 714201
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj13NsxMXr0L4AvQqKMVsuzP%2B5OGXB8rDFfvL1GROgeomSeFs1nkjnOfaURsyH4dxFL7x4C1gyyuFGqBySgZsas6dz9MR%2F9yvIQc66DoOcxPKGIoSXPabWXVvOL3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773e53f6bb56cb01-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
47.246.44.231200 OK 415 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 80\012- data
Size 415 kB (414979 bytes)
Hash ecd0f421a231299ffaa9117a67c1e38a
6dd0678ee6c2a91eca8db2428d8743f607360d3a
dbd0423b88c8d785dd015e2e80105d0bcd41e677c3588acbf34cf1ca542565c9
GET /obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 414979
date: Mon, 05 Dec 2022 07:16:52 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 07:09:21 GMT
nw-session-id: 2022120515092101015013207630C082CC7t5wt01dy
nw-session-trace: 2022-12-05T15:09:21.716293741+08:00 48
x-bdcdn-cache-status: TCP_HIT
x-length: 414979
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 15:09:21 GMT
x-tt-logid: 2022120515092101015013207630C082CC
via: n204-100-053, cache12.l2de2[0,0,206-0,H], cache5.l2de2[2,0], cache5.l2de2[2,0], cache2.se1[0,0,200-0,H], cache8.se1[4,0]
x-request-ip: fdbd:dc01:27:681::36
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=4
x-tt-trace-host: 01c70dab46e58f2ac949ece2051ac89e2dd2773be35d3e5369524bf1f9f46f4ea066e23b5378fe9943c2f968c40c38ced9fa128ef7bf579b1467b9a779eb22ac0c37e53b062293a8a1e8061f8daaf0ff7b4e0f99e8da2482833909c1ebdc2d578e
x-response-lb: image
ali-swift-global-savetime: 1670224612
age: 832177
x-cache: HIT TCP_MEM_HIT dirn:11:333709724
x-swift-savetime: Mon, 05 Dec 2022 10:48:27 GMT
x-swift-cachetime: 31523305
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16710567895876572e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/6eda3a9b5a154380acc9e720e96a792e
47.246.44.231200 OK 450 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/6eda3a9b5a154380acc9e720e96a792e
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 80\012- data
Size 450 kB (450161 bytes)
Hash dfd9951ab449ecc2f017f5b2d5bbbcbf
01b03eaa341615fb9e6db59a13a314d189b18dc1
80971345f432599dd55389d128f8b21e8f0c83fc6a27e3d8882b1463d268925d
GET /obj/tos-cn-i-dy/6eda3a9b5a154380acc9e720e96a792e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 450161
date: Wed, 14 Dec 2022 09:01:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 14 Dec 2022 08:25:39 GMT
nw-session-id: 202212141625390101511082082661C142z29c401dy
nw-session-trace: 2022-12-14T16:25:39.277463902+08:00 36
x-bdcdn-cache-status: TCP_HIT
x-length: 450161
x-powered-by: ImageX
x-response-date: Wed, 14 Dec 2022 16:25:39 GMT
x-tt-logid: 202212141625390101511082082661C142
via: n150-056-076, cache15.l2de2[10154,10154,206-0,M], cache1.l2de2[10156,0], cache1.l2de2[10156,0], cache7.se1[0,0,200-0,H], cache8.se1[5,0]
x-request-ip: fdbd:dc02:20:306::101
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=5
x-tt-trace-host: 015753073c6eb795804c878ce4635158b01bdefd2c5b5974b413bb50699a04a64d9ceeb005a571f1f7b00ffcb64bf835d3f1a2e791820bfbfa02267c209221df47b07cc71abdc85a8e524796b8a1b6e2cab3d08700cda30682882df3270b6df41d
x-response-lb: image
ali-swift-global-savetime: 1671008497
age: 48292
x-cache: HIT TCP_MEM_HIT dirn:5:417150864
x-swift-savetime: Wed, 14 Dec 2022 09:01:37 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16710567895876573e
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 99d4f5da4a987d65eb1c4badf8426619
1f06b16e2045c5db2fe7ad29a06dd9995886a3d6
cb894350026436627c4ee5a545d8bf7979a7716d3b2c38f271565e3f6afed114
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CB894350026436627C4EE5A545D8BF7979A7716D3B2C38F271565E3F6AFED114"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8692
Expires: Thu, 15 Dec 2022 00:51:21 GMT
Date: Wed, 14 Dec 2022 22:26:29 GMT
Connection: keep-alive
kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
188.114.97.1200 OK 400 kB URL HTTP/2 kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
Analyzer Verdict Alert quad9 Sinkholed
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys20.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Mon, 09 Jan 2023 11:45:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 384039
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lF7TShs2VDIFf1%2FkIHcgY%2FvN%2FRFN7OjFBqZ2g59JcdId%2B790n%2F6lCk3Qqm%2FECcO3dCR6DLF9%2FV3%2F5MUKRYLTslqmU5GxSePbpx6sohxieorH2928HZRJFhShFQyj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c878e13b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tpkj2222.com/img/k80m/oCIA5ZH28.gif
103.93.126.32200 OK 54 kB URL HTTP/1.1 tpkj2222.com/img/k80m/oCIA5ZH28.gif
IP 103.93.126.32:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 60\012- data
Hash 229a4026db2406ebd6fd4ff49b78c17a
c4fa9b8a95fe3e583fba87826af4b3eaf2faca0c
79fc0f33ed6ccd3acc6c6317b9d4cea3d8eb238085b0ea7fdcf9b16c70681ba9
GET /img/k80m/oCIA5ZH28.gif HTTP/1.1
Host: tpkj2222.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 22:26:29 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"54275-1670144930000"
Last-Modified: Sun, 04 Dec 2022 09:08:50 GMT
Expires: Thu, 29 Dec 2022 22:26:29 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: EXPIRED, HIT
lbfm.lbpictupian.com/upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg
172.67.28.138200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b0851d25dfdaf4453018d6ba6fcfb09
81778cc41bc16f83a5dffd2a1df0f10b236cd50c
ac260695a86f4ac2ba5e744f0f87b1e67c62b490474aa0a2d1880545283b07af
GET /upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 7496
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8924
content-disposition: inline; filename="3ntqevhmcwr14003ntqevhmcwr245572.webp"
etag: "638059f8-22dc"
last-modified: Fri, 25 Nov 2022 06:00:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a861b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/qswceww1zvt.jpg
172.67.28.138200 OK 9.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/qswceww1zvt.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f8260b93987a2eaa5911f3b84e9afd2
3bbad484039d2dd69369bd937b2dfac88a1e3d70
f4b5bb745c24c3e5722291f2bbfd13fc6157e65606bd8aaa5a7602f2b491aaed
GET /upload/vod/2022/12/qswceww1zvt.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 9546
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10877
content-disposition: inline; filename="qswceww1zvt.webp"
etag: "6399740f-2a7d"
last-modified: Wed, 14 Dec 2022 06:58:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a87cb529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash a0cb9340efc817b54c1ae7c2b8a8d76f
b2935e4d68381b0b1fe715bc7eb22ac137e7866a
0af101cffa3fc5bb2c3ea258a7295ee93e66034a7e5cbebda26052c0ba4376c9
GET /upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/jpeg
content-length: 9960
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10409, status=webp_bigger
etag: "5e7e7880-28a9"
last-modified: Fri, 27 Mar 2020 22:04:48 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c85a86ab529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ykvbryflu2v.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ykvbryflu2v.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 47d37a5faeb9b9e9711d5f0d4144dd0f
904fdd70ddb03fc80cdb4ba832ca602b07e21824
c9cad32a7bfcd3216222ebdc1c2a7707715da1cdfc54edfe0b4c73cd7fd2a4ba
GET /upload/vod/2022/12/ykvbryflu2v.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/jpeg
content-length: 11451
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12037, status=webp_bigger
etag: "6395898e-2f05"
last-modified: Sun, 11 Dec 2022 07:41:02 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c85a860b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bd3fd037debb3b7ec9057e2f026c59d7
3fc2d3c0eddced427f460e12651685311ae0af29
b19b455ca9ef3725566c6908217391bf72bee54ece8f40504cebc593ebcc9b76
GET /upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 10870
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11415
content-disposition: inline; filename="znmtdtg3fn11619znmtdtg3fn1263009.webp"
etag: "6378918e-2c97"
last-modified: Sat, 19 Nov 2022 08:19:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a863b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg
172.67.28.138200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf7a5eeca4da86ff2ddbdd9a77de5107
e905e417383ac44c6e7f1c4cce421c9695c711db
c326632d34b02c1c070119eba2fd4e7b0877599d691960c0b9ce7ad4e05aae47
GET /upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 4482
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6651
content-disposition: inline; filename="ti4dbnmfwc01152ti4dbnmfwc0156571.webp"
etag: "636880ef-19fb"
last-modified: Mon, 07 Nov 2022 03:52:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a866b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wicmkxk44sb.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wicmkxk44sb.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fcf7e63dd43b1f0bbaf9a631050948fb
e5b825e3f088cc2789dc84f26f464656d463d406
f27034aa646c84dc8f5dba15f971a33e0157276606b2b2fa80e166c8859ca983
GET /upload/vod/2022/12/wicmkxk44sb.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 10184
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11122
content-disposition: inline; filename="wicmkxk44sb.webp"
etag: "6399740d-2b72"
last-modified: Wed, 14 Dec 2022 06:58:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a87bb529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/p33uukek2g5.jpg
172.67.28.138200 OK 17 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/p33uukek2g5.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash bcbfc37f4cfa30666e3c596b1a37746b
b0baeb44b937e5dbebbc2b3afaf59fb61e8f6682
d7e33db44d7bb6484c2424f04cb2d7f15c527e68390d5f6585b89c926369887f
GET /upload/vod/2022/12/p33uukek2g5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/jpeg
content-length: 17124
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18053, status=webp_bigger
etag: "638da58f-4685"
last-modified: Mon, 05 Dec 2022 08:02:23 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c85a883b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg
172.67.28.138200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6db6e065a2513b03e453cc933697321c
f23a72437919498c6b44f9596b4119e1b160df8a
6ebcfb862d051036bd7154bb6602dbcd24a353efe1ceb73ab5cf3e908ca91087
GET /upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 9100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9698
content-disposition: inline; filename="yhnw02dkioo1342yhnw02dkioo132649.webp"
etag: "635a1a35-25e2"
last-modified: Thu, 27 Oct 2022 05:42:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a86bb529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg
172.67.28.138200 OK 9.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d425f7bea4f48366f31883ea613ed55
6e282d4bfa59cc087ac52130fcb393301b6316bb
a9286fa4027b04fbfd0427fc19745a5eccf931b2e998d52e9e7e63d3ca4c3183
GET /upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 9176
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10099
content-disposition: inline; filename="qtzuufrjhye1318qtzuufrjhye592235.webp"
etag: "637472c3-2773"
last-modified: Wed, 16 Nov 2022 05:18:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a864b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wpqkvpkpbbp.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wpqkvpkpbbp.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 8baf2fab1924d3f76a4f01bca65a0fd5
28f9dfa537f8a40055d89b7c1a088cb20fa3899c
89b77557c12cbbb472127e68496a6bc6d3139ec0a356f2631580c9df5c8269ea
GET /upload/vod/2022/12/wpqkvpkpbbp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/jpeg
content-length: 10733
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11172, status=webp_bigger
etag: "63997411-2ba4"
last-modified: Wed, 14 Dec 2022 06:58:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c85a87db529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg
172.67.28.138200 OK 16 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash fb8299566d6ea78f401c58aa1aed76b0
06b3ca9b2bee69473d2348c67feb9c598a1f3605
ea13b22c9d50069700778e892496aec8930d0aefd3180a8eb47e56452d55a22b
GET /upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/jpeg
content-length: 16544
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=16984, status=webp_bigger
etag: "6367473b-4258"
last-modified: Sun, 06 Nov 2022 05:33:47 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c85a867b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/rraokskuhvo.jpg
172.67.28.138200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/rraokskuhvo.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0cb59bbca1d0b9b47492d93ac94f696
48960c1535f0934dd42180ef19276ac8d09cd500
f283dbeb53e0faf8238407bb3f228400b7b2041d2dab98c6e56749d19e2cb3e4
GET /upload/vod/2022/12/rraokskuhvo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 8724
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9915
content-disposition: inline; filename="rraokskuhvo.webp"
etag: "63997413-26bb"
last-modified: Wed, 14 Dec 2022 06:58:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a880b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/tdodolt3dqc.jpg
172.67.28.138200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/tdodolt3dqc.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d5c128af2cc1c96555c7db74971678c8
89a74737b5ea96730aa7d024c6d45db2ce832028
045cc0488d69797cc957e37858b7b649623fc78fbb78075a5faceda64fdce696
GET /upload/vod/2022/12/tdodolt3dqc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 9826
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11009
content-disposition: inline; filename="tdodolt3dqc.webp"
etag: "63997409-2b01"
last-modified: Wed, 14 Dec 2022 06:58:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a87ab529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg
172.67.28.138200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54564f6fe5d24c3be0fb0abdcfc93ac0
33d65dadfacfb6b0c805a743af9666141f887c07
67bca5dc3ef300578aba244dcb069b8b835f8e0eeee20f4b624d415224b84771
GET /upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 8384
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9055
content-disposition: inline; filename="wuvpypjmdke1112wuvpypjmdke515303.webp"
etag: "636331b3-235f"
last-modified: Thu, 03 Nov 2022 03:12:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a868b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wu0pgmyswv1.jpg
172.67.28.138200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wu0pgmyswv1.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 53a8cd043a389cc5b7c9728278cf3560
6767a51338c26b2691760b121fab0936ba35fbfc
d3a24ca26f5e2aaf1418fcb032962bd79b3e059521935b0f43f67ce9901b1b18
GET /upload/vod/2022/12/wu0pgmyswv1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 8218
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9558
content-disposition: inline; filename="wu0pgmyswv1.webp"
etag: "63942e7f-2556"
last-modified: Sat, 10 Dec 2022 07:00:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85b887b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wsjcnxu5mfc.jpg
172.67.28.138200 OK 4.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wsjcnxu5mfc.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1e3b01fee0f819cf66b3a87d4cf2ac3
258aa12dc1c2bcb5ae43456ff474815cb7d925c5
c1a366d694caeb11be2024da4a41c8c1df1f33414363ca7aeadd55683739cbeb
GET /upload/vod/2022/12/wsjcnxu5mfc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 4700
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7557
content-disposition: inline; filename="wsjcnxu5mfc.webp"
etag: "6396b759-1d85"
last-modified: Mon, 12 Dec 2022 05:08:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85c898b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg
172.67.28.138200 OK 4.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e07b23cff09955a1a69f57979aa5e16b
51099eaa25b02c56e88143051e0e9eb3288ad2b0
5c936d61aabed347e23d7c0a66fc26098ffef0701833aff18bd4303553816761
GET /upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/jpeg
content-length: 4317
last-modified: Sat, 22 Oct 2022 07:36:00 GMT
etag: "63539d60-10dd"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c85a86cb529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/uc4xtwojx3e.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/uc4xtwojx3e.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3100d022093275773d65431e4bd07866
bb9a6407911ed036713d3ed99679baf394ee5ce9
94c20e0355cc31262c8def57017d493b912223ce2d45e2c3203b0227505b9f9e
GET /upload/vod/2022/12/uc4xtwojx3e.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/jpeg
content-length: 11454
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11992, status=webp_bigger
etag: "63997415-2ed8"
last-modified: Wed, 14 Dec 2022 06:58:29 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c85a881b529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/tedqfnlyoyp.jpg
172.67.28.138200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/tedqfnlyoyp.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 23fdc785a2c387a8921008b7aef07cbd
b97e64bea59d8efd1341a6b139a9023c951a19da
a30cc3d5cb4ad095190a9af6961a7a567a29ffbc395735d4be2c99f69f523a7f
GET /upload/vod/2022/12/tedqfnlyoyp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 9858
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10702
content-disposition: inline; filename="tedqfnlyoyp.webp"
etag: "63903e33-29ce"
last-modified: Wed, 07 Dec 2022 07:18:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85b88cb529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/hdb4tpvqtzu.jpg
172.67.28.138200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/hdb4tpvqtzu.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a5369002fb4fea5a354ce5173b02e36
23f9b8694d8f59a32c5b0f26c67a4bf92ff9dee2
0bc72f1f717ef1a9022cdcd690a397fc30e11f6c3fe8d0af2ad1c5ecc4c86116
GET /upload/vod/2022/12/hdb4tpvqtzu.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 8374
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10568
content-disposition: inline; filename="hdb4tpvqtzu.webp"
etag: "63997412-2948"
last-modified: Wed, 14 Dec 2022 06:58:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85a87eb529-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ioyhtumulof.jpg
172.67.28.138200 OK 5.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ioyhtumulof.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7166b8828b383416635552a4e7d934ce
87a7b007c91b402ac837ae8e266418ff7c2b3e6f
0d4d40ee2c8f25be22915ed40f628147f3c428bf48f54d5fc71a81bf91581919
GET /upload/vod/2022/12/ioyhtumulof.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/webp
content-length: 5408
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6438
content-disposition: inline; filename="ioyhtumulof.webp"
etag: "63919883-1926"
last-modified: Thu, 08 Dec 2022 07:55:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 779a5c85d8a9b529-OSL
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
47.246.44.231200 OK 460 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 460 kB (459882 bytes)
Hash 9755d798f1df0ff90ff281daf889c27e
6684c546dc5b1e65c84786cf929562e4bf5a4854
86943358042194179070f2e3fa41e8296cd53999c5d025fdcaf6ddff98714f87
GET /obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 459882
date: Mon, 05 Dec 2022 11:57:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:29:24 GMT
nw-session-id: 202212051929240102090950660FC6D0DCgkhk903dy
nw-session-trace: 2022-12-05T19:29:24.652328753+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 459882
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:29:24 GMT
x-tt-logid: 202212051929240102090950660FC6D0DC
via: n132-078-099, cache9.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e53d331f021ee346a4a71cd251f620c397b4785e133000e4fcc6a1414827e76105afaf9318ee148ff06afa2468c0c77cf2a1905b0e38acce52cf9db0363cd74a65d3a109f76bc5c653c18372cd8b87f98cdbbed705c989cbdb2708cf3e5eac60
x-response-lb: image
ali-swift-global-savetime: 1670241457
age: 815332
x-cache: HIT TCP_MEM_HIT dirn:3:539423346
x-swift-savetime: Mon, 05 Dec 2022 12:00:14 GMT
x-swift-cachetime: 31535843
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16710567897716739e
X-Firefox-Spdy: h2
www.jxys20.xyz/
173.231.38.5200 OK 369 kB IP 173.231.38.5:0
Size 369 kB (369440 bytes)
Hash f2c76496de4527b4fe4acf8e25e11c26
ee9b9ec51a91705c1d5dd05f16cf355f0442b994
39f21bc17cae70868a92930699a59a32c6a7467e6413708b479fd472f2418904
GET / HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
103.170.15.74200 OK 149 kB URL HTTP/1.1 66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
IP 103.170.15.74:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 149 kB (149081 bytes)
Hash ca110f84ebcc10dd498b26dc6c90087b
cfaf975d43693cfc7c2e05305068b0d933748d98
04dff307dc6fdc4da149bad386613e102c1f0e6d2b26974c5666505c7d97ef2e
Analyzer Verdict Alert quad9 Sinkholed
GET /137dd6d87688482eb020c1c774325059.185.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f2795c-24659"
Date: Wed, 14 Dec 2022 13:05:50 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:12:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-04
Content-Length: 149081
kvhjjj.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
104.21.234.217200 OK 1.6 MB URL HTTP/2 kvhjjj.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP 104.21.234.217:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvhjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys20.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sun, 26 Jun 2022 12:04:30 GMT
etag: "62b84b4e-1844d9"
expires: Tue, 10 Jan 2023 16:16:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 281420
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnTG6Znwq3U4gIKD6t9hpSXSZHOwdvuLfBNA5IYQxB2fEVLRjUoXnQp0NfAUX%2F5FKHfIXGA7W%2FXB8Rwo0YdolbEH3KYSpcB%2BYg7Moe2HlCHnsJDwLu2xcPZd8CGc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779a5c883e1b7480-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.jxys20.xyz/template/m1938pc/static/css/style.css
173.231.38.5200 OK 95 kB URL HTTP/2 www.jxys20.xyz/template/m1938pc/static/css/style.css
IP 173.231.38.5:0
Hash 5c5c26ab9220b02d80fa2d4a8021b249
cc424d901df8036dc774c76a0a34b117e560e6b6
74a771c372a37fa67c4d4ea9e0c8e62f775ca677b2d92f61545999f339ff4c3c
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:26 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Thu, 15 Dec 2022 10:26:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
103.170.15.74200 OK 553 kB URL HTTP/1.1 66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
IP 103.170.15.74:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /73f23e1f7ead40baa32cf579a4bb735b.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f27ac4-86f72"
Date: Wed, 14 Dec 2022 12:57:59 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:18:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-04
Content-Length: 552818
zhibo128x.xyz/128/318X216.gif
154.83.25.141200 OK 90 kB URL HTTP/1.1 zhibo128x.xyz/128/318X216.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 318 x 216\012- data
Hash fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d
GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 14 Dec 2022 22:25:21 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Sat, 31 Dec 2022 05:06:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
www.jxys88.net/news/data.php
173.231.12.68200 OK 188 kB URL HTTP/2 www.jxys88.net/news/data.php
IP 173.231.12.68:0
Size 188 kB (188322 bytes)
Hash e3c625aae9cf5f5a964cba434c363ae3
19a430a4192b63a6dd2f5278daa01a010d278f8d
292769017a9b976a86045c3b9cfa75c332aac203ad145553a80281e4001df72e
GET /news/data.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
66668aaa.com/be06739ff6904a9fbf7359e89406aa37.gif
103.170.15.74200 OK 1.1 MB URL HTTP/1.1 66668aaa.com/be06739ff6904a9fbf7359e89406aa37.gif
IP 103.170.15.74:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 980 x 80\012- data
Size 1.1 MB (1128817 bytes)
Hash 662e405736661ad9632ddf0c6538731a
5fcbab5d40c3372be48cb4fa9dc01ff58b5cb24e
993bb3ccc922975fa87b4ee2f646297b7cb4e10c862388db721cdeffb7e95edf
Analyzer Verdict Alert quad9 Sinkholed
GET /be06739ff6904a9fbf7359e89406aa37.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6399d351-113971"
Date: Wed, 14 Dec 2022 15:38:38 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 14 Dec 2022 13:44:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-04
Content-Length: 1128817
99998aaa.com/4aa44d1866a149878b6b79cadb7ab527.gif
103.170.15.80200 OK 748 kB URL HTTP/1.1 99998aaa.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP 103.170.15.80:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 748 kB (748166 bytes)
Hash dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608
Analyzer Verdict Alert quad9 Sinkholed
GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 99998aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63032a8a-b6a86"
Date: Wed, 14 Dec 2022 15:34:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 22 Aug 2022 07:04:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-10
Content-Length: 748166
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f940714272f223eb82e50bad87cef902
1d0a03eb5a1f29c37611ac488af9a0feedc2f5fd
4537ebb2c2cca181353488fae1d876c5c1cd0a2e8a0ee898560564e45dcd1a39
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:58:39 GMT
Expires: Mon, 19 Dec 2022 05:58:38 GMT
Etag: "1d0a03eb5a1f29c37611ac488af9a0feedc2f5fd"
Cache-Control: max-age=372127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c8a7a18b51e-OSL
66669aaa.com/2d7b4166a63c4e48bb523d07d45069fb.gif
45.61.212.219200 OK 254 kB URL HTTP/1.1 66669aaa.com/2d7b4166a63c4e48bb523d07d45069fb.gif
IP 45.61.212.219:0
File type GIF image data, version 89a, 750 x 150\012- data
Size 254 kB (254363 bytes)
Hash 73bf5e1a256f4f70c6312d76e6f02cce
198aa17d9997f20877733ae380c32d8c98ed4bb9
4b664ff030b33d67670b9cbfbf8e1ab6aeaad63d5d0eed5572658ae6d5399a7a
Analyzer Verdict Alert quad9 Sinkholed
GET /2d7b4166a63c4e48bb523d07d45069fb.gif HTTP/1.1
Host: 66669aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6399cb60-3e19b"
Date: Wed, 14 Dec 2022 15:33:37 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 14 Dec 2022 13:10:56 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-19
Content-Length: 254363
p3.douyinpic.com/obj/tos-cn-i-dy/4f00585d06334268973fbb91eeba0b8e
47.246.44.231200 OK 134 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/4f00585d06334268973fbb91eeba0b8e
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 320 x 190\012- data
Size 134 kB (133945 bytes)
Hash 1451db0b67f42b4a25fb7deda607fbb1
48266d3111942dd0b477cfcbfa71527c50981385
b2bd9300e241291ffaf028b58124a4313c2846c8240f9b4cfff731bbd5136320
GET /obj/tos-cn-i-dy/4f00585d06334268973fbb91eeba0b8e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 133945
date: Wed, 07 Dec 2022 09:03:39 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 07 Dec 2022 06:09:49 GMT
nw-session-id: 202212071409490102081611002488851Bwf5p503dy
nw-session-trace: 2022-12-07T14:09:49.498260728+08:00 94
x-bdcdn-cache-status: TCP_HIT
x-length: 133945
x-powered-by: ImageX
x-response-date: Wed, 07 Dec 2022 14:09:49 GMT
x-tt-logid: 202212071409490102081611002488851B
via: n204-098-199, cache5.l2de2[0,0,206-0,H], cache3.l2de2[0,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc01:22:35::154
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce1081f6f984275a9e5cf86091f9e0f12a79bddee19c774e2ad85295f24bdfb6c5d99b67206916692e50a0e9718503fe8bf67f8dd6809a0168f5afa28582e0a6a842bf344405f922f86f3b600daf5831627a7d
x-response-lb: image
ali-swift-global-savetime: 1670403819
age: 652971
x-cache: HIT TCP_MEM_HIT dirn:2:52745100
x-swift-savetime: Wed, 07 Dec 2022 13:10:59 GMT
x-swift-cachetime: 31521160
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16710567903807265e
X-Firefox-Spdy: h2
zhibo128x.xyz/128/960x120.gif
154.83.25.141200 OK 383 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 383 kB (382861 bytes)
Hash 1d308356da4f24b7599d3a956cd25b42
a80c7b5e3680ba611b86269b78eedaff05b45611
46e8edbf6de8b498100e7e4e9e744a72f607adbc5ae0c5c1f3d6c8d6d2bb5f43
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 14 Dec 2022 22:25:21 GMT
Content-Type: image/gif
Content-Length: 382861
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 05:05:52 GMT
ETag: "63883630-5d78d"
Expires: Sat, 31 Dec 2022 05:06:10 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
66668aaa.com/8bd58f51917d43c98efb7264da3e6a09.gif
103.170.15.74200 OK 640 kB URL HTTP/1.1 66668aaa.com/8bd58f51917d43c98efb7264da3e6a09.gif
IP 103.170.15.74:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 640 kB (640115 bytes)
Hash e63b36dadbdaeaf26f8cddd8e077d3dc
eff646d025224911b00e4a648493c7dbec6feb10
a123045e26313bf1be34d1f3d94a7e20f9f0db8a92f1e23f458fbc862ee278b9
Analyzer Verdict Alert quad9 Sinkholed
GET /8bd58f51917d43c98efb7264da3e6a09.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63510b81-9c473"
Date: Wed, 14 Dec 2022 13:22:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 20 Oct 2022 08:49:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-04
Content-Length: 640115
u1022.com/da5dfac32ac34ba592b6f45c5de4a88c.gif
103.170.15.64200 OK 383 kB URL HTTP/2 u1022.com/da5dfac32ac34ba592b6f45c5de4a88c.gif
IP 103.170.15.64:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 100\012- data
Size 383 kB (382842 bytes)
Hash 3ee8c68d9bcee9dba9e18883f7a79dd7
ca6173103323ab2685f5c50c81c2e80d50583ab9
150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9
GET /da5dfac32ac34ba592b6f45c5de4a88c.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63849d60-5d77a"
server: nginx
date: Mon, 12 Dec 2022 06:55:57 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 11:37:04 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-54
content-length: 382842
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
13.227.254.83200 OK 507 kB URL HTTP/1.1 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 13.227.254.83:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 507 kB (506851 bytes)
Hash 720e80d2a7ff4cf1bbf0b1608c2f35de
bf0a987ac8d4c7728171fe41e5c45b61b45a2f73
e177aeb64efe8103f8af0afc0a768394d970bbe60edcf103a083d56b915c18b1
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:08:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 14 Dec 2022 15:18:46 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 4e3c79d06b4e17a0f3b574740ddc8206.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: UPVh8RTdny65cq-O-yUiVwS8Y92ZzTZOPGL7JUpdHfd_o3g7C3Evvw==
Age: 25664
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash f219e8960333e89604026654acb96874
c6bb3e5f1e708480981c4e03873c2f6ffb04ec26
e9d658af4724798ec600f465c831d019a25742cae6c144ab445fceadc3da4392
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:30 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 13 Dec 2022 16:39:34 GMT
Expires: Tue, 20 Dec 2022 16:39:33 GMT
Etag: "c6bb3e5f1e708480981c4e03873c2f6ffb04ec26"
Cache-Control: max-age=496982,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c8c3ea5b50c-OSL
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGqQ7cDQyBVyvpic5hLKDbia6eDFqiaqQouskOfSW6k8L0Oc/0
43.129.255.47200 OK 348 kB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGqQ7cDQyBVyvpic5hLKDbia6eDFqiaqQouskOfSW6k8L0Oc/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 348 kB (347760 bytes)
Hash 342e2051d105472030eb913609d9c8a9
d416a111846dd58db57824ffca41bb7b7b2e27ff
764c05afd891ae7b76feeacae4b2e1606b1cab99a3c6e4ff83bca37f93d9e95d
GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGqQ7cDQyBVyvpic5hLKDbia6eDFqiaqQouskOfSW6k8L0Oc/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 347760
vary: Accept,Origin
last-modified: Tue, 13 Dec 2022 13:19:37 GMT
cache-control: max-age=2592000
x-delay: 53877 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 347760
chid: 0
fid: 0
x-nws-log-uuid: 6ef791dd-ac6b-414f-a35d-be84ef2f68a9
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eb99642bbcc189d952bd5636ff8c57c6
e0228589ecda05aac836b04a84b50ea9f5b909b4
d9504a2bec11f160addce2f9b8003a45fe7add2984810cedb580111ee5abce36
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 13:11:45 GMT
Expires: Mon, 19 Dec 2022 13:11:44 GMT
Etag: "e0228589ecda05aac836b04a84b50ea9f5b909b4"
Cache-Control: max-age=398113,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779a5c8cbfe10afa-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/c81b99c825c24e42bc08252d8206b587
47.246.44.231200 OK 233 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/c81b99c825c24e42bc08252d8206b587
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 320 x 140\012- data
Size 233 kB (233162 bytes)
Hash 4af6b3ae2f018fb1ce5d9b4a91885d37
40a5556f2ff0a3d782d714d7246195d4e306ce8c
4c95eb8ee3c97ca94fdd90c4498fbaa517d63a2ac7de3bf8b55ffcc347d44280
GET /obj/tos-cn-i-dy/c81b99c825c24e42bc08252d8206b587 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 233162
date: Wed, 14 Dec 2022 15:33:00 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 14 Dec 2022 12:35:51 GMT
nw-session-id: 2022121420355101021004914523785B89pkm5t03dy
nw-session-trace: 2022-12-14T20:35:51.642327707+08:00 20
x-bdcdn-cache-status: TCP_HIT
x-length: 233162
x-powered-by: ImageX
x-response-date: Wed, 14 Dec 2022 20:35:51 GMT
x-tt-logid: 2022121420355101021004914523785B89
via: n204-100-074, cache12.l2de2[0,0,206-0,H], cache16.l2de2[0,0], cache16.l2de2[1,0], cache4.se1[0,0,200-0,H], cache8.se1[2,0]
x-request-ip: fdbd:dc01:27:681::36
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01bbbf52b0bbf0e6ab2a287ad6e604b5168d959271cb6b289236e1ff32fc46573246a9198b294a61b9e7caebd21fdf9637c0135b481a1bcfc5e6c7acf1eac59d1b0d0bfc1f08f3249d1f2530a37d0c3c04a3ae53ef7475e0b757f8cb2608992898
x-response-lb: image
ali-swift-global-savetime: 1671031980
age: 24810
x-cache: HIT TCP_HIT dirn:2:7613771
x-swift-savetime: Wed, 14 Dec 2022 15:49:30 GMT
x-swift-cachetime: 31535010
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16710567909357742e
X-Firefox-Spdy: h2
88886aaa.com/db431bafa2474156b9fddc3d9c277b4d.gif
45.61.212.127200 OK 177 kB URL HTTP/1.1 88886aaa.com/db431bafa2474156b9fddc3d9c277b4d.gif
IP 45.61.212.127:0
File type GIF image data, version 89a, 240 x 140\012- data
Size 177 kB (176976 bytes)
Hash 5c383b781891f009bfe7545eb03e78d9
75d4973454dc1243aeb3e10c8f58033b904f55a0
3fcb048f35db216dd311386f685b6dd7ed68384951f09cc018287cdb49d1d35b
Analyzer Verdict Alert quad9 Sinkholed
GET /db431bafa2474156b9fddc3d9c277b4d.gif HTTP/1.1
Host: 88886aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62da66b6-2b350"
Date: Wed, 14 Dec 2022 15:35:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 22 Jul 2022 08:58:30 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-27
Content-Length: 176976
58tu.1468tu.com/58tu/960x100.gif
20.249.88.42200 OK 166 kB URL HTTP/1.1 58tu.1468tu.com/58tu/960x100.gif
IP 20.249.88.42:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 100\012- data
Size 166 kB (165870 bytes)
Hash ac63ac5a8f69ce5bd9f5c6dbcbe5e449
ea0e3a5a67615ba236262770bfbf9aacaaf59ef8
c509935cc565a4e97603bb9ae7ed879b22b0ac048e825cd771be70b69ce0842d
GET /58tu/960x100.gif HTTP/1.1
Host: 58tu.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 22:26:30 GMT
Content-Type: image/gif
Content-Length: 165870
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 08:09:12 GMT
ETag: "b6ce236cffd6d81:0"
X-Powered-By: ASP.NET
Server: X-Y
X-Cache-Status: HIT
Accept-Ranges: bytes
8499225.com/8499/zzxx/960x60.gif
172.247.50.226200 OK 348 kB URL HTTP/2 8499225.com/8499/zzxx/960x60.gif
IP 172.247.50.226:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 348 kB (347760 bytes)
Hash 342e2051d105472030eb913609d9c8a9
d416a111846dd58db57824ffca41bb7b7b2e27ff
764c05afd891ae7b76feeacae4b2e1606b1cab99a3c6e4ff83bca37f93d9e95d
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:30 GMT
content-type: image/gif
content-length: 347760
last-modified: Tue, 13 Dec 2022 13:22:38 GMT
etag: "54e70-5efb5838fd427"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys88.net/news/index.php
173.231.12.68200 OK 0 B URL HTTP/2 www.jxys88.net/news/index.php
IP 173.231.12.68:0
GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
c2.im5i.com/2022/09/23/H9cjz.gif
14.17.115.233200 OK 0 B URL HTTP/2 c2.im5i.com/2022/09/23/H9cjz.gif
IP 14.17.115.233:0
GET /2022/09/23/H9cjz.gif HTTP/1.1
Host: c2.im5i.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 321110
last-modified: Fri, 23 Sep 2022 12:38:46 GMT
etag: "632da8d6-4e656"
expires: Fri, 13 Jan 2023 22:26:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
c2.im5i.com/2022/09/23/H9se5.gif
14.17.115.233200 OK 0 B URL HTTP/2 c2.im5i.com/2022/09/23/H9se5.gif
IP 14.17.115.233:0
GET /2022/09/23/H9se5.gif HTTP/1.1
Host: c2.im5i.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 380696
last-modified: Fri, 23 Sep 2022 12:39:12 GMT
etag: "632da8f0-5cf18"
expires: Fri, 13 Jan 2023 22:26:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.u2267.com/images/6399c2d856eec67c33ea8923.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.u2267.com/images/6399c2d856eec67c33ea8923.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/6399c2d856eec67c33ea8923.gif HTTP/1.1
Host: img.u2267.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6eda3a9b5a154380acc9e720e96a792e
X-Firefox-Spdy: h2
img.9756x.com/images/6399c2ee56eec67c33ea8924.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.9756x.com/images/6399c2ee56eec67c33ea8924.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/6399c2ee56eec67c33ea8924.gif HTTP/1.1
Host: img.9756x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/c81b99c825c24e42bc08252d8206b587
X-Firefox-Spdy: h2
n0566.com/930e01d640b64ec088f2b1425d5bf100.gif
20.222.165.74200 OK 0 B URL HTTP/2 n0566.com/930e01d640b64ec088f2b1425d5bf100.gif
IP 20.222.165.74:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /930e01d640b64ec088f2b1425d5bf100.gif HTTP/1.1
Host: n0566.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 22:26:30 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Mon, 28 Nov 2022 11:38:23 GMT
etag: W/"63849daf-b343"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
c2.im5i.com/2022/09/23/H9rR4.gif
14.17.115.233200 OK 0 B URL HTTP/2 c2.im5i.com/2022/09/23/H9rR4.gif
IP 14.17.115.233:0
GET /2022/09/23/H9rR4.gif HTTP/1.1
Host: c2.im5i.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 365002
last-modified: Fri, 23 Sep 2022 12:36:55 GMT
etag: "632da867-591ca"
expires: Fri, 13 Jan 2023 22:26:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
c2.im5i.com/2022/09/23/H9JPG.gif
14.17.115.233200 OK 0 B URL HTTP/2 c2.im5i.com/2022/09/23/H9JPG.gif
IP 14.17.115.233:0
GET /2022/09/23/H9JPG.gif HTTP/1.1
Host: c2.im5i.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 319916
last-modified: Fri, 23 Sep 2022 12:38:15 GMT
etag: "632da8b7-4e1ac"
expires: Fri, 13 Jan 2023 22:26:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.9376x.com/images/6399c27b56eec67c33ea8921.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.9376x.com/images/6399c27b56eec67c33ea8921.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/6399c27b56eec67c33ea8921.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
X-Firefox-Spdy: h2
www.jxys20.xyz/template/m1938pc/static/css/1.css
173.231.38.5200 OK 0 B URL HTTP/2 www.jxys20.xyz/template/m1938pc/static/css/1.css
IP 173.231.38.5:0
GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:26 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Thu, 15 Dec 2022 10:26:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxys20.xyz/template/m1938pc/html9/ads/zxf.js
173.231.38.5200 OK 0 B URL HTTP/2 www.jxys20.xyz/template/m1938pc/html9/ads/zxf.js
IP 173.231.38.5:0
GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys20.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:26 GMT
content-type: application/javascript
last-modified: Wed, 14 Dec 2022 16:15:32 GMT
vary: Accept-Encoding
etag: W/"6399f6a4-715"
expires: Thu, 15 Dec 2022 10:26:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
c2.im5i.com/2022/09/23/H9ypW.gif
14.17.115.233200 OK 0 B URL HTTP/2 c2.im5i.com/2022/09/23/H9ypW.gif
IP 14.17.115.233:0
GET /2022/09/23/H9ypW.gif HTTP/1.1
Host: c2.im5i.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 22:26:29 GMT
content-type: image/gif
content-length: 378981
last-modified: Fri, 23 Sep 2022 12:37:38 GMT
etag: "632da892-5c865"
expires: Fri, 13 Jan 2023 22:26:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1190555.com/images/638f442f93f8ec5e6b5c07d0.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.1190555.com/images/638f442f93f8ec5e6b5c07d0.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/638f442f93f8ec5e6b5c07d0.gif HTTP/1.1
Host: img.1190555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
X-Firefox-Spdy: h2