Report - weightloss-meals.com/gym-and-meals

Report Overview

Submitted URL
weightloss-meals.com/gym-and-meals
IP
107.165.125.108
ASN
#18779 EGIHOSTING
Submitted
2022-11-29 04:44:45
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
dimg04.c-ctrip.com	139731	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	151 kB	104.110.17.24
fmlb.netlbtu.com	187701	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	29 kB	172.247.77.90
p3.douyinpic.com	23536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	2.5 MB	47.246.44.228
img.2559u.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	653 B	185.239.226.23
img.2557u.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
img.9197x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	15 kB	104.18.32.68
kveff.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	422 B	64.32.13.142
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	295 kB	47.56.33.49
static.qwahk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	476 B	206.119.105.167
u1022.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	383 kB	103.189.109.79
yzf.qq.com	627844	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	926 B	452 B	113.96.208.98
sszhan.oss-cn-shenzhen.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	615 kB	120.77.166.119
acoosso.top	631702	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	1.9 kB	91.195.240.12
kvkggg.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	740 kB	172.67.154.165
sysupload.csiteadmin.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	2.0 MB	52.184.85.124
img.9219x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.4 kB	17 kB	23.36.77.32
tt.1468tu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	166 kB	43.153.174.204
zhibo128x.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	768 B	738 kB	154.83.25.141
8499225.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	331 kB	172.247.50.228
sz88.oss-cn-shenzhen.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	592 kB	120.77.166.72
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	36 kB	103.235.46.191
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	294 B	750 B	112.34.113.148
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	12 kB	104.18.21.226
539397377.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	462 B	47.75.19.145
imagedelivery.net	255311	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	878 B	334 kB	104.18.2.36
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	9.8 kB	172.64.155.188
n0566.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	39 kB	20.222.117.184
3p8801.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	50 kB	107.148.202.17
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	114 B	182.61.201.94
ocsp.buypass.com	157566	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	4.3 kB	23.36.76.200
8499163.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	195 kB	172.247.50.229
kvezz.com	237784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	422 B	45.154.215.92
kzecc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	422 B	64.32.13.142
339282bdb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	666 kB	103.170.15.103
ocsp.digicert.cn	37572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	3.3 kB	47.246.44.205
829355rff.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	62 kB	103.170.15.103
taiwtp1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	762 B	68 kB	220.128.218.220
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.255.30
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	48 kB	34.120.237.76
200.benbenys.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	303 B	58 kB	23.224.61.222
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
kvmaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	170.178.176.170
img.1129555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	182 B	185.239.226.23
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	1.4 kB	142.250.74.35
kvemm.com	222018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	64.32.13.142
592773xgg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	581 kB	103.170.15.103
si1.go2yd.com	325918	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	141 kB	163.171.140.79
nvhbbb.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	1.6 MB	104.21.55.74
max009.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	1.2 MB	104.21.79.112
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	3.8 kB	104.18.21.226
www.jxys88.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	259 kB	173.231.12.68
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	6.6 kB	23.36.77.32
max004.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	865 kB	172.67.222.73
max002.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	367 kB	104.21.233.253
kvkddd.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	2.1 MB	104.21.233.183
885364.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	34 kB	47.75.19.145
www.weightloss-meals.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.0 kB	107.165.125.108
www.yssydh.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	48 kB	172.67.209.49
kvevv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	64.32.13.142
www.jxys12.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	1.3 MB	173.231.38.5
lbfm.lbpictupian.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	229 kB	104.22.12.214
223969ufy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	359 kB	103.170.15.109
5593qq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	748 kB	45.61.212.228
628536nyv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	670 kB	103.170.15.113
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	8.4 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
weightloss-meals.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	209 B	107.165.125.108
p.qlogo.cn	48578	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	917 B	540 kB	43.129.255.47
585227ybn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	161 kB	45.61.212.129
i.ibb.co	13485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	1.2 kB	162.19.58.156
api.79zxcv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	6.4 kB	18.141.56.242
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	696 B	3.7 kB	23.36.79.17
ob699.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	262 B	20 kB	45.153.131.58
362728tdg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	423 kB	103.170.15.113
img.9712x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	339282bdb.com	Sinkholed
2022-11-29	medium	79zxcv.com	Sinkholed
2022-11-29	medium	79zxcv.com	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	223969ufy.com	Sinkholed
2022-11-29	medium	339282bdb.com	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	362728tdg.com	Sinkholed
2022-11-29	medium	628536nyv.com	Sinkholed
2022-11-29	medium	79zxcv.com	Sinkholed
2022-11-29	medium	829355rff.com	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed
2022-11-29	medium	585227ybn.com	Sinkholed
2022-11-29	medium	jxys12.xyz	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:14:52 Last Seen2023-03-11 22:14:52 Times Seen1 Hash 241b32790cdd0c82fd37eb8fd9b09959 f309b7576e39fc5aa89b4a54074cd2f26843ba5f d8abe269fbc688c8a1b9c8d48ab44e68a2dba3595323f176010d63b4586f2943 Loading...

	hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:14:52 Last Seen2023-03-11 22:14:52 Times Seen1 Hash 7236261e38fbf84c426cf6fb7243c026 774a368bb43b4e30346b54d8fa92bb494ac76181 6c7316065dc8103ac65b6acdc63c7780c0bbb074a960eaf3f25a09a49e3d1029 Loading...

	www.jxys88.net/news/data.php	469 B	2023-03-08	2023-03-11
Pretty URL www.jxys88.net/news/data.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 7f56be0ca5a97f81ac641229e5c24b4c 692a4379baa5daf6b4e173fb012a87641bde14d1 032baef139f9557423b7d7536a112f7bfb6b12b1a17210dec23ed069d5f2d005 Loading...

	hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:14:52 Last Seen2023-03-11 22:14:52 Times Seen1 Hash 0fa01736aaf221fdbae56892830aa340 efa412fd373de053b18cf8fe8c1ec3701c634f1c 5918d8246d9ea47000114f14749ee2bfce4756dd8f5288c8f74b464ebcbdd7bc Loading...

	api.79zxcv.com/js/dom.js	16 kB	2023-03-07	2023-03-11
Pretty URL api.79zxcv.com/js/dom.js IP 18.141.56.242 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:52:35 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 69252e17604aab4c6fd770c3f70113e9 69f8291f946243a4f9f5164256d017927db85d13 73931ac37c9a8ff96a448e363e9d838809e47794beae1a9992754f1678638dcd Loading...

	www.weightloss-meals.com/gym-and-meals	404 B	2023-03-07	2024-04-26
Pretty URL www.weightloss-meals.com/gym-and-meals IP 107.165.125.108 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 05:42:02 Times Seen2979 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.weightloss-meals.com/tj.js	518 B	2023-03-07	2023-03-13
Pretty URL www.weightloss-meals.com/tj.js IP 107.165.125.108 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:57:49 Last Seen2023-03-13 18:45:17 Times Seen1 Hash 42d13181dd4c01c00e9e51359fa72da3 f42486f56c3ad0f9c1c924173afd2125a58b64f0 ab4722cfa6736dc75c10a0b0049115cb92910e5779f164f5347caadf1efc4fcd Loading...

	www.weightloss-meals.com/common.js	1.5 kB	2023-03-07	2023-03-17
Pretty URL www.weightloss-meals.com/common.js IP 107.165.125.108 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:14 Last Seen2023-03-17 10:41:04 Times Seen1 Hash 2d67599d1e21388fb35a4f6ae7c75a34 d659e4906bd306b2056c78675375c10c520f0435 4f619b09ee009853db7003ec09d8562208b4fd9a643d4706084159df5804b84d Loading...

	www.jxys12.xyz/	254 B	2023-03-07	2023-07-10
Pretty URL www.jxys12.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-07-10 02:29:30 Times Seen148 Hash 2b060c01c124335c89db809e88d801f5 4226dea14013c0d2b6a391cebcfafc02e00d9305 46b48e8582d3035db685d90fd6ef29a676ae4f59721521c4025568c81fc43621 Loading...

	api.79zxcv.com/sh/328.js	463 B	2023-03-08	2023-03-11
Pretty URL api.79zxcv.com/sh/328.js IP 18.141.56.242 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:05 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 4ada6e293a75c07ce69d0e9aa7cabe73 a17400b9941f0fa71105caac6ce7e18eea16b7c9 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493 Loading...

	www.jxys88.net/news/index.php	166 B	2023-03-07	2023-04-05
Pretty URL www.jxys88.net/news/index.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-04-05 02:05:15 Times Seen271 Hash 148c395b30fc62c19c4e96a387ce5080 aaad892b0553b427438079c39c45c04a4bd26683 3abae3dd940fa31948ccf4348d0b3dd0528808c33a99915e9ea06c6c9faf097c Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-26
Pretty URL push.zhanzhang.baidu.com/push.js IP 112.34.113.148 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 09:31:45 Times Seen19014 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js	1.3 kB	2023-03-11	2023-03-11
Pretty URL www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js IP 173.231.38.5 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:47:04 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 50d197db81ae1c50a03a76a7fefdcbff e82140142939f85261b7ce48f05ecbd91d36ae1e 7b737973f693b23e00cc94582d29ff06a056421a9883865b62dde20a34b733e5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 98112740f8145bd07094ea41bd876ed8	473 B	2023-03-09	2024-02-11
Pretty Observations First Seen2023-03-09 09:14:58 Last Seen2024-02-11 08:15:52 Times Seen1 Hash 98112740f8145bd07094ea41bd876ed8 91a9606fdedf7097723cbaaed70f3ac8ee05ef84 bd6c47b0f777a0d657a27188564ce3d79d981db13810fff1b42f4357534cee47 Loading...

		Size	First Seen	Last Seen
	#1 Write - c11358efdc00df229107889ddf732785	351 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 10:06:29 Last Seen2023-03-11 22:51:19 Times Seen1 Hash c11358efdc00df229107889ddf732785 ccabccf8ce36e492ade01bdf53571773c24a82dc bc6eefa90005a569493948d8ae97575bf163beae520323be99102d7d8fb217a1 Loading...

	#2 Write - a8a2a4c9c8f17c07ff91bfa4628f00d3	454 B	2023-03-09	2024-02-11
Pretty Observations First Seen2023-03-09 09:14:58 Last Seen2024-02-11 08:15:53 Times Seen1 Hash a8a2a4c9c8f17c07ff91bfa4628f00d3 5eb3fdf1789e5f6156f66c50bc0c718a87113627 29a509c17c4110f9006d2107b69c77742a293c5cd7c474ff53248173b756d525 Loading...

	#3 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-25 20:37:27 Times Seen3762 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#4 Write - 9e58bc71ba979d178641dc7a36580d52	328 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 9e58bc71ba979d178641dc7a36580d52 1e38142c09934e54bb33e6bdc2eda1a28da6c7c7 380ed21bcde40c675ea4aa1b4208659bcfec7172b3b42ba8c71961b354c91c28 Loading...

HTTP Transactions (234)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4096
Expires: Tue, 29 Nov 2022 05:52:47 GMT
Date: Tue, 29 Nov 2022 04:44:31 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4937
Cache-Control: max-age=112147
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:31 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:53:38 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5368
Expires: Tue, 29 Nov 2022 06:13:59 GMT
Date: Tue, 29 Nov 2022 04:44:31 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 04:19:35 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1496
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: v7Wq+KlF0cJ8sPlgPupBf7N4Cc5lGS/ILGsiN7bxYZ9VDU9iLgHCKKEZh3Lfd0aIZCOuMKyO1a6+nyN/3xb94w==
x-amz-request-id: KXXE7W40NBKFTSCV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 03:45:17 GMT
age: 3554
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

weightloss-meals.com/gym-and-meals

107.165.125.108

301 Moved Permanently

0 B

URL HTTP/1.1
weightloss-meals.com/gym-and-meals
IP
107.165.125.108:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gym-and-meals HTTP/1.1
Host: weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 29 Nov 2022 04:44:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.weightloss-meals.com/gym-and-meals

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 04:11:13 GMT
cache-control: public,max-age=3600
age: 1999
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

www.weightloss-meals.com/gym-and-meals

107.165.125.108

200 OK

783 B

URL HTTP/1.1
www.weightloss-meals.com/gym-and-meals
IP
107.165.125.108:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
783 B (783 bytes)
Hash
a942daf4507d5ead8823e6851783c6d8
a8a0cd5991f301b6f7e113222b2b5252d6fe5e56
f529b0ebc5e1f012afefc84e9e941c47217795f1aa56578c55d00bbdca4ed34a

HTTP Headers

GET /gym-and-meals HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:44:31 GMT
Content-Type: text/html
Content-Length: 783
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2903
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:32 GMT
Last-Modified: Tue, 29 Nov 2022 03:56:09 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

www.weightloss-meals.com/tj.js

107.165.125.108

200 OK

518 B

URL HTTP/1.1
www.weightloss-meals.com/tj.js
IP
107.165.125.108:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with CRLF line terminators
Size
518 B (518 bytes)
Hash
42d13181dd4c01c00e9e51359fa72da3
f42486f56c3ad0f9c1c924173afd2125a58b64f0
ab4722cfa6736dc75c10a0b0049115cb92910e5779f164f5347caadf1efc4fcd

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:44:31 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive

www.weightloss-meals.com/common.js

107.165.125.108

200 OK

738 B

URL HTTP/1.1
www.weightloss-meals.com/common.js
IP
107.165.125.108:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
738 B (738 bytes)
Hash
70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6

HTTP Headers

GET /common.js HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

52.89.255.30

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.255.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7inrq3PXDfYiLw562JjiLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /wfhjgkyRoiBSa/wgNkO/AdLHlg=

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
c60e4318a49ff8976f2f06944b2a81de
c450389711c5206d2afa7a2760d18f9658f6a36c
99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 03 Dec 2022 00:30:27 GMT
ETag: "c450389711c5206d2afa7a2760d18f9658f6a36c"
Last-Modified: Tue, 29 Nov 2022 00:30:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3536
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718b0546892b503-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
c60e4318a49ff8976f2f06944b2a81de
c450389711c5206d2afa7a2760d18f9658f6a36c
99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 03 Dec 2022 00:30:27 GMT
ETag: "c450389711c5206d2afa7a2760d18f9658f6a36c"
Last-Modified: Tue, 29 Nov 2022 00:30:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3536
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718b0546b16fac8-OSL

www.weightloss-meals.com/favicon.ico

107.165.125.108

200 OK

1.2 kB

URL HTTP/1.1
www.weightloss-meals.com/favicon.ico
IP
107.165.125.108:0
ASN
#18779 EGIHOSTING

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:44:32 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 04 Dec 2022 04:44:32 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
939b39d5a9102979f7bbe5f4b313bf6e
3f809386331164701f9a721ea95a92efe446b1eb
d80fa2c6b1557f7b0f5248b22f446ded80574518a0c28ddaf3a2d5318e37c652

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D80FA2C6B1557F7B0F5248B22F446DED80574518A0C28DDAF3A2D5318E37C652"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21532
Expires: Tue, 29 Nov 2022 10:43:25 GMT
Date: Tue, 29 Nov 2022 04:44:33 GMT
Connection: keep-alive

hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
bc648390ae310cb651db5202ac4475b4
c9c7e21f7767f30f1a45bba308609591aaeadb67
d9d5b22d7d12510ef8f82df17ff0cc61040c60dbb72c62a352839b0f84807abd

HTTP Headers

GET /hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 04:44:33 GMT
Etag: 208c320822c5a84ce156663e6d7c75d4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=027B2C8911AAA98D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
f2a724fe9ee2048d6dd1063744def378
5f4115e2f106523ef075bdc9e6e9c89232ef4e48
4f89ac004f62c22ac6803f96b35b7194f8bc9978d3bec5b3fb45ac45b4fd13e4

HTTP Headers

GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 04:44:33 GMT
Etag: e37ca43078f1ca99ef01f211387e32b0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8019131ACCF03D21; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2301
Expires: Tue, 29 Nov 2022 05:22:55 GMT
Date: Tue, 29 Nov 2022 04:44:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2301
Expires: Tue, 29 Nov 2022 05:22:55 GMT
Date: Tue, 29 Nov 2022 04:44:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10445 bytes)
Hash
c76e3c4cc159bda9b9e887fcd449ba51
12d90c36bd455b3b859fdb761b6ed49ea9f98f80
fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10445
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvuDGHaIAMFn_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:31:14 GMT
age: 51200
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: 265257bd-0177-4e63-879b-e9f99d0d16c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTZANFW2oAMFlyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63846ecd-6767ccde3361eb593108603d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 08:18:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntQPVFK12XqhVCMlaq0oIDx7k6e2xQdp1Y67W1nG6ayhG1XFekz5CQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:53:30 GMT
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
age: 67864
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.9 kB (3905 bytes)
Hash
06723cdab42df9b5334f540a8c7ebc60
3bbc44cb84a37ce6a067db4301dd81647a77c29f
9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3905
x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMFcYHE6IAMFmpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJi8Y13bwnYMJDH5WYNxMShIEZef1SYGdHsDY8_vJoPzwT0PhPr0hQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:10:04 GMT
age: 77670
etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8106 bytes)
Hash
5ab97acd46d3380fa12711c96b3c2d35
b703ea2cc2fcd68e60135ff77d5a5f1b93fac128
aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8106
x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnQEhQoAMFbLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UO4hCMgPgR4-ld-QCKgNPrq4p1gduUSA5R4ffZmnFodBj-1_NcFLmg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:37:21 GMT
age: 25633
etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 5183
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4901 bytes)
Hash
c812ff38eed34e674ee4090ffc602358
3515adf47d25a17eec2a62d045d217cd23a0f985
17847348aa28dce436e4181ec86578e154c3a700b48df9bbdb771abaa3d2ed58

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4901
x-amzn-requestid: a5ad8fee-b892-4485-9975-40e183506a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIsO3HDGIAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380272b-5827122433cb8c6d5ab7e300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:23:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MSxsBockYtOQ1vJwadowGgFdFGyqM2R4ax2EQTLoVPu6y0hWy1H1sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 15:12:07 GMT
age: 48747
etag: "3515adf47d25a17eec2a62d045d217cd23a0f985"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

push.zhanzhang.baidu.com/push.js

112.34.113.148

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
112.34.113.148:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 29 Nov 2022 04:44:34 GMT
Etag: "4078521116"
Expires: Wed, 29 Nov 2023 04:44:34 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=1500C0FD21D1E62A03209BBD26B3920A:FG=1; max-age=31536000; expires=Wed, 29-Nov-23 04:44:34 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

www.jxys88.net/news/index.php

173.231.12.68

200 OK

630 B

URL HTTP/2
www.jxys88.net/news/index.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
630 B (630 bytes)
Hash
c6923286d39474b573f61f9ad9dda249
491b5acbb92ddcb379820c2ccbdc9c7f977db5d8
6308772b260a93495bef907edf0fe60bbe46b4ca1f3de2a9f85ccfb063b69dd5

HTTP Headers

GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=589690891&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=61878&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=589690891&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=61878&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=589690891&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=61878&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 04:44:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=25AB8517FF9465BB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

api.share.baidu.com/s.gif?l=http://www.weightloss-meals.com/gym-and-meals

182.61.201.94

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.weightloss-meals.com/gym-and-meals
IP
182.61.201.94:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.weightloss-meals.com/gym-and-meals HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 29 Nov 2022 04:44:35 GMT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
13d04f77a84f5ab5507368a4f4f4d123
b099cc917ef53383a6f3d035c5a74d391c618302
6f4a880197b3d80599716fdf39fbdf75c23b1ffa7cfbacf12d8406c25700c7f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F4A880197B3D80599716FDF39FBDF75C23B1FFA7CFBACF12D8406C25700C7F1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6495
Expires: Tue, 29 Nov 2022 06:32:51 GMT
Date: Tue, 29 Nov 2022 04:44:36 GMT
Connection: keep-alive

www.jxys12.xyz/template/m1938pc/html9/ads/1.gif

173.231.38.5

200 OK

254 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:36 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Thu, 29 Dec 2022 04:44:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif

173.231.38.5

200 OK

193 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 960 x 90\012- data
Size
193 kB (193193 bytes)
Hash
a0f25aca4ee2af38f3d3f5cbfde1bdf8
252b04cdfaa6918b897fc8ef8ae759469ca831eb
89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:36 GMT
content-type: image/gif
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Thu, 29 Dec 2022 04:44:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/images/pic.png

173.231.38.5

200 OK

90 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/images/pic.png
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
HTML document, ASCII text
Size
90 B (90 bytes)
Hash
5341dd3aa19c0eb3bc809f9150e3e833
7beaba24a698410e4ffc93357d82c6f683cbaba1
f4ea9875d59d8391034d2c230808d5812fd183e2c83751288cea542747f5ef53

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/images/pic.png HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:37 GMT
content-type: image/png
content-length: 90
last-modified: Fri, 14 Jan 2022 04:46:48 GMT
etag: "61e10038-5a"
expires: Thu, 29 Dec 2022 04:44:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff

173.231.38.5

200 OK

13 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size
13 kB (13408 bytes)
Hash
99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:37 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
f60c6b4b3e96075bca115394f8ba14a2
d180dda7be8b95f7ed1ff0997f5d20a504747671
be6ba227226bd48acbfc765413c7284fab2055338cb8f6c217edce25090c11a6

HTTP Headers

GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 04:44:37 GMT
Etag: 6c922e423cac98bb2784befaa895596f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=33103C5F1CD1609D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=130580614&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=61882&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=130580614&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=61882&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=130580614&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=61882&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 04:44:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=58241065B30D6ED6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

tt.1468tu.com/58tu/405x204.gif

43.153.174.204

301 Moved Permanently

166 B

URL HTTP/1.1
tt.1468tu.com/58tu/405x204.gif
IP
43.153.174.204:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /58tu/405x204.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 04:44:37 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://tt.1468tu.com:1382/58tu/405x204.gif
Server: X-Y

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
34ebb4233594cd8491eeacc5fa7314ec
1a720e00c78b016f1046a2e62610078af600efe2
976170bbfc62ba9a86f6ed104b8cc175fdf38a38d730d631e2bb1917c152cdab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1598
Cache-Control: max-age=158480
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:38 GMT
Etag: "63855008-118"
Expires: Thu, 01 Dec 2022 00:45:58 GMT
Last-Modified: Tue, 29 Nov 2022 00:19:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public

104.18.2.36

200 OK

309 kB

URL HTTP/2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
IP
104.18.2.36:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
309 kB (308789 bytes)
Hash
799d622d8489838225bdf632d1ae4095
4f6c51fcc2b138919eaffddb4e0552eccd639540
ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8

HTTP Headers

GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/gif
content-length: 308789
cf-ray: 7718b07198e71c0a-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf7jj0DExcr4Eulp_4fW43VFQZ8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
cf-images: internal=ok/- q=0 n=515 c=29+582 v=2022.11.4 l=308789
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
warning: cf-images 299 "original is 182253B smaller"
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ob699.cc/xxx12345.gif

45.153.131.58

200 OK

20 kB

URL HTTP/1.1
ob699.cc/xxx12345.gif
IP
45.153.131.58:0
ASN
#55933 Cloudie Limited

File type
GIF image data, version 89a, 225 x 135\012- data
Size
20 kB (19781 bytes)
Hash
74f156899d26c1a1ef9108ee4023052d
3d2f15dc81ee27a7832947bbb59a7836ccc7f027
b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0

HTTP Headers

GET /xxx12345.gif HTTP/1.1
Host: ob699.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: image/gif
Content-Length: 19781
Last-Modified: Sat, 01 Oct 2022 06:45:45 GMT
Connection: keep-alive
ETag: "6337e219-4d45"
Expires: Thu, 29 Dec 2022 04:44:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2db77de8cd9f561c89e82c3cc121f657
3cfdf7e959e288d04fa8eecee461533178db4db2
c92ed85f05902ddb2b113d13fae24d9e9982b9439aeb0b182352fe78c6ffb3a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 16:16:55 GMT
Expires: Sun, 04 Dec 2022 16:16:54 GMT
Etag: "3cfdf7e959e288d04fa8eecee461533178db4db2"
Cache-Control: max-age=472935,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b072fd1fb511-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a403262c308139c9b1764274621271a
ebdb13810e9d39bc528fd7ee78af0835a0013bb6
d114ef9d20151673a3845eabee68cfc9ff47bd0e45098b1fb2bcc03a54a5b624

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D114EF9D20151673A3845EABEE68CFC9FF47BD0E45098B1FB2BCC03A54A5B624"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1897
Expires: Tue, 29 Nov 2022 05:16:15 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
224a592d7da2d456bca5fbe48af25c66
7811bd881e4fffb0d713b2495a4468b4ed4f289c
f91b7d1ccd13d6c7965fb93977776e019b7c3755bd40b7e76cbd4dab47c607c8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F91B7D1CCD13D6C7965FB93977776E019B7C3755BD40B7E76CBD4DAB47C607C8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2020
Expires: Tue, 29 Nov 2022 05:18:18 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdd23460571e06be2b5384a4362b213
16016e9ac93fc8ee63645863d0e6a0536e99de26
9b348e405da997965bbfb5a714755ebe7b05744f6e83e4c635e42d5fa9e282d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B348E405DA997965BBFB5A714755EBE7B05744F6E83E4C635E42D5FA9E282D1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18580
Expires: Tue, 29 Nov 2022 09:54:18 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public

104.18.2.36

200 OK

24 kB

URL HTTP/2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
IP
104.18.2.36:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
24 kB (24176 bytes)
Hash
2ca0538b0b77324a38cf2b74f16cb6fe
0ef6374accaaedf856fe2532b8001519894e7fbf
2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4

HTTP Headers

GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 24176
cf-ray: 7718b073d94f1c0a-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfECSi5uQ1bVzCSelFGwcyrA"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=855 c=1+45 v=2022.10.4 l=24176
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
fc796901ab3b12631015f01cd27c8d23
d04e98b67b1455b1a6fb826506eef6f72297c187
481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "481C32F7F67F95E55A1FACFDDE3CDB7917E686D1BA1979F96089CB9D3B4F834A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19254
Expires: Tue, 29 Nov 2022 10:05:32 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
9ab45e9920220fcf9443b2bf81ba6a7d
703ba61cb928fc585c0cc2e870ce9e53dab82401
e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 01:55:04 GMT
ETag: "703ba61cb928fc585c0cc2e870ce9e53dab82401"
Last-Modified: Tue, 29 Nov 2022 01:55:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2333
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718b073ec400b51-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
9ab45e9920220fcf9443b2bf81ba6a7d
703ba61cb928fc585c0cc2e870ce9e53dab82401
e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 01:55:04 GMT
ETag: "703ba61cb928fc585c0cc2e870ce9e53dab82401"
Last-Modified: Tue, 29 Nov 2022 01:55:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2333
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718b073eb62fab8-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2407bce7f479414a44ac764a4b56fbb3
d41cfcd80b63de62dc36c6a127ef4f9d6399c020
6b1ec32a3ce6d986ba2693569191df148e5b9eff019a18336a98a955b0dfbe3d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B1EC32A3CE6D986BA2693569191DF148E5B9EFF019A18336A98A955B0DFBE3D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9023
Expires: Tue, 29 Nov 2022 07:15:01 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif

172.67.209.49

200 OK

48 kB

URL HTTP/2
www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif
IP
172.67.209.49:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 150 x 150\012- data
Size
48 kB (47538 bytes)
Hash
238e06fae36a60963dd217adc895c9e4
feb1b8c405b5e162fb23a7727aedb83eae0a9e9f
321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce

HTTP Headers

GET /upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif HTTP/1.1
Host: www.yssydh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/gif
content-length: 47538
last-modified: Wed, 27 Jul 2022 08:34:24 GMT
etag: "62e0f890-b9b2"
expires: Sat, 03 Dec 2022 16:45:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2203143
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bs8U0lYlxFsZ%2FDWWgoNsikIhjLiogMM%2FlBth803Udf8LwobucTp4dxcYrukMdEfW9F23fzIIh2K1UwGv4LN6RQ7eE2K15nb6NahezPm8P6WLkR4GoyT%2FuK%2BEVcUm0BIeTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b0742b58b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2dcd02f5e606a5de0774b49602d0b822
7745b6c7971f36e45d31df200626183f63b8db3f
9a386f7a255fc7ce125c07918a313d8877cdc084d5f5874eccfe116d7dfb2dbd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 20:52:34 GMT
Expires: Fri, 02 Dec 2022 20:52:33 GMT
Etag: "7745b6c7971f36e45d31df200626183f63b8db3f"
Cache-Control: max-age=316674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b072fb10b527-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b407444fc65f86948d0f257a7a63c73c
2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1
300712a9df82ffbb5fd337feddd86f3b23bc602b78969fee87fda5d6de9b05f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:19:39 GMT
Expires: Sat, 03 Dec 2022 15:19:38 GMT
Etag: "2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1"
Cache-Control: max-age=383099,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b072fab8b521-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
05a0f2361d59025f990151a11544fac7
aacd1da65ef5f20449147ab2111a0ed0e589a86c
fccfa19f97dab4686510892b89165f2391ff1cec9c6a16ec597fe4fcfd74165d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCCFA19F97DAB4686510892B89165F2391FF1CEC9C6A16EC597FE4FCFD74165D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8302
Expires: Tue, 29 Nov 2022 07:03:00 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0262bdb2a5c0432d40d36cd9e3f133b1
0ffef801a05eb8a92497aae04daeb6c2748de482
771ecb84a2bc4aceb92524a4e44718a439eee03aa761f88a1e739378f1dbf330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:31:14 GMT
Expires: Sun, 04 Dec 2022 15:31:13 GMT
Etag: "0ffef801a05eb8a92497aae04daeb6c2748de482"
Cache-Control: max-age=470194,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b0738d56b511-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b4bc4d091d314a559fc8d4b2dbbb5f5
62f9d886b9e85e64462f75988e0d0b349c569c0d
87050cc8e0e155a6fe7fd11ae7270d58f539f9a022be944778cad0a17ebef22f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87050CC8E0E155A6FE7FD11AE7270D58F539F9A022BE944778CAD0A17EBEF22F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3481
Expires: Tue, 29 Nov 2022 05:42:39 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b4bc4d091d314a559fc8d4b2dbbb5f5
62f9d886b9e85e64462f75988e0d0b349c569c0d
87050cc8e0e155a6fe7fd11ae7270d58f539f9a022be944778cad0a17ebef22f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87050CC8E0E155A6FE7FD11AE7270D58F539F9A022BE944778CAD0A17EBEF22F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3481
Expires: Tue, 29 Nov 2022 05:42:39 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://max009.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8c860f6cc16cec53769d4433e6f0ddf2
2bf2252d9f68bdb1504969d1216a0e9f1873a865
7107d5b0e028993ce463eb29eebae9f15bcd8ff4403a0d15f909861ef9e676c5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 10:05:42 GMT
Expires: Sat, 03 Dec 2022 10:05:41 GMT
Etag: "2bf2252d9f68bdb1504969d1216a0e9f1873a865"
Cache-Control: max-age=364262,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b072fab7b521-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03155dd0188bbb26580d8aa9b9a128ea
f51e0dd8ab1a0c0a260b866525acd296d4e7f105
c8ae8c1d1166b7a0d166fe89aa95c74c00fcd8edc94aa95b5aef8a2b33d87999

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8AE8C1D1166B7A0D166FE89AA95C74C00FCD8EDC94AA95B5AEF8A2B33D87999"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16299
Expires: Tue, 29 Nov 2022 09:16:17 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03155dd0188bbb26580d8aa9b9a128ea
f51e0dd8ab1a0c0a260b866525acd296d4e7f105
c8ae8c1d1166b7a0d166fe89aa95c74c00fcd8edc94aa95b5aef8a2b33d87999

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8AE8C1D1166B7A0D166FE89AA95C74C00FCD8EDC94AA95B5AEF8A2B33D87999"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16299
Expires: Tue, 29 Nov 2022 09:16:17 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://kvkddd.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient

104.110.17.24

200 OK

151 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 120\012- data
Size
151 kB (151061 bytes)
Hash
89c820a186cb325d9979cdae663875eb
e9dbc77e9d46e03ebec28aaca2bf5e302767064f
9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade

HTTP Headers

GET /images/0102y120009tf26vrA1E9.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 151061
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7724131
expires: Sun, 26 Feb 2023 14:20:09 GMT
date: Tue, 29 Nov 2022 04:44:38 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
53a9e6075e0614555254a4c3908fba86
731233b1e5b778588a42355e2123948ecf800cbb
0f348a69f07626c93e6dacdae01c1f7b6c0d94f484b9a645ce755cf565249f91

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:32:10 GMT
Expires: Tue, 06 Dec 2022 04:32:09 GMT
Etag: "731233b1e5b778588a42355e2123948ecf800cbb"
Cache-Control: max-age=603450,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b072fcb8b4f9-OSL

kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
9fc1b99a217ae7a16971181fd27b3144
f35a3271078f2eb3fa9c6e5ab5ab4d757ee2a457
784a6816aadadfc7a34ecdae2c86dfd0b971314f7db79e22906bf4fa368925fb

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 00:01:01 GMT
Expires: Tue, 06 Dec 2022 00:01:00 GMT
Etag: "f35a3271078f2eb3fa9c6e5ab5ab4d757ee2a457"
Cache-Control: max-age=587181,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b0753ec30b55-OSL

kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d27e0525e331a4c3ae096be1a00433af
764b36118b987432e13dd88b9b446a8ec0dc13e9
0929458f0ff0dceccb96bfc844263380c5424939c2e03a59bc4d71d764c4271c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0929458F0FF0DCECCB96BFC844263380C5424939C2E03A59BC4D71D764C4271C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5089
Expires: Tue, 29 Nov 2022 06:09:27 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

ocsp.buypass.com/

23.36.76.200

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.200:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
36216e04f51d2e8876be4510b1e7c7f0
fe80784e1649b75fad562921cefa907d5bc98f40
2f3783a7390af50e2a85d555dde85b6c6a2de0e4f188659e93b8b5888fa90744

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: ff42f1f1-ed1a-42ac-9f43-977431812938
Content-Length: 1700
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

ocsp.buypass.com/

23.36.76.200

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.200:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
36216e04f51d2e8876be4510b1e7c7f0
fe80784e1649b75fad562921cefa907d5bc98f40
2f3783a7390af50e2a85d555dde85b6c6a2de0e4f188659e93b8b5888fa90744

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 395e241a-234d-4604-83e0-e191de0a9f5f
Content-Length: 1700
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
233e57f60023d3cdf4dfa75d53a03eb3
9dac5203260858b4de4682f9f610618454b5bb01
7f1b74086414ff31f9ab16fd18a8dadb7d7b77023e6bde0b9bbd5aa749a53d93

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F1B74086414FF31F9AB16FD18A8DADB7D7B77023E6BDE0B9BBD5AA749A53D93"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16153
Expires: Tue, 29 Nov 2022 09:13:51 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://max009.top/7546c860e55fa3bf22e5cd95994dd097.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://kvkddd.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/mm-content.css

173.231.38.5

200 OK

160 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/mm-content.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
160 kB (159785 bytes)
Hash
517f0c2f6922be5e5deef337a80ea701
47749910893ed3f44f36b82c237cfa6e8881c27e
5d29dcabbe33539247a932acbc455a5ed6a32e25053135078e42d8d050659d1d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:36 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Tue, 29 Nov 2022 16:44:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1fbb7f61e76866ea359f7919c12bef99
e60b44b493885b9e3bfcd727a512d8fded812887
87e51cc1ada762613fa8ddea12a61e0bfc1056f679cc8f7e4a464e4a6e77861a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 03:39:04 GMT
Expires: Sun, 04 Dec 2022 03:39:03 GMT
Etag: "e60b44b493885b9e3bfcd727a512d8fded812887"
Cache-Control: max-age=427464,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b074eddab511-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
73587ccc1a1457c55594ab1245f9ef77
ff034ade54f7c8486ef4464f8946da5e5b463ade
df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 03:18:53 GMT
ETag: "ff034ade54f7c8486ef4464f8946da5e5b463ade"
Last-Modified: Tue, 29 Nov 2022 03:18:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718b074ec900b51-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
73587ccc1a1457c55594ab1245f9ef77
ff034ade54f7c8486ef4464f8946da5e5b463ade
df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 03:18:53 GMT
ETag: "ff034ade54f7c8486ef4464f8946da5e5b463ade"
Last-Modified: Tue, 29 Nov 2022 03:18:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718b0763ce40b51-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
2cc706a5f9e09fc0e8a1a52b930d00e7
83c6c19040243f9557381da2ea23151318e77b09
48f4753c03d844e325ad70adee36435463931ef82e1137dbe5f82a5fd9f335f7

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 01:49:05 GMT
ETag: "83c6c19040243f9557381da2ea23151318e77b09"
Last-Modified: Tue, 29 Nov 2022 01:49:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2333
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718b07658480b02-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

343 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
343 B (343 bytes)
Hash
9347e1cd2af04f5ca48a31f0bc3da7ae
22beae35c318731eaa78a824f051831c85b508ef
6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "6276E91FB8F11D447C6EB8E1EF977B69DB6934FCC8793A479D195DB13DF23F0C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9547
Expires: Tue, 29 Nov 2022 07:23:45 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

343 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
343 B (343 bytes)
Hash
9347e1cd2af04f5ca48a31f0bc3da7ae
22beae35c318731eaa78a824f051831c85b508ef
6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "6276E91FB8F11D447C6EB8E1EF977B69DB6934FCC8793A479D195DB13DF23F0C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9547
Expires: Tue, 29 Nov 2022 07:23:45 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg

104.22.12.214

200 OK

14 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
14 kB (14387 bytes)
Hash
c814bbc877c9b41935908734d76b7778
7ba4a76ea6941ff9b06fff0ecadfd0abb64d719d
df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5

HTTP Headers

GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/jpeg
content-length: 14387
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15124, status=webp_bigger
etag: "5e11cf7d-3b14"
last-modified: Sun, 05 Jan 2020 11:58:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2332
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b076ac3f1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg

104.22.12.214

200 OK

7.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.2 kB (7200 bytes)
Hash
4858cbdc894b0a591319a947ff5d5db3
e01e4efdccc57ae3baf8f24a10dd9a726904f766
da1e76bdee447c2fc67b2da81b4067947f4cee2798ecf0903f16d9fb10b64c81

HTTP Headers

GET /upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 7200
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8578
content-disposition: inline; filename="q2aftvnkn2q1356q2aftvnkn2q145240.webp"
etag: "638058fe-2182"
last-modified: Fri, 25 Nov 2022 05:56:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2332
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc411bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg

104.22.12.214

200 OK

4.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4468 bytes)
Hash
174c271fbd41b05e66270e9f781e8dc1
6f7b0f3b4e5527db1c55921da243ce6318be9e85
20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf

HTTP Headers

GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 4468
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6775
content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp"
etag: "5dc4c133-1a77"
last-modified: Fri, 08 Nov 2019 01:13:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc421bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/swlyhvxsn3k1335swlyhvxsn3k316316.jpg

104.22.12.214

200 OK

4.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/swlyhvxsn3k1335swlyhvxsn3k316316.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4492 bytes)
Hash
69be43384dd099d503d6425448adee34
1d182a9da3cd8d670f7ed053cf10cfe0e2851433
1b55f9a42d7b3cc95511e9aa34a3954f359bfe192c0b69064050860dd73ead79

HTTP Headers

GET /upload/vod/2022/11-28/13/swlyhvxsn3k1335swlyhvxsn3k316316.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 4492
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6912
content-disposition: inline; filename="swlyhvxsn3k1335swlyhvxsn3k316316.webp"
etag: "638448a3-1b00"
last-modified: Mon, 28 Nov 2022 05:35:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc451bfe-OSL
X-Firefox-Spdy: h2

kveff.com/68a7807de3933bf7079116fa9df99e6f.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: text/html
content-length: 162
location: https://max002.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/edxyu2zpif01335edxyu2zpif0196290.jpg

104.22.12.214

200 OK

7.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/edxyu2zpif01335edxyu2zpif0196290.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.8 kB (7776 bytes)
Hash
94b7098d95208d480e4bf14236c99990
f13f76c4adba5ee150d568d268ea9c83e49f3d28
684ef985c8f535d753f3704d0b96467a3e89b80397f0ac1220cf1e63df29cb28

HTTP Headers

GET /upload/vod/2022/11-28/13/edxyu2zpif01335edxyu2zpif0196290.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 7776
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8667
content-disposition: inline; filename="edxyu2zpif01335edxyu2zpif0196290.webp"
etag: "63844897-21db"
last-modified: Mon, 28 Nov 2022 05:35:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc461bfe-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
313a4af0587cf0130df762583804464b
2e81dd41e78c4b094f32575b1727a1c9207a1af1
77c2410d58d53811ae7b701ff4c501b6a21c9af6d27189170e725573ce07db2f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77C2410D58D53811AE7B701FF4C501B6A21C9AF6D27189170E725573CE07DB2F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19211
Expires: Tue, 29 Nov 2022 10:04:49 GMT
Date: Tue, 29 Nov 2022 04:44:38 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg

104.22.12.214

200 OK

5.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5568 bytes)
Hash
187a056e67fd5cb46bc7c783f9a9fdac
4ee4e1bf29186fa2c4d5373fe121a6a6031a8737
a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171

HTTP Headers

GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 5568
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6690
content-disposition: inline; filename="2omtifvgwvo16482omtifvgwvo282149.webp"
etag: "6349225c-1a22"
last-modified: Fri, 14 Oct 2022 08:48:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc441bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/tst0suxpwqn1335tst0suxpwqn216294.jpg

104.22.12.214

200 OK

7.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/tst0suxpwqn1335tst0suxpwqn216294.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.3 kB (7300 bytes)
Hash
78ca33bcc515e6651b3f86b563f4adde
1aa9831fe487e9f92b377acf7a59fb25d255a4dd
5f0ea2152c6e4237394d893b6a43154c7db9cea516ca4b2d1d18fcbbf3c4c3d0

HTTP Headers

GET /upload/vod/2022/11-28/13/tst0suxpwqn1335tst0suxpwqn216294.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 7300
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8447
content-disposition: inline; filename="tst0suxpwqn1335tst0suxpwqn216294.webp"
etag: "63844899-20ff"
last-modified: Mon, 28 Nov 2022 05:35:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc481bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg

104.22.12.214

200 OK

8.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.2 kB (8224 bytes)
Hash
81267f0dd2a21a97169d2dff3bb67578
ec4b5545c42d0a756a2c5304979385195727d80f
d2ccc3a3f54595284db2b42186999635433f6d4beab91a1ca15d54a8bbc51de2

HTTP Headers

GET /upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 8224
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9431
content-disposition: inline; filename="5uhe5rvsnvm10155uhe5rvsnvm1724067.webp"
etag: "5dc4cfb5-24d7"
last-modified: Fri, 08 Nov 2019 02:15:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc401bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/w5advwm3stk1335w5advwm3stk296312.jpg

104.22.12.214

200 OK

5.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/w5advwm3stk1335w5advwm3stk296312.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.9 kB (5886 bytes)
Hash
d30e29788a351c0d9f5692b683d2f8cd
2765e1f06f47d3cbb8ceaadc46467c038146f960
c5d878d180374a8d47665158142a664c93d72b459ca2abadbf016d552e818906

HTTP Headers

GET /upload/vod/2022/11-28/13/w5advwm3stk1335w5advwm3stk296312.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 5886
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7261
content-disposition: inline; filename="w5advwm3stk1335w5advwm3stk296312.webp"
etag: "638448a1-1c5d"
last-modified: Mon, 28 Nov 2022 05:35:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc431bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/yypa41uo1f41335yypa41uo1f4246302.jpg

104.22.12.214

200 OK

10 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/yypa41uo1f41335yypa41uo1f4246302.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10056 bytes)
Hash
c3f05d63b499d1426f8e4ce2a4e384a4
1f27bb24557fd99d1e0fadb074a2343400c3b2f7
5ad2b70134f43bdb67b842b9312b5dc062b744e4b01c2712ef770ed3a4795969

HTTP Headers

GET /upload/vod/2022/11-28/13/yypa41uo1f41335yypa41uo1f4246302.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 10056
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10846
content-disposition: inline; filename="yypa41uo1f41335yypa41uo1f4246302.webp"
etag: "6384489c-2a5e"
last-modified: Mon, 28 Nov 2022 05:35:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc4d1bfe-OSL
X-Firefox-Spdy: h2

200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg

23.224.61.222

200 OK

57 kB

URL HTTP/1.1
200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
IP
23.224.61.222:0
ASN
#40065 CNSERVERS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data
Size
57 kB (57375 bytes)
Hash
61b977b3527d7c0e27e2af877b5a5c59
4a1f0beee6c8215da2bfda76b5f1c87d62925bfc
945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff

HTTP Headers

GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1
Host: 200.benbenys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Server: Apache
Expires: Thu, 29 Dec 2022 04:44:38 GMT
Pragma: cache
Cache-Control: max-age=2592000
Upgrade: h2
Connection: Upgrade, close
Content-Length: 57375
Content-Type: image/jpeg

339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif

103.170.15.103

200 OK

113 kB

URL HTTP/1.1
339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif
IP
103.170.15.103:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
113 kB (113076 bytes)
Hash
293a0887f1ab0b9517c19b77d51626dd
74adbd76d248f6cfc5cffdfaaaaaf942b69b080b
e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /47a7724b974a47a0a7ff9b1c9af7a26c.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b942d-1b9b4"
Date: Sun, 27 Nov 2022 16:13:15 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:34:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 113076

i.ibb.co/tL26d3m/240x140.gif

162.19.58.156

404 Not Found

1.0 kB

URL HTTP/2
i.ibb.co/tL26d3m/240x140.gif
IP
162.19.58.156:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size
1.0 kB (1031 bytes)
Hash
7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

HTTP Headers

GET /tL26d3m/240x140.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg

104.22.12.214

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
11 kB (11122 bytes)
Hash
b022836144761d53fd172695cd436216
71dd9ccacd6072c9aeab040b290e151ff01e8d02
6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918

HTTP Headers

GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/jpeg
content-length: 11122
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11646, status=webp_bigger
etag: "5dc4d015-2d7e"
last-modified: Fri, 08 Nov 2019 02:16:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b076bc4a1bfe-OSL
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
73587ccc1a1457c55594ab1245f9ef77
ff034ade54f7c8486ef4464f8946da5e5b463ade
df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 03:18:53 GMT
ETag: "ff034ade54f7c8486ef4464f8946da5e5b463ade"
Last-Modified: Tue, 29 Nov 2022 03:18:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718b0760bb8fab8-OSL

lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg

104.22.12.214

200 OK

5.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.7 kB (5660 bytes)
Hash
faf004bc3a9c3aeedccee94f15c2c8f1
024c98c2cc5fd5abbe46d5376bdf741e0171c231
eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d

HTTP Headers

GET /upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 5660
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6650
content-disposition: inline; filename="v5mpxydlmyj1112v5mpxydlmyj341679.webp"
etag: "6371b223-19fa"
last-modified: Mon, 14 Nov 2022 03:12:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc471bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/n4ypwectl5m1335n4ypwectl5m226298.jpg

104.22.12.214

200 OK

5.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/n4ypwectl5m1335n4ypwectl5m226298.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5556 bytes)
Hash
9de4c86aeb08d6f8a6fc164e722de4ca
a5d895d894361b7390f10956e1a57844986f1cd5
ee0adc9a7959caadc003e437c15302cbcd598d8d51d98528685cfd1377455264

HTTP Headers

GET /upload/vod/2022/11-28/13/n4ypwectl5m1335n4ypwectl5m226298.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 5556
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6655
content-disposition: inline; filename="n4ypwectl5m1335n4ypwectl5m226298.webp"
etag: "6384489b-19ff"
last-modified: Mon, 28 Nov 2022 05:35:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc4b1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg

104.22.12.214

200 OK

9.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.5 kB (9504 bytes)
Hash
8fe9c506b4edb32a653396705f3120a6
d2eff7b1c1bfac9c1cd04ffece89fde07b0dd470
4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0

HTTP Headers

GET /upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 9504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10345
content-disposition: inline; filename="voxkidqmc5v1447voxkidqmc5v04679.webp"
etag: "6350eee8-2869"
last-modified: Thu, 20 Oct 2022 06:47:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076bc4c1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/11wp2qvcp4m133511wp2qvcp4m186288.jpg

104.22.12.214

200 OK

6.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/11wp2qvcp4m133511wp2qvcp4m186288.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.1 kB (6114 bytes)
Hash
cb289b33537c94f5b0fb6a57cb4d43fa
14710b0bb96871ad62a7da07beaba4ca1d46511f
9bbc038d5a4ae97b6f70f932dac3a777ebc61ce2b989486f732c47e01aa8c2bb

HTTP Headers

GET /upload/vod/2022/11-28/13/11wp2qvcp4m133511wp2qvcp4m186288.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 6114
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7211
content-disposition: inline; filename="11wp2qvcp4m133511wp2qvcp4m186288.webp"
etag: "63844896-1c2b"
last-modified: Mon, 28 Nov 2022 05:35:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076cc531bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg

104.22.12.214

200 OK

7.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.2 kB (7212 bytes)
Hash
6a2aff2dcfb0664ccc2282c5719dca38
b71513f6cf6d3021faaaed9e42c3a61fa416a835
c473cf8ebaaecfc9cbd017fde1f7bf5db01a56615f5b0ee4b90f130855091492

HTTP Headers

GET /upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 7212
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9321
content-disposition: inline; filename="l1ptmarpcmz1453l1ptmarpcmz476122.webp"
etag: "6383097b-2469"
last-modified: Sun, 27 Nov 2022 06:53:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2332
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076ec571bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/03s1agsxfpo133503s1agsxfpo226296.jpg

104.22.12.214

200 OK

8.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/03s1agsxfpo133503s1agsxfpo226296.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.4 kB (8412 bytes)
Hash
b30c3f4ead010cee92fd4085c44ac5f0
2345edc988822d873e0075ef48ecf3f40eeb4929
ec9fbc7391e5d8993bb6ee6331975e87ce5acdd5a94de10fa0f4f22087198f88

HTTP Headers

GET /upload/vod/2022/11-28/13/03s1agsxfpo133503s1agsxfpo226296.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 8412
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9533
content-disposition: inline; filename="03s1agsxfpo133503s1agsxfpo226296.webp"
etag: "6384489a-253d"
last-modified: Mon, 28 Nov 2022 05:35:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b076ec591bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/35fspfucs0p133535fspfucs0p236300.jpg

104.22.12.214

200 OK

6.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/35fspfucs0p133535fspfucs0p236300.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.4 kB (6404 bytes)
Hash
6057bab6390dfa52acfb7c909daa3780
76c4fd581b003e0d6dc81feeb18040b959035552
2f28132755bf27845851354e7bf15ee6e139562ed411152c1a4938e7b4b8ba6f

HTTP Headers

GET /upload/vod/2022/11-28/13/35fspfucs0p133535fspfucs0p236300.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 6404
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7392
content-disposition: inline; filename="35fspfucs0p133535fspfucs0p236300.webp"
etag: "6384489b-1ce0"
last-modified: Mon, 28 Nov 2022 05:35:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0771c621bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/5ge3qzto32513355ge3qzto325256304.jpg

104.22.12.214

200 OK

9.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/5ge3qzto32513355ge3qzto325256304.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.7 kB (9728 bytes)
Hash
f97716c9cf6a28b9090b0de5143221d5
5da983d9171a6a0fc219873012d9d91108fcc125
6a79eecdb7f0a7b652505c86e121fe6b6f7898c5fcf56695a6b9cccc25b61f6e

HTTP Headers

GET /upload/vod/2022/11-28/13/5ge3qzto32513355ge3qzto325256304.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 9728
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10573
content-disposition: inline; filename="5ge3qzto32513355ge3qzto325256304.webp"
etag: "6384489d-294d"
last-modified: Mon, 28 Nov 2022 05:35:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0774c6b1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/jjy5x0xieib1335jjy5x0xieib276308.jpg

104.22.12.214

200 OK

9.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/jjy5x0xieib1335jjy5x0xieib276308.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.1 kB (9100 bytes)
Hash
0df8730f164c8ca030cae7a5f232d7d2
ddae230735be58dfa9e3c427bea78ea92aaa5bf7
682b5c4dd6447da8fdad3f93958c77f94479b0e747cebeec1bdf08d7a44123ce

HTTP Headers

GET /upload/vod/2022/11-28/13/jjy5x0xieib1335jjy5x0xieib276308.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 9100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10082
content-disposition: inline; filename="jjy5x0xieib1335jjy5x0xieib276308.webp"
etag: "6384489f-2762"
last-modified: Mon, 28 Nov 2022 05:35:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0774c6a1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg

104.22.12.214

200 OK

8.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.7 kB (8736 bytes)
Hash
7bfbd10c68b3b32f40128c92669b07cb
43b9f512dcf14d6e601fe2957013878d3776bc90
415c375b82e01d275b8f617318c7251c31d5fb14bd92366e0ca3ec9d711492dd

HTTP Headers

GET /upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 8736
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10968
content-disposition: inline; filename="2akielas4ot14532akielas4ot386104.webp"
etag: "63830972-2ad8"
last-modified: Sun, 27 Nov 2022 06:53:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2332
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0775c721bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/fhu3hkfy5ra1335fhu3hkfy5ra266306.jpg

104.22.12.214

200 OK

6.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/fhu3hkfy5ra1335fhu3hkfy5ra266306.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.9 kB (6944 bytes)
Hash
8d2915b6936e3f5b26b4dfc66d932d36
14a650c1b096feea8c40b628cf47b22329c58a63
82da90108f2dd0f3b987609c7bc2f7e3504f52b3c8b5963e38175c2c5d634316

HTTP Headers

GET /upload/vod/2022/11-28/13/fhu3hkfy5ra1335fhu3hkfy5ra266306.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 6944
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7964
content-disposition: inline; filename="fhu3hkfy5ra1335fhu3hkfy5ra266306.webp"
etag: "6384489e-1f1c"
last-modified: Mon, 28 Nov 2022 05:35:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0775c701bfe-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7e5a6e2829f4d2b20b0062d9930aa711
ebb93b1d6ee2f9009e2d1753aab77b2b6de0f56c
81b0cc31edbd181e23d043f69d3487e0ad57a893665af3cc9ebb1fcdd97d89a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168025
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:38 GMT
Etag: "63857b8f-1d7"
Expires: Thu, 01 Dec 2022 03:25:03 GMT
Last-Modified: Tue, 29 Nov 2022 03:25:03 GMT
Server: nginx
Content-Length: 471

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/sd3uwlnfcm31335sd3uwlnfcm3306314.jpg

104.22.12.214

200 OK

6.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/sd3uwlnfcm31335sd3uwlnfcm3306314.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.3 kB (6284 bytes)
Hash
d522d094063825c17236698af6785ee9
f2cec336d561fd3c26455600a9c14234014ae039
a85b635533bec4280e011c155eac4f33d0fecd56dd42a096cf00a1d4532cbc4c

HTTP Headers

GET /upload/vod/2022/11-28/13/sd3uwlnfcm31335sd3uwlnfcm3306314.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 6284
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8471
content-disposition: inline; filename="sd3uwlnfcm31335sd3uwlnfcm3306314.webp"
etag: "638448a2-2117"
last-modified: Mon, 28 Nov 2022 05:35:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0775c711bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg

104.22.12.214

200 OK

13 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
13 kB (12826 bytes)
Hash
64e5d30e2c9ff8d2beacad9f64a97e7a
7fa9fc846cd7c6695ca6bdb2bd46e21a76f9f1ae
fef9d085f8ed814c53c48d162379bf86971f29ec4a7b7e3d2a962a006fca5de7

HTTP Headers

GET /upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/jpeg
content-length: 12826
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13483, status=webp_bigger
etag: "638449cb-34ab"
last-modified: Mon, 28 Nov 2022 05:40:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b0776c731bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/3cktbr5e43s13353cktbr5e43s286310.jpg

104.22.12.214

200 OK

8.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/3cktbr5e43s13353cktbr5e43s286310.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.6 kB (8564 bytes)
Hash
846fc2e5c7fde4844189c7c5352c0e86
e00eca00bf7599eccaa69465e5ce3f61f1521440
d26603230ebb610c61e8ac8209446feb6ec0e57a7eba6c0b05329982bbf3fa84

HTTP Headers

GET /upload/vod/2022/11-28/13/3cktbr5e43s13353cktbr5e43s286310.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 8564
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9688
content-disposition: inline; filename="3cktbr5e43s13353cktbr5e43s286310.webp"
etag: "638448a0-25d8"
last-modified: Mon, 28 Nov 2022 05:35:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0776c741bfe-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
62ab0caeab837e52beb85fc332e51d01
e53946379c035bd3532b3cdaef22d122b894b3a1
38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1527
Cache-Control: max-age=149751
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:38 GMT
Etag: "63852e36-2d7"
Expires: Wed, 30 Nov 2022 22:20:29 GMT
Last-Modified: Mon, 28 Nov 2022 21:55:02 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 727

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
62ab0caeab837e52beb85fc332e51d01
e53946379c035bd3532b3cdaef22d122b894b3a1
38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2366
Cache-Control: max-age=150590
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:38 GMT
Etag: "63852e36-2d7"
Expires: Wed, 30 Nov 2022 22:34:28 GMT
Last-Modified: Mon, 28 Nov 2022 21:55:02 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 727

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rwe3egzutrh1335rwe3egzutrh206292.jpg

104.22.12.214

200 OK

9.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rwe3egzutrh1335rwe3egzutrh206292.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.8 kB (9796 bytes)
Hash
7a73f0cfbab7791e5f97b92fbcc0af57
5169d28cc09dff8a5e2499881032302ddaf068ee
8c2a920257bc6b41db99fadce0ac011f8a1d8a3117c600105dae0c55b6eb0de5

HTTP Headers

GET /upload/vod/2022/11-28/13/rwe3egzutrh1335rwe3egzutrh206292.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 9796
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10754
content-disposition: inline; filename="rwe3egzutrh1335rwe3egzutrh206292.webp"
etag: "63844898-2a02"
last-modified: Mon, 28 Nov 2022 05:35:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2333
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0776c751bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg

104.22.12.214

200 OK

8.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.5 kB (8502 bytes)
Hash
470fbc0b663330b5a2fd1c629f26c7a1
8e259d89553d796f1c8fe0d0592a390242787384
b7169cb05b7a76be7d7151047de2f729af659bb75e5bd953edc027b18eebd78d

HTTP Headers

GET /upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/webp
content-length: 8502
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9636
content-disposition: inline; filename="bv24ubfd0w11334bv24ubfd0w1463373.webp"
etag: "6379bc76-25a4"
last-modified: Sun, 20 Nov 2022 05:34:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2332
accept-ranges: bytes
server: cloudflare
cf-ray: 7718b0776c761bfe-OSL
X-Firefox-Spdy: h2

zhibo128x.xyz/128/318X216.gif

154.83.25.141

200 OK

90 kB

URL HTTP/1.1
zhibo128x.xyz/128/318X216.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 318 x 216\012- data
Size
90 kB (89870 bytes)
Hash
fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d

HTTP Headers

GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 29 Nov 2022 04:44:00 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Wed, 30 Nov 2022 00:43:29 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

api.79zxcv.com/sh/328.js

18.141.56.242

200 OK

463 B

URL HTTP/1.1
api.79zxcv.com/sh/328.js
IP
18.141.56.242:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (463), with no line terminators
Size
463 B (463 bytes)
Hash
4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sh/328.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS

api.79zxcv.com/sh/317.js

18.141.56.242

200 OK

463 B

URL HTTP/1.1
api.79zxcv.com/sh/317.js
IP
18.141.56.242:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (463), with no line terminators
Size
463 B (463 bytes)
Hash
4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sh/317.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d3b307de2bf339f4b96d2c1223e0f585
6dbb2e1f1ffc56576314ef14da30c4d46b6a868f
62ca2ed602e780aa5ea90ceba1819c231af058ae47a631a88925fd369977b71f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:45:21 GMT
Expires: Sun, 04 Dec 2022 01:45:20 GMT
Etag: "6dbb2e1f1ffc56576314ef14da30c4d46b6a868f"
Cache-Control: max-age=420640,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b076dc70b521-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
fc796901ab3b12631015f01cd27c8d23
d04e98b67b1455b1a6fb826506eef6f72297c187
481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "481C32F7F67F95E55A1FACFDDE3CDB7917E686D1BA1979F96089CB9D3B4F834A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19253
Expires: Tue, 29 Nov 2022 10:05:32 GMT
Date: Tue, 29 Nov 2022 04:44:39 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
7d22f279fb06e2257a10f1f343db46da
713e6f6e7fb101801cdb788aad5545d1e4003459
6d18eb37fdf20cb0811f10b9b038b5d240f3037e0562f7a785658b03871314c1

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 04:39:31 GMT
Expires: Sat, 03 Dec 2022 04:39:30 GMT
Etag: "713e6f6e7fb101801cdb788aad5545d1e4003459"
Cache-Control: max-age=344690,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b0771f510b55-OSL

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
d20b3eeb10a5d2a25e6dac63522bf57d
0a2249dcef688c79a67cfdd7a1e559ede99be925
5904afabafe989992cd033150690f3cd225b66eb0b444b1a39f088c275e0355e

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=39
Date: Tue, 29 Nov 2022 04:44:39 GMT
Connection: keep-alive

p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb

47.246.44.228

200 OK

440 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb
IP
47.246.44.228:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
440 kB (439790 bytes)
Hash
07ad6948d174b603a75e166a521bbb04
d08af2d0fc9693ce636e66cbb89277875d7954f4
40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b

HTTP Headers

GET /obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 439790
date: Sat, 26 Nov 2022 13:16:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 11:30:39 GMT
nw-session-id: 2022112619303901015013207634B66C26h2vnt03dy
nw-session-trace: 2022-11-26T19:30:39.564101929+08:00 31
x-bdcdn-cache-status: TCP_HIT
x-length: 439790
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 19:30:39 GMT
x-tt-logid: 2022112619303901015013207634B66C26
via: n150-059-155, cache1.l2de2[0,0,206-0,H], cache14.l2de2[1,0], cache14.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 017a400951cb8b1f6f99182a8c8a87682f36a7bc8c9d51c44eea0062d5621a593cf11ecf59e1d039d14eacf478f79a4f6c371b82af94314a1c2da27ab8970cef0e421d48454c58e7340acddc4faf3a396fa65def9cb218d02bc5986a2c25b010d8
x-response-lb: image
ali-swift-global-savetime: 1669468593
age: 228486
x-cache: HIT TCP_MEM_HIT dirn:11:451236523
x-swift-savetime: Sat, 26 Nov 2022 13:38:46 GMT
x-swift-cachetime: 31534667
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616696970790311358e
X-Firefox-Spdy: h2

www.jxys88.net/news/list.php

173.231.12.68

200 OK

258 kB

URL HTTP/2
www.jxys88.net/news/list.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
258 kB (257538 bytes)
Hash
7ff193da0016d3c8b98bb68d997a0cb4
720cafe9c8028b120802ec3f818c1e14bdeaf86b
c253c33d24dc3d6b50071ecb7cb3d3c1a7f4ea1d85372d21a025de90a310b7b8

HTTP Headers

GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
b6607f0428ad18c923ac202d3c27d52a
29edc43ed06f535c1e03e413cb626143c1f5365f
4bf1dbe3570119b51bf65d5af3c0064dff22156de04e2357ffac24ec6fa6f55d

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 11:06:55 GMT
Expires: Sat, 03 Dec 2022 11:06:54 GMT
Etag: "29edc43ed06f535c1e03e413cb626143c1f5365f"
Cache-Control: max-age=367934,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07848e40b02-OSL

acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif

91.195.240.12

403 Forbidden

1.7 kB

URL HTTP/2
acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
IP
91.195.240.12:0
ASN
#47846 SEDO GmbH

File type
data
Size
1.7 kB (1709 bytes)
Hash
fb9460d68b349735969de1c8e66a4bb0
f1349350d9f5721b3f0799593c2a13694e24febb
9f7fa1f76ca8c84254e6201eb1fa895d820ad786fa20c4a3cc194651dfc5e6a8

HTTP Headers

GET /3c1bcbe1527d69a7efc3687b42d7ea1f.gif HTTP/1.1
Host: acoosso.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 04:44:39 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
d20b3eeb10a5d2a25e6dac63522bf57d
0a2249dcef688c79a67cfdd7a1e559ede99be925
5904afabafe989992cd033150690f3cd225b66eb0b444b1a39f088c275e0355e

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=157
Date: Tue, 29 Nov 2022 04:44:39 GMT
Connection: keep-alive
X-N: S

www.jxys12.xyz/template/m1938pc/static/css/1.css

173.231.38.5

200 OK

426 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/1.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
426 kB (426178 bytes)
Hash
ecad6055ce2cfa511e398f3b18823ed6
89dca435eff63ce7d8a1543b027c14dec9baa343
68c236114a5a790e9866554e019e3dbbdbc3a85374c873ddd8323fab7ac8a966

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:36 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Tue, 29 Nov 2022 16:44:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif

103.170.15.109

200 OK

359 kB

URL HTTP/1.1
223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
IP
103.170.15.109:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
359 kB (358672 bytes)
Hash
668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ddc7ee998e5442059a05a76f45a279b8.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63665362-57910"
Date: Sat, 26 Nov 2022 13:33:02 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 05 Nov 2022 12:13:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-39
Content-Length: 358672

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7c0a255a9839d323de72a8e074ab3f64
9dca00b5ae547deaa3df7e1258632703382134ed
7c0f48c436f578eeafe11d5d5d480b3995297ebd7e83efbf9e70d0435979130f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 18:12:20 GMT
Expires: Sun, 04 Dec 2022 18:12:19 GMT
Etag: "9dca00b5ae547deaa3df7e1258632703382134ed"
Cache-Control: max-age=479859,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b0789f70b511-OSL

339282bdb.com/e20f57018fba490b9af887342222147f.gif

103.170.15.103

200 OK

553 kB

URL HTTP/1.1
339282bdb.com/e20f57018fba490b9af887342222147f.gif
IP
103.170.15.103:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
553 kB (552818 bytes)
Hash
097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e20f57018fba490b9af887342222147f.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b939b-86f72"
Date: Sun, 27 Nov 2022 05:02:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 552818

www.jxys12.xyz/template/m1938pc/static/css/swiper.min.css

173.231.38.5

200 OK

30 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/swiper.min.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
30 kB (30045 bytes)
Hash
1bf896948e345aa933587e0c9aecb8b0
95e3cdc7200d77063a6a1049a5980e474ffc9258
eaec65bc69bb053deb4aa6729818af2f18b529f4dd16a87eff955e5adb2a6efc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:36 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Tue, 29 Nov 2022 16:44:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif

103.170.15.103

200 OK

580 kB

URL HTTP/1.1
592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
IP
103.170.15.103:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
580 kB (580315 bytes)
Hash
1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

HTTP Headers

GET /ec0e8c2b5d2a4082a1acaceabcfca983.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba261-8dadb"
Date: Sun, 27 Nov 2022 08:17:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:35:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 580315

5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif

45.61.212.228

200 OK

748 kB

URL HTTP/1.1
5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP
45.61.212.228:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 750 x 120\012- data
Size
748 kB (748166 bytes)
Hash
dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608

HTTP Headers

GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 5593qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63032a8a-b6a86"
Date: Sun, 27 Nov 2022 03:30:22 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 22 Aug 2022 07:04:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-28
Content-Length: 748166

p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42

47.246.44.228

200 OK

420 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
IP
47.246.44.228:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
420 kB (420442 bytes)
Hash
7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb

HTTP Headers

GET /obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Thu, 17 Nov 2022 08:05:12 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 08:04:55 GMT
nw-session-id: 20221117160455010175088205489D283Edffxv02dy
nw-session-trace: 2022-11-17T16:04:55.135790407+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 16:04:55 GMT
x-tt-logid: 20221117160455010175088205489D283E
via: n150-056-038, cache1.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc02:22:591::147
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01307a3fb6122614a2cf2861b66f794cde44fb789caf024a9d7b2c6561afdf19f775a092f1c68726af9bc843af9d0ac960e24a539cf77cbcdda5d0e4291dcc3344458d0ed78fd87e483c6a160aeb1e5530716a4a1a22319dfa833dc91d61d824ef
x-response-lb: image
ali-swift-global-savetime: 1668672312
age: 1024767
x-cache: HIT TCP_MEM_HIT dirn:11:275132548
x-swift-savetime: Thu, 17 Nov 2022 08:34:25 GMT
x-swift-cachetime: 31534247
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616696970792361462e
X-Firefox-Spdy: h2

362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif

103.170.15.113

200 OK

423 kB

URL HTTP/1.1
362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
IP
103.170.15.113:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
423 kB (422791 bytes)
Hash
bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /33f557d8ed124da9b6a2642dac638bcd..gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9147-67387"
Date: Sat, 26 Nov 2022 16:56:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:22:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Length: 422791

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
acf313ab60df29d9e99c6f5d54e56d3d
f16cfb97fd0e33bc296aac42d55b8e4763f868c4
d5ca23f9f5d05a68c3aac82e0311ded0ba2be1bf0c1682ddc4a2bbfa5069a460

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5CA23F9F5D05A68C3AAC82E0311DED0BA2BE1BF0C1682DDC4A2BBFA5069A460"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 29 Nov 2022 10:44:39 GMT
Date: Tue, 29 Nov 2022 04:44:39 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
9ea269db298de3bfcd60ba6b0cc90e62
d961b1e242f0945fd9e02e727878b7d047876742
7800a0af0354b76325c75d858222cfc781f6ad7d1e8391bcb452a415eb6d63ab

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 17:36:51 GMT
Expires: Fri, 02 Dec 2022 17:36:50 GMT
Etag: "d961b1e242f0945fd9e02e727878b7d047876742"
Cache-Control: max-age=304930,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07968320b55-OSL

p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246

47.246.44.228

200 OK

312 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246
IP
47.246.44.228:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
312 kB (311995 bytes)
Hash
a78b1d3c4c374bd5a68ee79cd6a32092
78846daf14c2d75e5a82906ac98bdc199928344f
851a82f9cd3832f933509975a4f7a414a5ce9333af9865f8b383bd1851d7b816

HTTP Headers

GET /obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 311995
date: Sat, 26 Nov 2022 13:16:33 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 11:30:39 GMT
nw-session-id: 2022112619303901020908713822A266142qftk03dy
nw-session-trace: 2022-11-26T19:30:39.707647645+08:00 48
x-bdcdn-cache-status: TCP_HIT
x-length: 311995
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 19:30:39 GMT
x-tt-logid: 2022112619303901020908713822A26614
via: n131-120-073, cache1.l2de2[0,0,206-0,H], cache17.l2de2[0,0], cache17.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:4:481::52
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017a400951cb8b1f6f99182a8c8a87682ff0a3cf0eab6da2f3c1f2d4643076e0781d8448ce5629cbfc4f7ae85a35f0343fa4bbbf262be9039644130e292f8ff5ba13be69171c546bd0c61898a92f6ce9b807474e824c6b6f56a295f19bf9a95b59
x-response-lb: image
ali-swift-global-savetime: 1669468593
age: 228486
x-cache: HIT TCP_MEM_HIT dirn:11:276680554
x-swift-savetime: Sat, 26 Nov 2022 13:38:50 GMT
x-swift-cachetime: 31534663
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616696970792971500e
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg

172.247.77.90

200 OK

14 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
14 kB (14304 bytes)
Hash
8943af77fc234d1e4a935f8ff3007471
5316de2c0e183897735ae3f64ddc21172c9427bf
0bd345fe3484025bd9e72a45f52e661e91f606531c48f60f97a39f598187acad

HTTP Headers

GET /upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 29 Nov 2022 04:46:26 GMT
Content-Type: image/jpeg
Content-Length: 14304
Last-Modified: Wed, 09 Nov 2022 08:21:51 GMT
Connection: keep-alive
ETag: "636b631f-37e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
183c367aae2a8003d7f94a3156f4005d
f8898757a11b765f26949f0b3befd0eca4c959e6
b247e947fa68e49afa29de5ca8cbe564af78df2457511695830345500b356838

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 29 Nov 2022 04:44:39 GMT
Last-Modified: Tue, 29 Nov 2022 00:18:51 GMT
ETag: "63854feb-1d7"
Expires: Thu, 01 Dec 2022 00:18:51 GMT
Cache-Control: max-age=156852
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669697079
Via: cache6.l2de2[5,5,200-0,M], cache6.l2de2[6,0], cache3.se1[28,28,200-0,M], cache3.se1[29,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 29 Nov 2022 04:44:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716696970793165765e

fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg

172.247.77.90

200 OK

8.0 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.0 kB (8028 bytes)
Hash
94cce198be510e7dad60f740fbecec8c
8314c91f10f5ec38742b3780681e6cec16190d2e
59267bae18e01a3c0744581e1376c17fd507651854a3122056d887b4d9e66f0a

HTTP Headers

GET /upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 29 Nov 2022 04:46:26 GMT
Content-Type: image/jpeg
Content-Length: 8028
Last-Modified: Wed, 09 Nov 2022 08:20:55 GMT
Connection: keep-alive
ETag: "636b62e7-1f5c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
861fe3fb01d4882f88674de4af400667
064709f591d008556d07dcdd0d110e8fda18b647
f34a0cb433fd538da42e2437e3d82f3adb7d289fb7cc2d900bfba91bc1346bdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:39 GMT
Etag: "6383775d-117"
Server: ECS (amb/6B9E)
Content-Length: 279

fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg

172.247.77.90

200 OK

5.1 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.1 kB (5133 bytes)
Hash
b4fe691a1e1838c9f1478958a1755ecc
342f266ceede5184e9cc944325d5644aad9373cd
e16caff401e9c45407df43293ca846a805d8a8fa2893df39b000d5e76bdb4969

HTTP Headers

GET /upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 29 Nov 2022 04:46:26 GMT
Content-Type: image/jpeg
Content-Length: 5133
Last-Modified: Wed, 09 Nov 2022 08:20:59 GMT
Connection: keep-alive
ETag: "636b62eb-140d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif

103.170.15.113

200 OK

670 kB

URL HTTP/1.1
628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
IP
103.170.15.113:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 750 x 150\012- data
Size
670 kB (669569 bytes)
Hash
fb77824f7c4e9baba62da5b690a5c7b3
ab57e7f711d25f95c55d7d29aa282af565b4c428
e465f0dc2491c84d9be51ac6638bfcb16d43fd3c1b257bc64e0553f2fefe7528

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fef6570cf2754141af2117d4ae96f801.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6379dc97-a3781"
Date: Wed, 23 Nov 2022 06:23:26 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 20 Nov 2022 07:51:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Length: 669569

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
861fe3fb01d4882f88674de4af400667
064709f591d008556d07dcdd0d110e8fda18b647
f34a0cb433fd538da42e2437e3d82f3adb7d289fb7cc2d900bfba91bc1346bdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122283
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:39 GMT
Etag: "6384c8e2-117"
Expires: Wed, 30 Nov 2022 14:42:42 GMT
Last-Modified: Mon, 28 Nov 2022 14:42:42 GMT
Server: nginx
Content-Length: 279

nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif

104.21.55.74

200 OK

1.1 MB

URL HTTP/2
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
1.1 MB (1082384 bytes)
Hash
a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1257045
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcRcHfeWckU6WlolCfkQYat4IxP8pe8%2B2nrPAtvugy1FyxC2UtmG%2BmRLHFrXa4YFX6ShbfjX15ebgBl7bqiFlwOJDUS7mB3KbGVxY7xj0TjMhJTtK9GD11m2cKEI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07a8c71fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

si1.go2yd.com/get-image/0yFVWR9AM6k

163.171.140.79

200 OK

140 kB

URL HTTP/2
si1.go2yd.com/get-image/0yFVWR9AM6k
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 750 x 376\012- data
Size
140 kB (140259 bytes)
Hash
4125d9bf66b1a755f42abaea805ee9af
17232f64827beb19e2a717d1bdbf384b3e938249
d3c1b29a4d2c0fa6fc41d308d6c110eeb868276c2a74697766283838ebe1f732

HTTP Headers

GET /get-image/0yFVWR9AM6k HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 140259
x-application-context: application
x-kss-request-id: 42be03856f37421d8d1834ac0d22900d
etag: "4125d9bf66b1a755f42abaea805ee9af"
content-md5: QSXZv2axp1X0KrrqgF7prw==
last-modified: Mon, 28 Feb 2022 07:48:08 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:9 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:10 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:17 (Cdn Cache Server V2.0)
x-ws-request-id: 63858e37_PShlamstdAMS1vj92_7976-40075
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2

api.79zxcv.com/js/dom.js

18.141.56.242

200 OK

4.8 kB

URL HTTP/1.1
api.79zxcv.com/js/dom.js
IP
18.141.56.242:0
ASN
#16509 AMAZON-02

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1791)
Size
4.8 kB (4779 bytes)
Hash
271c3e5f6f883bf1187eb95946d8246e
4b32995d1e5dce4ba696e0aaf57794db6884d2b6
a5451841cb1edffb1130d0e4c564cfeb352d7f2283665a4d01221f84dc72c1fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/dom.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1d8c96ac8343425"
Last-Modified: Fri, 16 Sep 2022 01:22:27 GMT
Server: Tengine
X-Cache-Status: MISS
Content-Encoding: gzip

zhibo128x.xyz/128/960x120.gif

154.83.25.141

200 OK

647 kB

URL HTTP/1.1
zhibo128x.xyz/128/960x120.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 120\012- data
Size
647 kB (647290 bytes)
Hash
4fd1179d632274467f2d161456d79264
7e14d27cde6b11c437d17d7abf8ea273a5e63798
4a24512ccf73527d8996dc5a02acc63fe7fcb7c9f9ae22cac178345c6d46361c

HTTP Headers

GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 29 Nov 2022 04:44:01 GMT
Content-Type: image/gif
Content-Length: 647290
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:08:16 GMT
ETag: "634113d0-9e07a"
Expires: Wed, 30 Nov 2022 00:43:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
07c74bc5bc7715dce2255efb5629d795
0d7779f9c077f597635e4809fe17c91899b06f48
3e6ce9d1ae689d6cd819ec0d9c17080ca7189931238c729090da3f9c5af8d181

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:09:56 GMT
Expires: Mon, 05 Dec 2022 19:09:55 GMT
Etag: "0d7779f9c077f597635e4809fe17c91899b06f48"
Cache-Control: max-age=569715,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b079e85a0b55-OSL

nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif

104.21.55.74

200 OK

524 kB

URL HTTP/2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 325 x 143\012- data
Size
524 kB (523775 bytes)
Hash
2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Fri, 16 Dec 2022 18:59:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1071925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gl8O2X81dRF%2FxrO74uxeCMZcmOh7Bw6LI0E3EcbDnx8uID3FXwk1DP9h2RHgv1YNt%2F4tKPI8LuJITPy%2BBQS80M1JUOf9wIcdwdMBQM5VIDxnMcwppsMJ5dRUyPFw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07b5c96fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
07c74bc5bc7715dce2255efb5629d795
0d7779f9c077f597635e4809fe17c91899b06f48
3e6ce9d1ae689d6cd819ec0d9c17080ca7189931238c729090da3f9c5af8d181

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:09:56 GMT
Expires: Mon, 05 Dec 2022 19:09:55 GMT
Etag: "0d7779f9c077f597635e4809fe17c91899b06f48"
Cache-Control: max-age=569715,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07a39490b02-OSL

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
07c74bc5bc7715dce2255efb5629d795
0d7779f9c077f597635e4809fe17c91899b06f48
3e6ce9d1ae689d6cd819ec0d9c17080ca7189931238c729090da3f9c5af8d181

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:09:56 GMT
Expires: Mon, 05 Dec 2022 19:09:55 GMT
Etag: "0d7779f9c077f597635e4809fe17c91899b06f48"
Cache-Control: max-age=569715,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07b58bc0b55-OSL

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
07c74bc5bc7715dce2255efb5629d795
0d7779f9c077f597635e4809fe17c91899b06f48
3e6ce9d1ae689d6cd819ec0d9c17080ca7189931238c729090da3f9c5af8d181

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:09:56 GMT
Expires: Mon, 05 Dec 2022 19:09:55 GMT
Etag: "0d7779f9c077f597635e4809fe17c91899b06f48"
Cache-Control: max-age=569715,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07a8c35b4ee-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
2846e8ee9583fe5234f49697cceecb12
685e9f634c07ada57e4b90523a37d08425c2cc3a
39ccd0c7553a0e7d07f44d0cfbde1a86f7a3235c84d5ace2b0eeacf90856ea85

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "39CCD0C7553A0E7D07F44D0CFBDE1A86F7A3235C84D5ACE2B0EEACF90856EA85"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=891
Expires: Tue, 29 Nov 2022 04:59:30 GMT
Date: Tue, 29 Nov 2022 04:44:39 GMT
Connection: keep-alive

829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif

103.170.15.103

200 OK

62 kB

URL HTTP/1.1
829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif
IP
103.170.15.103:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
62 kB (61957 bytes)
Hash
a39609b18140975f8099754386591e3c
5758379628e0102c65a87bd04cbe5158e43a94b0
fcd1a2d3584bb5dd209871dca8cef09495c9b1a3651ee204f87319e9b4a670de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f22c9bb27e174bb0b6dd1b2034189f8f.gif HTTP/1.1
Host: 829355rff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba2a2-f205"
Date: Tue, 29 Nov 2022 04:40:43 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:36:34 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 61957

max009.top/4bf88adf466b90cef3686374a27fc0e2.gif

104.21.79.112

200 OK

507 kB

URL HTTP/2
max009.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP
104.21.79.112:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
507 kB (506851 bytes)
Hash
720e80d2a7ff4cf1bbf0b1608c2f35de
bf0a987ac8d4c7728171fe41e5c45b61b45a2f73
e177aeb64efe8103f8af0afc0a768394d970bbe60edcf103a083d56b915c18b1

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: max009.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 506851
last-modified: Sat, 26 Nov 2022 07:23:09 GMT
etag: "6381bedd-7bbe3"
expires: Wed, 28 Dec 2022 05:44:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 82831
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK7VsC0wiz%2B2Kb3J58PZkvjDiO0sKOOmESXdAnEE8M69N0pgBMrfZvCcLKqEhUOriGGxr7fwPHV7WN%2BOtRtc0BF1WJFiPdwzFEK2dXwNS0ZiK8z78fDCSBqulWQ0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07c2a74b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b90107aa3c563acdc194853c5704d99a
e5053c180140bdb839e6bb32de7188e248506a94
cd5447d7005115a79566f447d08cc879fcaa366ab9abd0f3d99084f6a6a8c949

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 13:44:20 GMT
Expires: Mon, 05 Dec 2022 13:44:19 GMT
Etag: "e5053c180140bdb839e6bb32de7188e248506a94"
Cache-Control: max-age=550179,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07bfe7eb521-OSL

www.jxys12.xyz/template/m1938pc/static/css/white.css

173.231.38.5

200 OK

180 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/white.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
180 kB (179792 bytes)
Hash
479e1382255acd5b3989291167a54d32
ea7bf99438dd893d5ffc4251b62ea27bf6f1f6e5
f8f1baef765fd6276eb22c24edb15d5c30ddb2538991922cac593d9b981b564c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:36 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Tue, 29 Nov 2022 16:44:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
97c8d7a5e596118346b19200cc486b95
3a605d8f270d2ba64b52ae2b5dc686a237b5012e
17304f91defc5e79bea787bbdfc8e0f3620921978468678c2b0edc78cde7524b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17304F91DEFC5E79BEA787BBDFC8E0F3620921978468678C2B0EDC78CDE7524B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2856
Expires: Tue, 29 Nov 2022 05:32:15 GMT
Date: Tue, 29 Nov 2022 04:44:39 GMT
Connection: keep-alive

max009.top/7546c860e55fa3bf22e5cd95994dd097.gif

104.21.79.112

200 OK

685 kB

URL HTTP/2
max009.top/7546c860e55fa3bf22e5cd95994dd097.gif
IP
104.21.79.112:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 384 x 216\012- data
Size
685 kB (684992 bytes)
Hash
6f531c957ea61da41ab38ccc064ac606
e2c1ccf65b2c8e2dadee1bd61ecf5539a2100825
e1094802df1cac8e84815e0d8807bbb5e73e161994c773d3a58d201f918d64b3

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: max009.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 684992
last-modified: Tue, 22 Nov 2022 11:00:48 GMT
etag: "637cabe0-a73c0"
expires: Wed, 28 Dec 2022 15:36:18 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 47301
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Onveh5z2SthbGj%2BTwhZe47TjJgsmf6MKMe%2FC6JJl7YbhMTkmQzfycsIiOiC8GvXevFAUbpcGPb2Bc4x23pkvDMfpe0CIcIjJ1ku7eICAdxuA2YViSLWg%2Futqrdrd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07cbaa5b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
78bd90691c3b7d1a116b712d04d55c1c
7f7f44c164b14e28dc5061f6bac8ac6be37b600f
bbe91ea3e608060e1a47bd356ff847e5ce9c3e4c4a023df7fb8f10421529338b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BBE91EA3E608060E1A47BD356FF847E5CE9C3E4C4A023DF7FB8F10421529338B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21593
Expires: Tue, 29 Nov 2022 10:44:32 GMT
Date: Tue, 29 Nov 2022 04:44:39 GMT
Connection: keep-alive

max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif

172.67.222.73

200 OK

864 kB

URL HTTP/2
max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
172.67.222.73:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
864 kB (864004 bytes)
Hash
d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: max004.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Mon, 26 Dec 2022 12:02:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 232913
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuCQvpQu0P2jj%2FWYoGD3J6dQOumyevOdJpzHVulilqkXM2h9fCOMYz0dAQjfEbjSPuBdpJwS2Nc4eJQb7Z%2FqYu02X2J7o7CV5a%2FFeSTAeUi3l6g2N2aIdzWwnhsU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07d3cb6b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

taiwtp1.com/xin/225135.gif

220.128.218.220

200 OK

67 kB

URL HTTP/2
taiwtp1.com/xin/225135.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 225 x 135\012- data
Size
67 kB (67441 bytes)
Hash
81996a5d1fe46f845ff020017edba5cb
68dc488bcaf576c3c63394123998bb55ea79d121
6ee94aa6b2f278f4d4bff35da13d01e8ecc332464a23050f5a816fe18943b7aa

HTTP Headers

GET /xin/225135.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:42:12 GMT
content-type: image/gif
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Thu, 29 Dec 2022 04:42:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6bd21476a278c3fb33f4d879a9733abd
f20a0e273eba0725b9c32930bb933ae506ef37ad
29b482a308e359810dac2fad59f1019d6de84fde3b2efbdef4fed48b0f04c1a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=87385
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:39 GMT
Etag: "63844090-117"
Expires: Wed, 30 Nov 2022 05:01:04 GMT
Last-Modified: Mon, 28 Nov 2022 05:01:04 GMT
Server: nginx
Content-Length: 279

p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b

47.246.44.228

200 OK

671 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
IP
47.246.44.228:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 640 x 480\012- data
Size
671 kB (670683 bytes)
Hash
61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732

HTTP Headers

GET /obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Sun, 27 Nov 2022 03:26:09 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 10:44:10 GMT
nw-session-id: 202211261844100101501381450DA82CF8k59t601dy
nw-session-trace: 2022-11-26T18:44:10.583169317+08:00 91
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 18:44:10 GMT
x-tt-logid: 202211261844100101501381450DA82CF8
via: n150-112-092, cache19.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache5.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce1081cd61dd4259176fc7f86da45d743ce8532946c5a051118493d5da77ae87a547e180e5da93c00104f9d2e0ea2a855fafc0ca649815bfa37ddcded05b5ba755539d0cf24e7ccff40da43c5dffb94cd97733
x-response-lb: image
ali-swift-global-savetime: 1669519569
age: 177510
x-cache: HIT TCP_MEM_HIT dirn:4:230329289 mlen:0
x-swift-savetime: Sun, 27 Nov 2022 23:45:44 GMT
x-swift-cachetime: 31462825
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616696970798211843e
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
183c367aae2a8003d7f94a3156f4005d
f8898757a11b765f26949f0b3befd0eca4c959e6
b247e947fa68e49afa29de5ca8cbe564af78df2457511695830345500b356838

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 29 Nov 2022 04:44:39 GMT
Last-Modified: Tue, 29 Nov 2022 00:18:51 GMT
ETag: "63854feb-1d7"
Expires: Thu, 01 Dec 2022 00:18:51 GMT
Cache-Control: max-age=156852
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669697079
Via: cache5.l2de2[506,505,200-0,M], cache5.l2de2[507,0], cache2.se1[529,529,200-0,M], cache2.se1[530,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 29 Nov 2022 04:44:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616696970793421523e

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6bd21476a278c3fb33f4d879a9733abd
f20a0e273eba0725b9c32930bb933ae506ef37ad
29b482a308e359810dac2fad59f1019d6de84fde3b2efbdef4fed48b0f04c1a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=87385
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:39 GMT
Etag: "63844090-117"
Expires: Wed, 30 Nov 2022 05:01:04 GMT
Last-Modified: Mon, 28 Nov 2022 05:01:04 GMT
Server: nginx
Content-Length: 279

8499163.com/8499/224x134.gif

172.247.50.229

200 OK

195 kB

URL HTTP/2
8499163.com/8499/224x134.gif
IP
172.247.50.229:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 220 x 130\012- data
Size
195 kB (194792 bytes)
Hash
d6be4c83c9a5f3de01fca27ad55cc029
f93ab36f1db949e8c94d7fd983e7ca136ea3e7d2
03a89dc11430b0a5c56b73e6b8d2f31739ba23742b8014fe9474a47a5401c641

HTTP Headers

GET /8499/224x134.gif HTTP/1.1
Host: 8499163.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 194792
last-modified: Thu, 17 Nov 2022 05:33:07 GMT
etag: "2f8e8-5eda3ec91c7d5"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

8499225.com/8499/s/960x60.gif

172.247.50.228

200 OK

331 kB

URL HTTP/2
8499225.com/8499/s/960x60.gif
IP
172.247.50.228:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /8499/s/960x60.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "50d23-5ed03b0c9c3d8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0

47.246.44.228

200 OK

358 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
IP
47.246.44.228:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 440 x 240\012- data
Size
358 kB (358276 bytes)
Hash
40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43

HTTP Headers

GET /obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Fri, 21 Oct 2022 06:41:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:37:28 GMT
nw-session-id: 20221021143728010175136074453D5CBFz8wd402dy
nw-session-trace: 2022-10-21T14:37:28.551011358+08:00 71
x-bdcdn-cache-status: TCP_HIT
x-length: 358276
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:37:28 GMT
x-tt-logid: 20221021143728010175136074453D5CBF
via: n204-098-037, cache6.l2de2[0,0,206-0,H], cache14.l2de2[4,0], cache14.l2de2[5,0], cache1.se1[0,-1,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc01:25:80::214
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0117853d8cc79e5d77738cab4f594f364156c824771e29f615804f746fdb99e074612b530aaff0431fb3c2f771771ecafad581836a17d7ab7f11b242956cf29bfa52e7a0c525a19a5811d03d87a864a9c15e73d6d056b582e53a7965d856d36e13
x-response-lb: image
ali-swift-global-savetime: 1666334511
age: 3362568
x-cache: HIT TCP_MEM_HIT dirn:2:268256394
x-swift-savetime: Fri, 21 Oct 2022 08:23:11 GMT
x-swift-cachetime: 31529920
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616696970798521862e
X-Firefox-Spdy: h2

tt.1468tu.com/58tu/960x100.gif

43.153.174.204

200 OK

166 kB

URL HTTP/1.1
tt.1468tu.com/58tu/960x100.gif
IP
43.153.174.204:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 100\012- data
Size
166 kB (165870 bytes)
Hash
ac63ac5a8f69ce5bd9f5c6dbcbe5e449
ea0e3a5a67615ba236262770bfbf9aacaaf59ef8
c509935cc565a4e97603bb9ae7ed879b22b0ac048e825cd771be70b69ce0842d

HTTP Headers

GET /58tu/960x100.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: image/gif
Content-Length: 165870
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 08:09:12 GMT
ETag: "b6ce236cffd6d81:0"
X-Powered-By: ASP.NET
Server: X-Y
X-Cache-Status: HIT
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
db2d862fefbb78e2f23ac757eeae8a20
ba181287c29d26ff046159841d8eb2f78e555328
1088c17ed2d396e1ff9393147e7090de6ac68daf777ccac080323a455537f224

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 13:28:31 GMT
Expires: Sat, 03 Dec 2022 13:28:30 GMT
Etag: "ba181287c29d26ff046159841d8eb2f78e555328"
Cache-Control: max-age=376430,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07cc909b511-OSL

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
fe9e74c1bc4c0387895fe6590f479322
de9ee91959920002353b1f6052a77ac41287b5fe
50eabf2239e98618ee1558ce0c20c68b4a1d6c3ff5dfc0662b15abf2cda26e83

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 29 Nov 2022 04:44:40 GMT
Last-Modified: Mon, 28 Nov 2022 08:54:37 GMT
ETag: "6384774d-1d7"
Expires: Wed, 30 Nov 2022 08:54:37 GMT
Cache-Control: max-age=101397
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669697079
Via: cache16.l2de2[5,5,200-0,M], cache16.l2de2[7,0], cache2.se1[27,27,200-0,M], cache2.se1[28,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 29 Nov 2022 04:44:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616696970799691912e

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
9c05d374f5f2676fdc07246d7dac6a09
8ab143f32b5ae4ebc9ce407ff3b30cb5a374f844
2cc72e675b1903a739bf9c00bb6121020015c2f44c77433926a9e8d564715752

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 12:43:08 GMT
Expires: Sun, 04 Dec 2022 12:43:07 GMT
Etag: "8ab143f32b5ae4ebc9ce407ff3b30cb5a374f844"
Cache-Control: max-age=460106,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07dff39b521-OSL

p3.douyinpic.com/obj/tos-cn-i-dy/4ff1a513aa73420d92efe66a30521499

47.246.44.228

200 OK

259 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/4ff1a513aa73420d92efe66a30521499
IP
47.246.44.228:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 360 x 200\012- data
Size
259 kB (259076 bytes)
Hash
ad8804ad8d49acffd23bef3ef0efa8ba
1f6122fb71f9b79e5b1722b64daec32148782471
8f6ef9996b2b5cd29454246e746671d329fbe7dbeecd832a1b09dfbcfd15b6d4

HTTP Headers

GET /obj/tos-cn-i-dy/4ff1a513aa73420d92efe66a30521499 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 259076
date: Mon, 28 Nov 2022 09:44:34 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 28 Nov 2022 06:27:50 GMT
nw-session-id: 202211281427500101420440184B7D58EFlh2rg02dy
nw-session-trace: 2022-11-28T14:27:50.875609873+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 259076
x-powered-by: ImageX
x-response-date: Mon, 28 Nov 2022 14:27:50 GMT
x-tt-logid: 202211281427500101420440184B7D58EF
via: n204-098-222, cache12.l2de2[0,0,206-0,H], cache19.l2de2[1,0], cache19.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc01:25:582::100
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01df2d809375c40a2a727e6f3d348595ad9fa3940e5b7c1893f284b4ddfd65a0131d7c1e86b736b94f6525f1191a308ec01b0949c8726d64b2867ece2a0b4aa23272388e728edd473931079e032ea4f331d3856f99b6b580fa84b1ae1e9fce94a3
x-response-lb: image
ali-swift-global-savetime: 1669628674
age: 68405
x-cache: HIT TCP_MEM_HIT dirn:6:7807171
x-swift-savetime: Mon, 28 Nov 2022 10:01:17 GMT
x-swift-cachetime: 31534997
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616696970798641868e
X-Firefox-Spdy: h2

max002.top/68a7807de3933bf7079116fa9df99e6f.gif

104.21.233.253

200 OK

366 kB

URL HTTP/2
max002.top/68a7807de3933bf7079116fa9df99e6f.gif
IP
104.21.233.253:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
366 kB (366444 bytes)
Hash
86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: max002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sun, 25 Dec 2022 12:12:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 318731
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vA5qhEwsAI%2FlVzDR2tCAKqi1n2FMQyDqKKxSOEXFJH7UoByixG4dTQOypvAgxrHp6dwFuOqgdpzwYpsLFMMXPYks8e2JUPrWHBo5pxomgHrAkgASueiaEaUce3wQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07d5976886d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/bootstrap.min.css

173.231.38.5

200 OK

307 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/bootstrap.min.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
307 kB (307192 bytes)
Hash
4085a894f302f20c68531d6587a3b242
d0754e62d31d1c57a86d65a005c2f5127b47638c
1c8091c4ddef45707d8901574de64ef37afb5b9ce491e65752d0eccf78e89eec

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:36 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Tue, 29 Nov 2022 16:44:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
861fe3fb01d4882f88674de4af400667
064709f591d008556d07dcdd0d110e8fda18b647
f34a0cb433fd538da42e2437e3d82f3adb7d289fb7cc2d900bfba91bc1346bdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:40 GMT
Etag: "6383775d-117"
Last-Modified: Tue, 29 Nov 2022 04:44:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

u1022.com/da5dfac32ac34ba592b6f45c5de4a88c.gif

103.189.109.79

200 OK

383 kB

URL HTTP/2
u1022.com/da5dfac32ac34ba592b6f45c5de4a88c.gif
IP
103.189.109.79:0
ASN
#0

File type
GIF image data, version 89a, 960 x 100\012- data
Size
383 kB (382842 bytes)
Hash
3ee8c68d9bcee9dba9e18883f7a79dd7
ca6173103323ab2685f5c50c81c2e80d50583ab9
150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9

HTTP Headers

GET /da5dfac32ac34ba592b6f45c5de4a88c.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "63849d60-5d77a"
server: nginx
date: Mon, 28 Nov 2022 11:46:13 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 11:37:04 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-069
content-length: 382842
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f131edc09112a7012ae8a51da3879dd
9904fe331a39a5745bd6032da20848e758378156
223451a8e5537cf847acd349653e10a21b92a8a0c6033ac7924827e854f4ed04

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kvkddd.top/0eddc09b941df608c7dbb65fd7344c05.gif

104.21.233.183

200 OK

501 kB

URL HTTP/2
kvkddd.top/0eddc09b941df608c7dbb65fd7344c05.gif
IP
104.21.233.183:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 384 x 216\012- data
Size
501 kB (500709 bytes)
Hash
034336a5237349a60154dea96de80b58
3542d0bbdf703508930fc994eabce17681c818fa
602d2dfc2f528acbe33ca7ff13c163f8ea4f908fc7aed58c4d3a50a5931ccc0d

HTTP Headers

GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvkddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:40 GMT
content-type: image/gif
content-length: 500709
last-modified: Sun, 26 Jun 2022 12:08:26 GMT
etag: "62b84c3a-7a3e5"
expires: Wed, 21 Dec 2022 03:12:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 696756
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKUQiAqJzhFVqVPGOtxOWHIal6qjUhHfUC94MHE%2BNHm8C9yFNBxaQ88BnQuP%2FtgXFR6zei7HURth1Ri%2FAeWkuFO3C2XMK0jbV5Ty3t6qFnuI9%2Bu8ZXtMgPNZS3Qd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07e3baf771a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
db2d862fefbb78e2f23ac757eeae8a20
ba181287c29d26ff046159841d8eb2f78e555328
1088c17ed2d396e1ff9393147e7090de6ac68daf777ccac080323a455537f224

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 13:28:31 GMT
Expires: Sat, 03 Dec 2022 13:28:30 GMT
Etag: "ba181287c29d26ff046159841d8eb2f78e555328"
Cache-Control: max-age=376429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07e1fc6b527-OSL

kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif

172.67.154.165

200 OK

740 kB

URL HTTP/2
kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
172.67.154.165:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
740 kB (739561 bytes)
Hash
5318e42d25e6b9b53726d8166248cc33
762b03c16562865a9a58a02dba471f78608376db
b632e7a04d032c4853a8460e9d636ac032f697db8f50cfee6a6016587ed8f62c

HTTP Headers

GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:40 GMT
content-type: image/gif
content-length: 739561
last-modified: Mon, 02 May 2022 19:20:49 GMT
etag: "62702f11-b48e9"
expires: Fri, 23 Dec 2022 04:58:19 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 517581
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssm7XAW8PLqHc%2Bl1UVzdlW2QbKd%2BDXfyVpQBzPDptZkM2ktenQ3UWJAam66%2B6XpAnzF40L7AJL4qKxC7Gve7N6a9RMvuNBwpqYe%2FZYFlRq4R30TdWCq43GjvPr78"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07f496d0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
97c8d7a5e596118346b19200cc486b95
3a605d8f270d2ba64b52ae2b5dc686a237b5012e
17304f91defc5e79bea787bbdfc8e0f3620921978468678c2b0edc78cde7524b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17304F91DEFC5E79BEA787BBDFC8E0F3620921978468678C2B0EDC78CDE7524B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2855
Expires: Tue, 29 Nov 2022 05:32:15 GMT
Date: Tue, 29 Nov 2022 04:44:40 GMT
Connection: keep-alive

p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0

43.129.255.47

200 OK

208 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
IP
43.129.255.47:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 60\012- data
Size
208 kB (208040 bytes)
Hash
192c74d36701b586f3201dfd6d080d9b
e5b46de78b75c72974ba4a73638a581e7114d55b
b02c98fd0349520c864b26c96f998aa1814c1342db3e694568a437d90a523df0

HTTP Headers

GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/gif
content-length: 208040
vary: Accept,Origin
last-modified: Fri, 25 Nov 2022 04:38:13 GMT
cache-control: max-age=2592000
x-delay: 35507 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 208040
chid: 0
fid: 0
x-nws-log-uuid: 97320f93-ae0b-4a76-94c1-d0a94123033b
X-Firefox-Spdy: h2

kvkddd.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif

104.21.233.183

200 OK

1.6 MB

URL HTTP/2
kvkddd.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
104.21.233.183:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
1.6 MB (1590489 bytes)
Hash
59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5

HTTP Headers

GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvkddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:44:40 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sun, 26 Jun 2022 12:04:30 GMT
etag: "62b84b4e-1844d9"
expires: Tue, 27 Dec 2022 14:59:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 135881
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBGQQLQSryhs98vN5BC3bLFt1goHwkCfzAJ%2FNGGGs%2F%2FLMpuPsP4V1nCMZza8tqx11DL4Tlx5u9D%2FjAGC%2FS%2FhhwfWikwe0BwHvuYjfsUAdqZtpzjZ0OrvqPZqyytf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718b07e3bb0771a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
9c05d374f5f2676fdc07246d7dac6a09
8ab143f32b5ae4ebc9ce407ff3b30cb5a374f844
2cc72e675b1903a739bf9c00bb6121020015c2f44c77433926a9e8d564715752

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 12:43:08 GMT
Expires: Sun, 04 Dec 2022 12:43:07 GMT
Etag: "8ab143f32b5ae4ebc9ce407ff3b30cb5a374f844"
Cache-Control: max-age=460106,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07e4985b511-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
c89fd394fcc2c1afd2d557ac08e53187
3e61c69da6e84992641895fd1e1f0792839a445c
502724033466614fee67407f17aa8d65dd13413b92a5537c124401b2944db30b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 13:11:48 GMT
Expires: Mon, 05 Dec 2022 13:11:47 GMT
Etag: "3e61c69da6e84992641895fd1e1f0792839a445c"
Cache-Control: max-age=548226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07e8f70b521-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
78bd90691c3b7d1a116b712d04d55c1c
7f7f44c164b14e28dc5061f6bac8ac6be37b600f
bbe91ea3e608060e1a47bd356ff847e5ce9c3e4c4a023df7fb8f10421529338b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BBE91EA3E608060E1A47BD356FF847E5CE9C3E4C4A023DF7FB8F10421529338B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21592
Expires: Tue, 29 Nov 2022 10:44:32 GMT
Date: Tue, 29 Nov 2022 04:44:40 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6bd21476a278c3fb33f4d879a9733abd
f20a0e273eba0725b9c32930bb933ae506ef37ad
29b482a308e359810dac2fad59f1019d6de84fde3b2efbdef4fed48b0f04c1a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=87385
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:40 GMT
Etag: "63844090-117"
Expires: Wed, 30 Nov 2022 05:01:05 GMT
Last-Modified: Mon, 28 Nov 2022 05:01:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_46dfb3e9274e23e0d_WXIMAGE_627304b737364e258e066967a8a60033.jpg

113.96.208.98

403 Forbidden

0 B

URL HTTP/2
yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_46dfb3e9274e23e0d_WXIMAGE_627304b737364e258e066967a8a60033.jpg
IP
113.96.208.98:0
ASN
#4134 Chinanet

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fsna/kf-file/kf_pic/20221107/KFPIC_46dfb3e9274e23e0d_WXIMAGE_627304b737364e258e066967a8a60033.jpg HTTP/1.1
Host: yzf.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Tue, 29 Nov 2022 04:44:40 GMT
content-length: 0
set-cookie: tgw_l7_route=f690564c543fe1be3bf9ecd86f047974; Expires=Tue, 29-Nov-2022 04:49:40 GMT; Path=/
server: nginx/1.12.2
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f131edc09112a7012ae8a51da3879dd
9904fe331a39a5745bd6032da20848e758378156
223451a8e5537cf847acd349653e10a21b92a8a0c6033ac7924827e854f4ed04

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:44:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif

45.61.212.129

200 OK

161 kB

URL HTTP/1.1
585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
IP
45.61.212.129:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 320 x 185\012- data
Size
161 kB (160599 bytes)
Hash
1e6146135f463f9dd5a91b6ec27e6dc6
b4871d778c720ce51a7c0e9fef07230b6ac0935a
ee63a02abc03ac35bb66a8010518568351f9215b346ffdc244f6b8926ff08519

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /41b638d808b64a4db1c3e57fb5622e78.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9085-27357"
Date: Tue, 22 Nov 2022 00:37:41 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:19:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-29
Content-Length: 160599

sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif

120.77.166.72

200 OK

479 kB

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 120\012- data
Size
479 kB (478685 bytes)
Hash
5bf732e915baf1d960c69a7dfeb3ef7c
dab765903785eb638106a06c2dc636daa1842a01
e986d2a1b3591d88a0f5ca8c1f5192b77f130f495dfe7af3a73ab51ae8ca17c7

HTTP Headers

GET /af/q960x120-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: image/gif
Content-Length: 478685
Connection: keep-alive
x-oss-request-id: 63858E36FF7A843436E234C2
Accept-Ranges: bytes
ETag: "5BF732E915BAF1D960C69A7DFEB3EF7C"
Last-Modified: Tue, 27 Sep 2022 07:43:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8402549840524505905
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: W/cy6RW68dlgxpp9/rPvfA==
x-oss-server-time: 3

img.2559u.com/images/636ce31fc474e9c06ec29f98.gif

185.239.226.23

302 Found

471 B

URL HTTP/2
img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type
data
Size
471 B (471 bytes)
Hash
fe9e74c1bc4c0387895fe6590f479322
de9ee91959920002353b1f6052a77ac41287b5fe
50eabf2239e98618ee1558ce0c20c68b4a1d6c3ff5dfc0662b15abf2cda26e83

HTTP Headers

GET /images/636ce31fc474e9c06ec29f98.gif HTTP/1.1
Host: img.2559u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
X-Firefox-Spdy: h2

sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif

120.77.166.119

200 OK

614 kB

URL HTTP/1.1
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP
120.77.166.119:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
614 kB (614471 bytes)
Hash
b5d129edaaaec2db9b9fbdbb13e162ff
65f3ce758707891ffd332f10aa834db951797eff
5d05e4e57c27de7a91acd77be5e011b27d207edf3125163ab66dc23af7dd2952

HTTP Headers

GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: image/gif
Content-Length: 614471
Connection: keep-alive
x-oss-request-id: 63858E36FFFE3D3430CB31C9
Accept-Ranges: bytes
ETag: "B5D129EDAAAEC2DB9B9FBDBB13E162FF"
Last-Modified: Sun, 20 Nov 2022 08:15:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1485979328286445117
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: tdEp7aquwtubn727E+Fi/w==
x-oss-server-time: 3

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
c89fd394fcc2c1afd2d557ac08e53187
3e61c69da6e84992641895fd1e1f0792839a445c
502724033466614fee67407f17aa8d65dd13413b92a5537c124401b2944db30b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 13:11:48 GMT
Expires: Mon, 05 Dec 2022 13:11:47 GMT
Etag: "3e61c69da6e84992641895fd1e1f0792839a445c"
Cache-Control: max-age=548226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718b07ff876b527-OSL

aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif

47.56.33.49

200 OK

294 kB

URL HTTP/1.1
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
IP
47.56.33.49:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 1000 x 120\012- data
Size
294 kB (294418 bytes)
Hash
b5f554e2887180883376a154c0d49550
054d301265d3dcfae8744965a1ecd81c39d938c9
07cb8aac7eb97f735999f176016eb0f26e1b4958acfb3924d22c9ff901250b2a

HTTP Headers

GET /b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif HTTP/1.1
Host: aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:44:38 GMT
Content-Type: image/gif
Content-Length: 294418
Connection: keep-alive
x-oss-request-id: 63858E36D14BBC34332D016F
Vary: Origin
Accept-Ranges: bytes
ETag: "B5F554E2887180883376A154C0D49550"
Last-Modified: Tue, 25 Jan 2022 08:46:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7927258656666560621
x-oss-storage-class: Standard
Content-Disposition: inline;filename=899E8306-3565-4974-AD46-916F3A0C3E17.gif
Content-MD5: tfVU4ohxgIgzdqFUwNSVUA==
x-oss-server-time: 2

p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0

43.129.255.47

200 OK

331 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
IP
43.129.255.47:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:56:24 GMT
cache-control: max-age=2592000
x-delay: 48448 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: a426082d-fb9e-4d12-bdb8-7d335588fdaf
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif

52.184.85.124

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (211695 bytes)
Hash
0b39ec7c3e074e11a5629819f3aa4700
df59dbbb9d99b72d01f518d9c8484cd188440f0f
f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8

HTTP Headers

GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:38:09 GMT
ETag: "1668166689"
Expires: Sun, 11 Dec 2022 11:38:09 GMT
Last-Modified: Fri, 11 Nov 2022 11:38:09 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif

52.184.85.124

200 OK

252 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
252 kB (251962 bytes)
Hash
feb5419ef22c0a10470f6cfe2b0f1517
412e6b8e6f4244071851549b9d5ba5fdf9a5b631
d889e702650ec0543cef9a6d281f576366872f31463f3b707498aac5cef2ae07

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:43:22 GMT
ETag: "1667486603"
Expires: Sat, 03 Dec 2022 14:43:22 GMT
Last-Modified: Thu, 03 Nov 2022 14:43:23 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif

52.184.85.124

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (212163 bytes)
Hash
14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:44 GMT
ETag: "1667486444"
Expires: Sat, 03 Dec 2022 14:40:44 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:44 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif

52.184.85.124

200 OK

258 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
258 kB (257993 bytes)
Hash
038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:00 GMT
ETag: "1667494383"
Expires: Sat, 03 Dec 2022 16:53:00 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:03 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif

52.184.85.124

200 OK

261 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
261 kB (261015 bytes)
Hash
68ca80e6c19384277e66f07f304b6ed7
680dea475bf73401cd981b5d64f81a23c5536fed
cdbf4e9a6e9fd6b14415c2039f70aef83ec4067c4d82510246096432cd8b93a8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894189710457.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

885364.com/af487946377641ea8b2db51483f4b919.gif

47.75.19.145

200 OK

33 kB

URL HTTP/1.1
885364.com/af487946377641ea8b2db51483f4b919.gif
IP
47.75.19.145:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 250 x 150\012- data
Size
33 kB (33267 bytes)
Hash
bc3f27f450ad0ebd19370d3737fc2e07
f1ac03dc00b5370bafdfdc604cea7f8bbdb3d75b
f76a84ddee61f9d582915900d7074fbb4c989b9669c3f871fd9fbf465895cbe1

HTTP Headers

GET /af487946377641ea8b2db51483f4b919.gif HTTP/1.1
Host: 885364.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: image/gif
Content-Length: 33267
Connection: keep-alive
x-oss-request-id: 63858E38051F683630DA8E3B
Accept-Ranges: bytes
ETag: "BC3F27F450AD0EBD19370D3737FC2E07"
Last-Modified: Tue, 02 Aug 2022 10:36:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2465277436600690179
x-oss-storage-class: Standard
Content-MD5: vD8n9FCtDr0ZNw03N/wuBw==
x-oss-server-time: 2

yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg

113.96.208.98

403 Forbidden

0 B

URL HTTP/2
yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg
IP
113.96.208.98:0
ASN
#4134 Chinanet

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg HTTP/1.1
Host: yzf.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Tue, 29 Nov 2022 04:44:40 GMT
content-length: 0
set-cookie: tgw_l7_route=f269fee9b6566b9c6f92d3317870bb0e; Expires=Tue, 29-Nov-2022 04:49:40 GMT; Path=/
server: nginx/1.12.2
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif

52.184.85.124

200 OK

245 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
245 kB (245365 bytes)
Hash
15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:42 GMT
ETag: "1667486442"
Expires: Sat, 03 Dec 2022 14:40:42 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif

52.184.85.124

200 OK

133 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
133 kB (133073 bytes)
Hash
f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

n0566.com/930e01d640b64ec088f2b1425d5bf100.gif

20.222.117.184

200 OK

39 kB

URL HTTP/1.1
n0566.com/930e01d640b64ec088f2b1425d5bf100.gif
IP
20.222.117.184:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 300 x 174\012- data
Size
39 kB (38658 bytes)
Hash
cd246f11bfaa71b1104355cd399cfe1a
cb176b03649f6bfc9b14be7171f71af26a591750
abbdeeed18db78c21f10aaa3059fdb6e11f7a30ace6ee9c59a144dd0aaf383e1

HTTP Headers

GET /930e01d640b64ec088f2b1425d5bf100.gif HTTP/1.1
Host: n0566.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 28 Nov 2022 11:38:23 GMT
ETag: W/"63849daf-b343"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif

52.184.85.124

200 OK

132 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
132 kB (131724 bytes)
Hash
6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

3p8801.co/a-960x60.gif

107.148.202.17

200 OK

49 kB

URL HTTP/2
3p8801.co/a-960x60.gif
IP
107.148.202.17:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
49 kB (49174 bytes)
Hash
bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db

HTTP Headers

GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Thu, 29 Dec 2022 04:44:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif

52.184.85.124

200 OK

143 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
143 kB (142810 bytes)
Hash
e7fa5fab9c6f638bf6e867ab976713a1
0e04672bf56def9eb8eef15e9aedc4b6ead6dd05
1145d5d9f499e6f3e2818a598b72cf02ff750ba41752bc94ff06513a522ee23e

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958053685368.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:23:20 GMT
ETag: "1667550200"
Expires: Sun, 04 Dec 2022 08:23:20 GMT
Last-Modified: Fri, 04 Nov 2022 08:23:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif

120.77.166.72

200 OK

112 kB

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 640 x 350\012- data
Size
112 kB (112297 bytes)
Hash
8bb96c4387fdae545693ec79e18c0278
e0428e9c4e3f04c38ef89e236c37e523151329c6
0222f1b7240cf95fca28796002c45ea1b6cd976750e3223f25d2aaeeb1b6c106

HTTP Headers

GET /1212/af640x350.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:44:39 GMT
Content-Type: image/gif
Content-Length: 112297
Connection: keep-alive
x-oss-request-id: 63858E37DDEEC03535AFC0B3
Accept-Ranges: bytes
ETag: "8BB96C4387FDAE545693EC79E18C0278"
Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9438539724646848523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i7lsQ4f9rlRWk+x54YwCeA==
x-oss-server-time: 4

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif

52.184.85.124

200 OK

138 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
138 kB (137556 bytes)
Hash
bd3f6c291cab93e830a11147c254ba40
84e34f4b6d924250b792926a4000b057496a171c
f83c49320f5c7ebedeeb3c449113fc15dd505bcc55a074c6c4cbebc3fb3a209f

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958002923244.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

img.2557u.com/images/638454d8b5eb6667f536d127.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.2557u.com/images/638454d8b5eb6667f536d127.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638454d8b5eb6667f536d127.gif HTTP/1.1
Host: img.2557u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5cd35a27ffb84b129a891385b65cc0a7
X-Firefox-Spdy: h2

img.1129555.com/images/6375e9e9e718d3da5a918058.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.1129555.com/images/6375e9e9e718d3da5a918058.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6375e9e9e718d3da5a918058.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif

52.184.85.124

200 OK

0 B

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894256451036.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:12:17 GMT
ETag: "1667491937"
Expires: Sat, 03 Dec 2022 16:12:17 GMT
Last-Modified: Thu, 03 Nov 2022 16:12:17 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

img.9197x.com/images/638454e5b5eb6667f536d129.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.9197x.com/images/638454e5b5eb6667f536d129.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638454e5b5eb6667f536d129.gif HTTP/1.1
Host: img.9197x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4ff1a513aa73420d92efe66a30521499
X-Firefox-Spdy: h2

img.9712x.com/images/63523e235fe50f0585d3ef83.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.9712x.com/images/63523e235fe50f0585d3ef83.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/63523e235fe50f0585d3ef83.gif HTTP/1.1
Host: img.9712x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:36 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 13:22:18 GMT
vary: Accept-Encoding
etag: W/"6382130a-517"
expires: Tue, 29 Nov 2022 16:44:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

539397377.com/db431bafa2474156b9fddc3d9c277b4d.gif

47.75.19.145

200 OK

0 B

URL HTTP/1.1
539397377.com/db431bafa2474156b9fddc3d9c277b4d.gif
IP
47.75.19.145:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /db431bafa2474156b9fddc3d9c277b4d.gif HTTP/1.1
Host: 539397377.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:44:40 GMT
Content-Type: image/gif
Content-Length: 176976
Connection: keep-alive
x-oss-request-id: 63858E380E14E431326BE734
Accept-Ranges: bytes
ETag: "5C383B781891F009BFE7545EB03E78D9"
Last-Modified: Fri, 23 Sep 2022 09:18:01 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8278321731206139918
x-oss-storage-class: Standard
Content-MD5: XDg7eBiR8Am/51ResD542Q==
x-oss-server-time: 2

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif

52.184.85.124

200 OK

0 B

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894518194257.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:42:01 GMT
ETag: "1667486521"
Expires: Sat, 03 Dec 2022 14:42:01 GMT
Last-Modified: Thu, 03 Nov 2022 14:42:01 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

taiwtp1.com/img/960240.gif

220.128.218.220

200 OK

0 B

URL HTTP/2
taiwtp1.com/img/960240.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:42:12 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Thu, 29 Dec 2022 04:42:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.9219x.com/images/6381f7d0fbdac46b425ad664.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.9219x.com/images/6381f7d0fbdac46b425ad664.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6381f7d0fbdac46b425ad664.gif HTTP/1.1
Host: img.9219x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246
X-Firefox-Spdy: h2

3p8801.co/11-960x60.gif

107.148.202.17

200 OK

0 B

URL HTTP/2
3p8801.co/11-960x60.gif
IP
107.148.202.17:0
ASN
#54600 PEGTECHINC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:38 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Thu, 29 Dec 2022 04:44:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

static.qwahk.com/960x60.gif

206.119.105.167

200 OK

0 B

URL HTTP/1.1
static.qwahk.com/960x60.gif
IP
206.119.105.167:0
ASN
#140224 STARCLOUD GLOBAL PTE., LTD.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 477289
Content-Type: image/gif;charset=UTF-8
Date: Fri, 04 Nov 2022 05:24:22 GMT
ETag: "1667539462"
Last-Modified: Fri, 04 Nov 2022 05:24:22 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 anxun42:2 (W)
X-Cache: HIT, server, disk
X-Px: ms anxun42000(origin)
X-Reqid: 201921416722818020221104132422Vjecd9ZYsampled
X-Ws-Request-Id: 6364a206_anxun42_30023-57835

3p8801.co/yy-960x60.gif

107.148.202.17

200 OK

0 B

URL HTTP/2
3p8801.co/yy-960x60.gif
IP
107.148.202.17:0
ASN
#54600 PEGTECHINC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:39 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Thu, 29 Dec 2022 04:44:39 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys88.net/news/data.php

173.231.12.68

200 OK

0 B

URL HTTP/2
www.jxys88.net/news/data.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /news/data.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:44:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations