urlquery - report: weightloss-meals.com/gym-and-meals

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
tt.1468tu.com (2)	0	No data	No data	43.153.174.204	Unknown ranking
kveff.com (1)	0	2022-08-16 11:07:26 UTC	2022-11-29 01:45:47 UTC	64.32.13.142	Unknown ranking
5593qq.com (1)	0	2017-04-17 16:53:24 UTC	2017-09-11 10:27:49 UTC	45.61.212.228	Unknown ranking
ocsp.pki.goog (2)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
223969ufy.com (1)	0	No data	No data	103.170.15.109	Unknown ranking
ocsp.globalsign.com (2)	2075	2012-07-20 17:46:16 UTC	2020-05-02 20:58:10 UTC	104.18.21.226
e1.o.lencr.org (9)	6159	No data	No data	23.36.77.32
339282bdb.com (2)	0	No data	No data	103.170.15.103	Unknown ranking
i.ibb.co (1)	13485	2018-11-25 10:13:48 UTC	2022-11-28 09:04:05 UTC	162.19.58.156
api.79zxcv.com (3)	0	No data	No data	18.141.56.242	Unknown ranking
p3.douyinpic.com (6)	23536	No data	No data	47.246.44.228
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-28 05:55:58 UTC	34.102.187.140
www.jxys12.xyz (10)	0	2022-08-17 05:55:24 UTC	2022-11-27 14:04:25 UTC	173.231.38.5	Unknown ranking
zhibo128x.xyz (2)	0	No data	No data	154.83.25.141	Unknown ranking
sz88.oss-cn-shenzhen.aliyuncs.com (2)	0	2022-06-01 18:03:12 UTC	2022-11-29 01:45:47 UTC	120.77.166.72	Domain (aliyuncs.com) ranked at: 1959
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com (1)	0	2022-06-02 10:46:58 UTC	2022-11-28 12:04:31 UTC	47.56.33.49	Domain (aliyuncs.com) ranked at: 1959
sszhan.oss-cn-shenzhen.aliyuncs.com (1)	0	2022-08-12 16:47:21 UTC	2022-11-28 12:04:30 UTC	120.77.166.119	Domain (aliyuncs.com) ranked at: 1959
539397377.com (1)	0	No data	No data	47.75.19.145	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
dimg04.c-ctrip.com (1)	139731	2014-05-08 16:11:11 UTC	2019-09-28 12:59:51 UTC	104.110.17.24
ocsp.buypass.com (2)	157566	2018-06-15 05:12:14 UTC	2020-04-24 21:44:29 UTC	23.36.76.200
200.benbenys.com (1)	0	2022-11-10 04:20:23 UTC	2022-11-28 12:04:31 UTC	23.224.61.222	Unknown ranking
dvcasha2.ocsp-certum.com (2)	71753	2014-11-27 08:04:42 UTC	2020-02-10 00:10:06 UTC	23.36.79.17
kvkddd.top (2)	0	2022-05-01 09:53:48 UTC	2022-11-29 02:18:13 UTC	104.21.233.183	Unknown ranking
www.yssydh.top (1)	0	2022-08-05 15:26:13 UTC	2022-11-28 12:04:31 UTC	172.67.209.49	Unknown ranking
img.2559u.com (1)	0	No data	No data	185.239.226.23	Unknown ranking
n0566.com (1)	0	2021-02-01 01:45:29 UTC	2021-02-01 01:45:29 UTC	20.222.117.184	Unknown ranking
img.1129555.com (1)	0	No data	No data	185.239.226.23	Unknown ranking
img.9712x.com (1)	0	No data	No data	185.239.226.23	Unknown ranking
www.weightloss-meals.com (4)	0	2020-05-31 22:37:11 UTC	2021-11-14 04:35:59 UTC	107.165.125.108	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
kvezz.com (1)	237784	2021-10-17 08:32:09 UTC	2022-11-29 01:49:06 UTC	45.154.215.92
si1.go2yd.com (1)	325918	2018-06-23 18:58:20 UTC	2020-04-26 02:29:18 UTC	163.171.140.79
p.qlogo.cn (2)	48578	2014-01-15 11:11:45 UTC	2020-05-03 00:28:53 UTC	43.129.255.47
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.89.255.30
api.share.baidu.com (1)	44629	2013-04-25 14:45:11 UTC	2020-05-14 13:49:44 UTC	182.61.201.94
ocsp2.globalsign.com (6)	1544	2012-05-23 18:10:04 UTC	2020-03-15 21:19:16 UTC	104.18.20.226
kvemm.com (2)	222018	2021-10-18 01:51:02 UTC	2022-11-29 01:23:35 UTC	64.32.13.142
362728tdg.com (1)	0	No data	No data	103.170.15.113	Unknown ranking
img.2557u.com (1)	0	No data	No data	185.239.226.23	Unknown ranking
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-28 05:53:26 UTC	34.117.237.239
ocsp.digicert.cn (3)	37572	No data	No data	47.246.44.205
max009.top (2)	0	2022-11-27 10:20:00 UTC	2022-11-28 13:36:46 UTC	104.21.79.112	Unknown ranking
8499163.com (1)	0	No data	No data	172.247.50.229	Unknown ranking
u1022.com (1)	0	2021-02-01 01:45:41 UTC	2021-02-01 01:45:41 UTC	103.189.109.79	Unknown ranking
r3.o.lencr.org (19)	344	No data	No data	23.36.77.32
push.zhanzhang.baidu.com (1)	57139	2015-07-22 05:44:02 UTC	2020-04-25 10:56:18 UTC	112.34.113.148
kvmaa.com (2)	0	2015-11-06 04:44:54 UTC	2022-11-29 02:05:33 UTC	170.178.176.170	Unknown ranking
nvhbbb.top (2)	0	2022-04-10 08:43:59 UTC	2022-11-29 02:05:34 UTC	104.21.55.74	Unknown ranking
kvkggg.top (1)	0	2022-11-08 06:39:56 UTC	2022-11-29 01:49:06 UTC	172.67.154.165	Unknown ranking
885364.com (1)	0	No data	No data	47.75.19.145	Unknown ranking
ocsp2.globalsign.com (6)	1544	2012-05-23 18:10:04 UTC	2020-03-15 21:19:16 UTC	104.18.21.226
acoosso.top (1)	631702	2021-11-15 06:18:20 UTC	2022-11-29 04:05:44 UTC	91.195.240.12
fmlb.netlbtu.com (3)	187701	2021-09-14 11:57:06 UTC	2022-11-29 02:18:12 UTC	172.247.77.90
max002.top (1)	0	2022-11-22 10:48:42 UTC	2022-11-29 01:45:49 UTC	104.21.233.253	Unknown ranking
img.9197x.com (1)	0	No data	No data	185.239.226.23	Unknown ranking
max004.top (1)	0	2022-11-22 10:52:09 UTC	2022-11-28 10:02:35 UTC	172.67.222.73	Unknown ranking
yzf.qq.com (2)	627844	No data	No data	113.96.208.98
3p8801.co (3)	0	2022-07-05 12:28:12 UTC	2022-11-29 01:45:46 UTC	107.148.202.17	Unknown ranking
img.9219x.com (1)	0	No data	No data	185.239.226.23	Unknown ranking
www.jxys88.net (3)	0	2022-01-15 01:49:35 UTC	2022-11-28 12:04:27 UTC	173.231.12.68	Unknown ranking
imagedelivery.net (2)	255311	2021-09-20 12:34:55 UTC	2022-11-29 02:48:47 UTC	104.18.2.36
kzecc.com (1)	0	2017-01-29 04:39:36 UTC	2022-11-28 15:51:59 UTC	64.32.13.142	Unknown ranking
592773xgg.com (1)	0	No data	No data	103.170.15.103	Unknown ranking
8499225.com (1)	0	No data	No data	172.247.50.228	Unknown ranking
sysupload.csiteadmin.com (12)	0	No data	No data	52.184.85.124	Unknown ranking
ob699.cc (1)	0	2022-09-25 21:28:39 UTC	2022-11-28 12:04:43 UTC	45.153.131.58	Unknown ranking
taiwtp1.com (2)	0	2022-04-08 07:06:08 UTC	2022-11-28 20:18:09 UTC	220.128.218.220	Unknown ranking
hm.baidu.com (5)	8254	2012-05-26 08:38:45 UTC	2020-02-11 02:47:13 UTC	103.235.46.191
kvevv.com (2)	0	2022-05-01 01:44:50 UTC	2022-11-29 02:19:23 UTC	64.32.13.142	Unknown ranking
zerossl.ocsp.sectigo.com (8)	4049	No data	No data	172.64.155.188
628536nyv.com (1)	0	No data	No data	103.170.15.113	Unknown ranking
static.qwahk.com (1)	0	No data	No data	206.119.105.167	Unknown ranking
ocsp.digicert.com (12)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
weightloss-meals.com (1)	0	2020-05-31 22:37:11 UTC	2022-11-26 04:40:20 UTC	107.165.125.108	Unknown ranking
ocsp.sectigo.com (16)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	104.18.32.68
lbfm.lbpictupian.com (27)	0	2022-10-09 16:47:38 UTC	2022-11-28 20:18:07 UTC	104.22.12.214	Unknown ranking
829355rff.com (1)	0	No data	No data	103.170.15.103	Unknown ranking
585227ybn.com (1)	0	No data	No data	45.61.212.129	Unknown ranking

Scan Date	Severity	Indicator	Comment
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	339282bdb.com	Sinkholed
2022-11-29	2	79zxcv.com	Sinkholed
2022-11-29	2	79zxcv.com	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	223969ufy.com	Sinkholed
2022-11-29	2	339282bdb.com	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	362728tdg.com	Sinkholed
2022-11-29	2	628536nyv.com	Sinkholed
2022-11-29	2	79zxcv.com	Sinkholed
2022-11-29	2	829355rff.com	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed
2022-11-29	2	585227ybn.com	Sinkholed
2022-11-29	2	jxys12.xyz	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-01-05 22:16:41 +0000	0 - 4 - 8	weightloss-meals.com/gym-and-meals	107.165.125.108
2022-12-14 22:26:36 +0000	0 - 0 - 8	weightloss-meals.com/gym-and-meals	107.165.125.108
2022-11-29 04:44:45 +0000	0 - 0 - 20	weightloss-meals.com/gym-and-meals	107.165.125.108

Date	UQ / IDS / BL	URL	IP
2023-02-03 09:41:22 +0000	0 - 6 - 25	yual.top/files/penelop/updatewin.exe	142.111.175.71
2023-02-03 09:22:43 +0000	0 - 7 - 5	xpgeeks.com/wp-content/themes/iblog2/images/i (...)	142.111.225.16
2023-02-03 05:40:46 +0000	0 - 0 - 4	36ting.com/english/xwzx/jdxw/index.htm	45.38.81.236
2023-02-03 04:51:17 +0000	0 - 8 - 24	plnv.top/files/penelop/5.exe	142.111.175.48
2023-02-03 02:54:31 +0000	0 - 0 - 4	zjpeihua.com/products_detail/productId=217.html	107.187.93.196

Date	UQ / IDS / BL	URL	IP
2023-01-05 22:16:41 +0000	0 - 4 - 8	weightloss-meals.com/gym-and-meals	107.165.125.108
2022-12-14 22:26:36 +0000	0 - 0 - 8	weightloss-meals.com/gym-and-meals	107.165.125.108
2022-11-29 04:44:45 +0000	0 - 0 - 20	weightloss-meals.com/gym-and-meals	107.165.125.108

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4096 Expires: Tue, 29 Nov 2022 05:52:47 GMT Date: Tue, 29 Nov 2022 04:44:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2d2e7649ce9e9ba6fc8b68aa89352e3c Sha1: 0153d1d3d830a457043e16bb40d48a0b9ddef4b8 Sha256: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4937 Cache-Control: max-age=112147 Date: Tue, 29 Nov 2022 04:44:31 GMT Etag: "63848df9-1d7" Expires: Wed, 30 Nov 2022 11:53:38 GMT Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9408cc0694fcbea57966c3a3ba906092 Sha1: fddcee1fdcf3209298e41a4b1b5560357fa165f0 Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5368 Expires: Tue, 29 Nov 2022 06:13:59 GMT Date: Tue, 29 Nov 2022 04:44:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9fce5679881bf302a8978a0b462f01a9 Sha1: b699fe030ea13ac73813e655c42ed9b531925e2b Sha256: a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 29 Nov 2022 04:19:35 GMT cache-control: public,max-age=3600 age: 1496 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: v7Wq+KlF0cJ8sPlgPupBf7N4Cc5lGS/ILGsiN7bxYZ9VDU9iLgHCKKEZh3Lfd0aIZCOuMKyO1a6+nyN/3xb94w== x-amz-request-id: KXXE7W40NBKFTSCV content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 29 Nov 2022 03:45:17 GMT age: 3554 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /gym-and-meals HTTP/1.1 Host: weightloss-meals.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: weightloss-meals.com/gym-and-meals FQDN: weightloss-meals.com IP: 107.165.125.108 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 107.165.125.108 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Tue, 29 Nov 2022 04:44:30 GMT Content-Length: 0 Connection: keep-alive Location: http://www.weightloss-meals.com/gym-and-meals --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 29 Nov 2022 04:44:32 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 29 Nov 2022 04:11:13 GMT cache-control: public,max-age=3600 age: 1999 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /gym-and-meals HTTP/1.1 Host: www.weightloss-meals.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: www.weightloss-meals.com/gym-and-meals FQDN: www.weightloss-meals.com IP: 107.165.125.108 HASH: f529b0ebc5e1f012afefc84e9e941c47217795f1aa56578c55d00bbdca4ed34a 107.165.125.108 HTTP/1.1 200 OK Content-Type: text/html Server: nginx Date: Tue, 29 Nov 2022 04:44:31 GMT Content-Length: 783 Connection: keep-alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators Size: 783 Md5: a942daf4507d5ead8823e6851783c6d8 Sha1: a8a0cd5991f301b6f7e113222b2b5252d6fe5e56 Sha256: f529b0ebc5e1f012afefc84e9e941c47217795f1aa56578c55d00bbdca4ed34a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2903 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 04:44:32 GMT Last-Modified: Tue, 29 Nov 2022 03:56:09 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7ab2ef968cb6a3078f4b9cb2dda813d4 Sha1: e669116047ca058a2c1b2999ff0ea8682719162c Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
GET /tj.js HTTP/1.1 Host: www.weightloss-meals.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.weightloss-meals.com/gym-and-meals	URL: www.weightloss-meals.com/tj.js FQDN: www.weightloss-meals.com IP: 107.165.125.108 HASH: ab4722cfa6736dc75c10a0b0049115cb92910e5779f164f5347caadf1efc4fcd 107.165.125.108 HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Tue, 29 Nov 2022 04:44:31 GMT Content-Length: 518 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 518 Md5: 42d13181dd4c01c00e9e51359fa72da3 Sha1: f42486f56c3ad0f9c1c924173afd2125a58b64f0 Sha256: ab4722cfa6736dc75c10a0b0049115cb92910e5779f164f5347caadf1efc4fcd
GET /common.js HTTP/1.1 Host: www.weightloss-meals.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.weightloss-meals.com/gym-and-meals	URL: www.weightloss-meals.com/common.js FQDN: www.weightloss-meals.com IP: 107.165.125.108 HASH: 788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6 107.165.125.108 HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Tue, 29 Nov 2022 04:44:31 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators Size: 738 Md5: 70670d0986c3d241b2799f9b5ae5e100 Sha1: e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b Sha256: 788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 7inrq3PXDfYiLw562JjiLw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.89.255.30 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.89.255.30 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: /wfhjgkyRoiBSa/wgNkO/AdLHlg= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsrsaovsslca2018 FQDN: ocsp.globalsign.com IP: 104.18.21.226 HASH: 99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:33 GMT Content-Length: 1432 Connection: keep-alive Expires: Sat, 03 Dec 2022 00:30:27 GMT ETag: "c450389711c5206d2afa7a2760d18f9658f6a36c" Last-Modified: Tue, 29 Nov 2022 00:30:28 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 3536 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7718b0546892b503-OSL --- Additional Info --- Magic: data Size: 1432 Md5: c60e4318a49ff8976f2f06944b2a81de Sha1: c450389711c5206d2afa7a2760d18f9658f6a36c Sha256: 99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsrsaovsslca2018 FQDN: ocsp.globalsign.com IP: 104.18.21.226 HASH: 99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:33 GMT Content-Length: 1432 Connection: keep-alive Expires: Sat, 03 Dec 2022 00:30:27 GMT ETag: "c450389711c5206d2afa7a2760d18f9658f6a36c" Last-Modified: Tue, 29 Nov 2022 00:30:28 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 3536 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7718b0546b16fac8-OSL --- Additional Info --- Magic: data Size: 1432 Md5: c60e4318a49ff8976f2f06944b2a81de Sha1: c450389711c5206d2afa7a2760d18f9658f6a36c Sha256: 99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f
GET /favicon.ico HTTP/1.1 Host: www.weightloss-meals.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.weightloss-meals.com/gym-and-meals	URL: www.weightloss-meals.com/favicon.ico FQDN: www.weightloss-meals.com IP: 107.165.125.108 HASH: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c 107.165.125.108 HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx Date: Tue, 29 Nov 2022 04:44:32 GMT Content-Length: 1150 Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT Connection: keep-alive ETag: "4e0d81df-47e" Expires: Sun, 04 Dec 2022 04:44:32 GMT Cache-Control: max-age=432000 Accept-Ranges: bytes --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 7ef1f0a0093460fe46bb691578c07c95 Sha1: 2da3ffbbf4737ce4dae9488359de34034d1ebfbd Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d80fa2c6b1557f7b0f5248b22f446ded80574518a0c28ddaf3a2d5318e37c652 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D80FA2C6B1557F7B0F5248B22F446DED80574518A0C28DDAF3A2D5318E37C652" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21532 Expires: Tue, 29 Nov 2022 10:43:25 GMT Date: Tue, 29 Nov 2022 04:44:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 939b39d5a9102979f7bbe5f4b313bf6e Sha1: 3f809386331164701f9a721ea95a92efe446b1eb Sha256: d80fa2c6b1557f7b0f5248b22f446ded80574518a0c28ddaf3a2d5318e37c652
GET /hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.weightloss-meals.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162 FQDN: hm.baidu.com IP: 103.235.46.191 HASH: d9d5b22d7d12510ef8f82df17ff0cc61040c60dbb72c62a352839b0f84807abd 103.235.46.191 HTTP/1.1 200 OK Content-Type: application/javascript Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11256 Date: Tue, 29 Nov 2022 04:44:33 GMT Etag: 208c320822c5a84ce156663e6d7c75d4 P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=027B2C8911AAA98D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 --- Additional Info --- Magic: ASCII text, with very long lines (618) Size: 11256 Md5: bc648390ae310cb651db5202ac4475b4 Sha1: c9c7e21f7767f30f1a45bba308609591aaeadb67 Sha256: d9d5b22d7d12510ef8f82df17ff0cc61040c60dbb72c62a352839b0f84807abd
GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.weightloss-meals.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824 FQDN: hm.baidu.com IP: 103.235.46.191 HASH: 4f89ac004f62c22ac6803f96b35b7194f8bc9978d3bec5b3fb45ac45b4fd13e4 103.235.46.191 HTTP/1.1 200 OK Content-Type: application/javascript Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11257 Date: Tue, 29 Nov 2022 04:44:33 GMT Etag: e37ca43078f1ca99ef01f211387e32b0 P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=8019131ACCF03D21; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 --- Additional Info --- Magic: ASCII text, with very long lines (619) Size: 11257 Md5: f2a724fe9ee2048d6dd1063744def378 Sha1: 5f4115e2f106523ef075bdc9e6e9c89232ef4e48 Sha256: 4f89ac004f62c22ac6803f96b35b7194f8bc9978d3bec5b3fb45ac45b4fd13e4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2301 Expires: Tue, 29 Nov 2022 05:22:55 GMT Date: Tue, 29 Nov 2022 04:44:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2301 Expires: Tue, 29 Nov 2022 05:22:55 GMT Date: Tue, 29 Nov 2022 04:44:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10445 x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvuDGHaIAMFn_w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 14:31:14 GMT age: 51200 etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10445 Md5: c76e3c4cc159bda9b9e887fcd449ba51 Sha1: 12d90c36bd455b3b859fdb761b6ed49ea9f98f80 Sha256: fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9376 x-amzn-requestid: 265257bd-0177-4e63-879b-e9f99d0d16c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cTZANFW2oAMFlyw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63846ecd-6767ccde3361eb593108603d;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 08:18:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ntQPVFK12XqhVCMlaq0oIDx7k6e2xQdp1Y67W1nG6ayhG1XFekz5CQ== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 09:53:30 GMT etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5" age: 67864 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9376 Md5: cce27a1fe8c0222811a5ce0e7f89e1cb Sha1: 28c165bac8cf68cd1b0763c311aece00672cb3a5 Sha256: 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3905 x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cMFcYHE6IAMFmpA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: qJi8Y13bwnYMJDH5WYNxMShIEZef1SYGdHsDY8_vJoPzwT0PhPr0hQ== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 07:10:04 GMT age: 77670 etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3905 Md5: 06723cdab42df9b5334f540a8c7ebc60 Sha1: 3bbc44cb84a37ce6a067db4301dd81647a77c29f Sha256: 9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8106 x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cVNnQEhQoAMFbLA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: UO4hCMgPgR4-ld-QCKgNPrq4p1gduUSA5R4ffZmnFodBj-1_NcFLmg== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 21:37:21 GMT age: 25633 etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8106 Md5: 5ab97acd46d3380fa12711c96b3c2d35 Sha1: b703ea2cc2fcd68e60135ff77d5a5f1b93fac128 Sha256: aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4916 x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYcrELFoAMFaeQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 03:18:11 GMT age: 5183 etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4916 Md5: 83c1fedec73299637cc7dc47c48af758 Sha1: 2e3f7326aeea6be8a34bf2c39b34862c07bfdc41 Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 17847348aa28dce436e4181ec86578e154c3a700b48df9bbdb771abaa3d2ed58 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4901 x-amzn-requestid: a5ad8fee-b892-4485-9975-40e183506a82 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIsO3HDGIAMFQgQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6380272b-5827122433cb8c6d5ab7e300;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 02:23:39 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: MSxsBockYtOQ1vJwadowGgFdFGyqM2R4ax2EQTLoVPu6y0hWy1H1sw== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 15:12:07 GMT age: 48747 etag: "3515adf47d25a17eec2a62d045d217cd23a0f985" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4901 Md5: c812ff38eed34e674ee4090ffc602358 Sha1: 3515adf47d25a17eec2a62d045d217cd23a0f985 Sha256: 17847348aa28dce436e4181ec86578e154c3a700b48df9bbdb771abaa3d2ed58
GET /push.js HTTP/1.1 Host: push.zhanzhang.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.weightloss-meals.com/	URL: push.zhanzhang.baidu.com/push.js FQDN: push.zhanzhang.baidu.com IP: 112.34.113.148 HASH: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5 112.34.113.148 HTTP/1.1 200 OK Content-Type: text/javascript Accept-Ranges: bytes Cache-Control: max-age=31536000 Content-Encoding: gzip Content-Length: 227 Date: Tue, 29 Nov 2022 04:44:34 GMT Etag: "4078521116" Expires: Wed, 29 Nov 2023 04:44:34 GMT Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT P3p: CP=" OTI DSP COR IVA OUR IND COM " Server: apache Set-Cookie: BAIDUID=1500C0FD21D1E62A03209BBD26B3920A:FG=1; max-age=31536000; expires=Wed, 29-Nov-23 04:44:34 GMT; domain=.baidu.com; path=/; version=1 Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with no line terminators Size: 227 Md5: e548b6ce15bb616c2bfba36e9cfbf307 Sha1: a348285d9928a6548a57569f1fb9d62bdd747f33 Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /news/index.php HTTP/1.1 Host: www.jxys88.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.weightloss-meals.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.jxys88.net/news/index.php FQDN: www.jxys88.net IP: 173.231.12.68 HASH: 6308772b260a93495bef907edf0fe60bbe46b4ca1f3de2a9f85ccfb063b69dd5 173.231.12.68 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 29 Nov 2022 04:44:33 GMT vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 630 Md5: c6923286d39474b573f61f9ad9dda249 Sha1: 491b5acbb92ddcb379820c2ccbdc9c7f977db5d8 Sha256: 6308772b260a93495bef907edf0fe60bbe46b4ca1f3de2a9f85ccfb063b69dd5
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=589690891&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=61878&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.weightloss-meals.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl (...) FQDN: hm.baidu.com IP: 103.235.46.191 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 103.235.46.191 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: private, max-age=0, no-cache Content-Length: 43 Date: Tue, 29 Nov 2022 04:44:34 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=25AB8517FF9465BB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /s.gif?l=http://www.weightloss-meals.com/gym-and-meals HTTP/1.1 Host: api.share.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.weightloss-meals.com/	URL: api.share.baidu.com/s.gif?l=http://www.weightloss-meals (...) FQDN: api.share.baidu.com IP: 182.61.201.94 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 182.61.201.94 HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Content-Length: 0 Date: Tue, 29 Nov 2022 04:44:35 GMT --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6f4a880197b3d80599716fdf39fbdf75c23b1ffa7cfbacf12d8406c25700c7f1 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6F4A880197B3D80599716FDF39FBDF75C23B1FFA7CFBACF12D8406C25700C7F1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6495 Expires: Tue, 29 Nov 2022 06:32:51 GMT Date: Tue, 29 Nov 2022 04:44:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 13d04f77a84f5ab5507368a4f4f4d123 Sha1: b099cc917ef53383a6f3d035c5a74d391c618302 Sha256: 6f4a880197b3d80599716fdf39fbdf75c23b1ffa7cfbacf12d8406c25700c7f1
GET /template/m1938pc/html9/ads/1.gif HTTP/1.1 Host: www.jxys12.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.jxys12.xyz/template/m1938pc/html9/ads/1.gif FQDN: www.jxys12.xyz IP: 173.231.38.5 HASH: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef 173.231.38.5 HTTP/2 200 OK content-type: image/gif server: nginx date: Tue, 29 Nov 2022 04:44:36 GMT content-length: 254 last-modified: Sat, 02 Apr 2022 12:20:12 GMT etag: "62483f7c-fe" expires: Thu, 29 Dec 2022 04:44:36 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 16 x 17\012- data Size: 254 Md5: b013f8fa3ec997fe20dc80b82af0ad0a Sha1: e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9 Sha256: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef Alerts: Blocklists: - quad9: Sinkholed
GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1 Host: www.jxys12.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif FQDN: www.jxys12.xyz IP: 173.231.38.5 HASH: 89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2 173.231.38.5 HTTP/2 200 OK content-type: image/gif server: nginx date: Tue, 29 Nov 2022 04:44:36 GMT content-length: 193193 last-modified: Fri, 11 Nov 2022 06:41:02 GMT etag: "636dee7e-2f2a9" expires: Thu, 29 Dec 2022 04:44:36 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 960 x 90\012- data Size: 193193 Md5: a0f25aca4ee2af38f3d3f5cbfde1bdf8 Sha1: 252b04cdfaa6918b897fc8ef8ae759469ca831eb Sha256: 89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2 Alerts: Blocklists: - quad9: Sinkholed
GET /template/m1938pc/static/images/pic.png HTTP/1.1 Host: www.jxys12.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.jxys12.xyz/template/m1938pc/static/images/pic.png FQDN: www.jxys12.xyz IP: 173.231.38.5 HASH: f4ea9875d59d8391034d2c230808d5812fd183e2c83751288cea542747f5ef53 173.231.38.5 HTTP/2 200 OK content-type: image/png server: nginx date: Tue, 29 Nov 2022 04:44:37 GMT content-length: 90 last-modified: Fri, 14 Jan 2022 04:46:48 GMT etag: "61e10038-5a" expires: Thu, 29 Dec 2022 04:44:37 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text Size: 90 Md5: 5341dd3aa19c0eb3bc809f9150e3e833 Sha1: 7beaba24a698410e4ffc93357d82c6f683cbaba1 Sha256: f4ea9875d59d8391034d2c230808d5812fd183e2c83751288cea542747f5ef53 Alerts: Blocklists: - quad9: Sinkholed
GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1 Host: www.jxys12.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.jxys12.xyz/template/m1938pc/static/fonts/font_59323 (...) FQDN: www.jxys12.xyz IP: 173.231.38.5 HASH: 1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72 173.231.38.5 HTTP/2 200 OK content-type: font/woff server: nginx date: Tue, 29 Nov 2022 04:44:37 GMT content-length: 13408 last-modified: Fri, 14 Jan 2022 04:47:30 GMT etag: "61e10062-3460" strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format, TrueType, length 13408, version 1.0\012- data Size: 13408 Md5: 99af6debcdaba3e7ffe01b4c3cbccacb Sha1: 4efda64b06cd7c294f6214623bcb634f3def3bd1 Sha256: 1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72 Alerts: Blocklists: - quad9: Sinkholed
GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332 FQDN: hm.baidu.com IP: 103.235.46.191 HASH: be6ba227226bd48acbfc765413c7284fab2055338cb8f6c217edce25090c11a6 103.235.46.191 HTTP/1.1 200 OK Content-Type: application/javascript Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11256 Date: Tue, 29 Nov 2022 04:44:37 GMT Etag: 6c922e423cac98bb2784befaa895596f P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=33103C5F1CD1609D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 --- Additional Info --- Magic: ASCII text, with very long lines (618) Size: 11256 Md5: f60c6b4b3e96075bca115394f8ba14a2 Sha1: d180dda7be8b95f7ed1ff0997f5d20a504747671 Sha256: be6ba227226bd48acbfc765413c7284fab2055338cb8f6c217edce25090c11a6
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=130580614&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=61882&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl (...) FQDN: hm.baidu.com IP: 103.235.46.191 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 103.235.46.191 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: private, max-age=0, no-cache Content-Length: 43 Date: Tue, 29 Nov 2022 04:44:37 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=58241065B30D6ED6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /58tu/405x204.gif HTTP/1.1 Host: tt.1468tu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive	URL: tt.1468tu.com/58tu/405x204.gif FQDN: tt.1468tu.com IP: 43.153.174.204 HASH: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 43.153.174.204 HTTP/1.1 301 Moved Permanently Content-Type: text/html Date: Tue, 29 Nov 2022 04:44:37 GMT Content-Length: 166 Connection: keep-alive Location: https://tt.1468tu.com:1382/58tu/405x204.gif Server: X-Y --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 166 Md5: 3ea1c8d079b38532a6e01a96216ba5e2 Sha1: 598d3ff91d3e252f1e13df8cf0348b270ff2da3f Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 976170bbfc62ba9a86f6ed104b8cc175fdf38a38d730d631e2bb1917c152cdab 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1598 Cache-Control: max-age=158480 Date: Tue, 29 Nov 2022 04:44:38 GMT Etag: "63855008-118" Expires: Thu, 01 Dec 2022 00:45:58 GMT Last-Modified: Tue, 29 Nov 2022 00:19:20 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 34ebb4233594cd8491eeacc5fa7314ec Sha1: 1a720e00c78b016f1046a2e62610078af600efe2 Sha256: 976170bbfc62ba9a86f6ed104b8cc175fdf38a38d730d631e2bb1917c152cdab
GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1 Host: imagedelivery.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b- (...) FQDN: imagedelivery.net IP: 104.18.2.36 HASH: ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8 104.18.2.36 HTTP/2 200 OK content-type: image/gif date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 308789 cf-ray: 7718b07198e71c0a-OSL accept-ranges: bytes access-control-allow-origin: * cache-control: max-age=172800 etag: "cf7jj0DExcr4Eulp_4fW43VFQZ8dO5Wny_BInlx8NnBQ" vary: Accept, Accept-Encoding cf-cache-status: HIT cf-bgj: imgq:0,h2pri cf-images: internal=ok/- q=0 n=515 c=29+582 v=2022.11.4 l=308789 content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none' warning: cf-images 299 "original is 182253B smaller" x-content-type-options: nosniff server: cloudflare alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 960 x 60\012- data Size: 308789 Md5: 799d622d8489838225bdf632d1ae4095 Sha1: 4f6c51fcc2b138919eaffddb4e0552eccd639540 Sha256: ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8
GET /xxx12345.gif HTTP/1.1 Host: ob699.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive	URL: ob699.cc/xxx12345.gif FQDN: ob699.cc IP: 45.153.131.58 HASH: b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0 45.153.131.58 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 19781 Last-Modified: Sat, 01 Oct 2022 06:45:45 GMT Connection: keep-alive ETag: "6337e219-4d45" Expires: Thu, 29 Dec 2022 04:44:38 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 225 x 135\012- data Size: 19781 Md5: 74f156899d26c1a1ef9108ee4023052d Sha1: 3d2f15dc81ee27a7832947bbb59a7836ccc7f027 Sha256: b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: c92ed85f05902ddb2b113d13fae24d9e9982b9439aeb0b182352fe78c6ffb3a6 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sun, 27 Nov 2022 16:16:55 GMT Expires: Sun, 04 Dec 2022 16:16:54 GMT Etag: "3cfdf7e959e288d04fa8eecee461533178db4db2" Cache-Control: max-age=472935,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b072fd1fb511-OSL --- Additional Info --- Magic: data Size: 472 Md5: 2db77de8cd9f561c89e82c3cc121f657 Sha1: 3cfdf7e959e288d04fa8eecee461533178db4db2 Sha256: c92ed85f05902ddb2b113d13fae24d9e9982b9439aeb0b182352fe78c6ffb3a6
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d114ef9d20151673a3845eabee68cfc9ff47bd0e45098b1fb2bcc03a54a5b624 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D114EF9D20151673A3845EABEE68CFC9FF47BD0E45098B1FB2BCC03A54A5B624" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=1897 Expires: Tue, 29 Nov 2022 05:16:15 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9a403262c308139c9b1764274621271a Sha1: ebdb13810e9d39bc528fd7ee78af0835a0013bb6 Sha256: d114ef9d20151673a3845eabee68cfc9ff47bd0e45098b1fb2bcc03a54a5b624
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: f91b7d1ccd13d6c7965fb93977776e019b7c3755bd40b7e76cbd4dab47c607c8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F91B7D1CCD13D6C7965FB93977776E019B7C3755BD40B7E76CBD4DAB47C607C8" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2020 Expires: Tue, 29 Nov 2022 05:18:18 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 224a592d7da2d456bca5fbe48af25c66 Sha1: 7811bd881e4fffb0d713b2495a4468b4ed4f289c Sha256: f91b7d1ccd13d6c7965fb93977776e019b7c3755bd40b7e76cbd4dab47c607c8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 9b348e405da997965bbfb5a714755ebe7b05744f6e83e4c635e42d5fa9e282d1 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9B348E405DA997965BBFB5A714755EBE7B05744F6E83E4C635E42D5FA9E282D1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18580 Expires: Tue, 29 Nov 2022 09:54:18 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1cdd23460571e06be2b5384a4362b213 Sha1: 16016e9ac93fc8ee63645863d0e6a0536e99de26 Sha256: 9b348e405da997965bbfb5a714755ebe7b05744f6e83e4c635e42d5fa9e282d1
GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1 Host: imagedelivery.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084- (...) FQDN: imagedelivery.net IP: 104.18.2.36 HASH: 2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4 104.18.2.36 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 24176 cf-ray: 7718b073d94f1c0a-OSL accept-ranges: bytes access-control-allow-origin: * cache-control: max-age=172800 etag: "cfECSi5uQ1bVzCSelFGwcyrA" vary: Accept, Accept-Encoding cf-cache-status: HIT cf-bgj: imgq:100,h2pri cf-images: internal=ok/- q=0 n=855 c=1+45 v=2022.10.4 l=24176 content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options: nosniff server: cloudflare alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 24176 Md5: 2ca0538b0b77324a38cf2b74f16cb6fe Sha1: 0ef6374accaaedf856fe2532b8001519894e7fbf Sha256: 2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: 481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "481C32F7F67F95E55A1FACFDDE3CDB7917E686D1BA1979F96089CB9D3B4F834A" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19254 Expires: Tue, 29 Nov 2022 10:05:32 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: fc796901ab3b12631015f01cd27c8d23 Sha1: d04e98b67b1455b1a6fb826506eef6f72297c187 Sha256: 481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a
POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp2.globalsign.com/gsorganizationvalsha2g2 FQDN: ocsp2.globalsign.com IP: 104.18.21.226 HASH: e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 1459 Connection: keep-alive Expires: Sat, 03 Dec 2022 01:55:04 GMT ETag: "703ba61cb928fc585c0cc2e870ce9e53dab82401" Last-Modified: Tue, 29 Nov 2022 01:55:05 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2333 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7718b073ec400b51-OSL --- Additional Info --- Magic: data Size: 1459 Md5: 9ab45e9920220fcf9443b2bf81ba6a7d Sha1: 703ba61cb928fc585c0cc2e870ce9e53dab82401 Sha256: e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55
POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp2.globalsign.com/gsorganizationvalsha2g2 FQDN: ocsp2.globalsign.com IP: 104.18.20.226 HASH: e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 1459 Connection: keep-alive Expires: Sat, 03 Dec 2022 01:55:04 GMT ETag: "703ba61cb928fc585c0cc2e870ce9e53dab82401" Last-Modified: Tue, 29 Nov 2022 01:55:05 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2333 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7718b073eb62fab8-OSL --- Additional Info --- Magic: data Size: 1459 Md5: 9ab45e9920220fcf9443b2bf81ba6a7d Sha1: 703ba61cb928fc585c0cc2e870ce9e53dab82401 Sha256: e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6b1ec32a3ce6d986ba2693569191df148e5b9eff019a18336a98a955b0dfbe3d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6B1EC32A3CE6D986BA2693569191DF148E5B9EFF019A18336A98A955B0DFBE3D" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9023 Expires: Tue, 29 Nov 2022 07:15:01 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2407bce7f479414a44ac764a4b56fbb3 Sha1: d41cfcd80b63de62dc36c6a127ef4f9d6399c020 Sha256: 6b1ec32a3ce6d986ba2693569191df148e5b9eff019a18336a98a955b0dfbe3d
GET /upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif HTTP/1.1 Host: www.yssydh.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622 (...) FQDN: www.yssydh.top IP: 172.67.209.49 HASH: 321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce 172.67.209.49 HTTP/2 200 OK content-type: image/gif date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 47538 last-modified: Wed, 27 Jul 2022 08:34:24 GMT etag: "62e0f890-b9b2" expires: Sat, 03 Dec 2022 16:45:35 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 2203143 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bs8U0lYlxFsZ%2FDWWgoNsikIhjLiogMM%2FlBth803Udf8LwobucTp4dxcYrukMdEfW9F23fzIIh2K1UwGv4LN6RQ7eE2K15nb6NahezPm8P6WLkR4GoyT%2FuK%2BEVcUm0BIeTQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7718b0742b58b518-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 150 x 150\012- data Size: 47538 Md5: 238e06fae36a60963dd217adc895c9e4 Sha1: feb1b8c405b5e162fb23a7727aedb83eae0a9e9f Sha256: 321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 9a386f7a255fc7ce125c07918a313d8877cdc084d5f5874eccfe116d7dfb2dbd 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Fri, 25 Nov 2022 20:52:34 GMT Expires: Fri, 02 Dec 2022 20:52:33 GMT Etag: "7745b6c7971f36e45d31df200626183f63b8db3f" Cache-Control: max-age=316674,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b072fb10b527-OSL --- Additional Info --- Magic: data Size: 471 Md5: 2dcd02f5e606a5de0774b49602d0b822 Sha1: 7745b6c7971f36e45d31df200626183f63b8db3f Sha256: 9a386f7a255fc7ce125c07918a313d8877cdc084d5f5874eccfe116d7dfb2dbd
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 300712a9df82ffbb5fd337feddd86f3b23bc602b78969fee87fda5d6de9b05f1 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 15:19:39 GMT Expires: Sat, 03 Dec 2022 15:19:38 GMT Etag: "2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1" Cache-Control: max-age=383099,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b072fab8b521-OSL --- Additional Info --- Magic: data Size: 471 Md5: b407444fc65f86948d0f257a7a63c73c Sha1: 2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1 Sha256: 300712a9df82ffbb5fd337feddd86f3b23bc602b78969fee87fda5d6de9b05f1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: fccfa19f97dab4686510892b89165f2391ff1cec9c6a16ec597fe4fcfd74165d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FCCFA19F97DAB4686510892B89165F2391FF1CEC9C6A16EC597FE4FCFD74165D" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8302 Expires: Tue, 29 Nov 2022 07:03:00 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 05a0f2361d59025f990151a11544fac7 Sha1: aacd1da65ef5f20449147ab2111a0ed0e589a86c Sha256: fccfa19f97dab4686510892b89165f2391ff1cec9c6a16ec597fe4fcfd74165d
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 771ecb84a2bc4aceb92524a4e44718a439eee03aa761f88a1e739378f1dbf330 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sun, 27 Nov 2022 15:31:14 GMT Expires: Sun, 04 Dec 2022 15:31:13 GMT Etag: "0ffef801a05eb8a92497aae04daeb6c2748de482" Cache-Control: max-age=470194,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b0738d56b511-OSL --- Additional Info --- Magic: data Size: 471 Md5: 0262bdb2a5c0432d40d36cd9e3f133b1 Sha1: 0ffef801a05eb8a92497aae04daeb6c2748de482 Sha256: 771ecb84a2bc4aceb92524a4e44718a439eee03aa761f88a1e739378f1dbf330
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 87050cc8e0e155a6fe7fd11ae7270d58f539f9a022be944778cad0a17ebef22f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87050CC8E0E155A6FE7FD11AE7270D58F539F9A022BE944778CAD0A17EBEF22F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3481 Expires: Tue, 29 Nov 2022 05:42:39 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5b4bc4d091d314a559fc8d4b2dbbb5f5 Sha1: 62f9d886b9e85e64462f75988e0d0b349c569c0d Sha256: 87050cc8e0e155a6fe7fd11ae7270d58f539f9a022be944778cad0a17ebef22f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 87050cc8e0e155a6fe7fd11ae7270d58f539f9a022be944778cad0a17ebef22f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87050CC8E0E155A6FE7FD11AE7270D58F539F9A022BE944778CAD0A17EBEF22F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3481 Expires: Tue, 29 Nov 2022 05:42:39 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5b4bc4d091d314a559fc8d4b2dbbb5f5 Sha1: 62f9d886b9e85e64462f75988e0d0b349c569c0d Sha256: 87050cc8e0e155a6fe7fd11ae7270d58f539f9a022be944778cad0a17ebef22f
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1 Host: kvevv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif FQDN: kvevv.com IP: 64.32.13.142 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 64.32.13.142 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://max009.top/4bf88adf466b90cef3686374a27fc0e2.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 7107d5b0e028993ce463eb29eebae9f15bcd8ff4403a0d15f909861ef9e676c5 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 10:05:42 GMT Expires: Sat, 03 Dec 2022 10:05:41 GMT Etag: "2bf2252d9f68bdb1504969d1216a0e9f1873a865" Cache-Control: max-age=364262,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b072fab7b521-OSL --- Additional Info --- Magic: data Size: 472 Md5: 8c860f6cc16cec53769d4433e6f0ddf2 Sha1: 2bf2252d9f68bdb1504969d1216a0e9f1873a865 Sha256: 7107d5b0e028993ce463eb29eebae9f15bcd8ff4403a0d15f909861ef9e676c5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c8ae8c1d1166b7a0d166fe89aa95c74c00fcd8edc94aa95b5aef8a2b33d87999 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8AE8C1D1166B7A0D166FE89AA95C74C00FCD8EDC94AA95B5AEF8A2B33D87999" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16299 Expires: Tue, 29 Nov 2022 09:16:17 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 03155dd0188bbb26580d8aa9b9a128ea Sha1: f51e0dd8ab1a0c0a260b866525acd296d4e7f105 Sha256: c8ae8c1d1166b7a0d166fe89aa95c74c00fcd8edc94aa95b5aef8a2b33d87999
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c8ae8c1d1166b7a0d166fe89aa95c74c00fcd8edc94aa95b5aef8a2b33d87999 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8AE8C1D1166B7A0D166FE89AA95C74C00FCD8EDC94AA95B5AEF8A2B33D87999" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16299 Expires: Tue, 29 Nov 2022 09:16:17 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 03155dd0188bbb26580d8aa9b9a128ea Sha1: f51e0dd8ab1a0c0a260b866525acd296d4e7f105 Sha256: c8ae8c1d1166b7a0d166fe89aa95c74c00fcd8edc94aa95b5aef8a2b33d87999
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1 Host: kvemm.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif FQDN: kvemm.com IP: 64.32.13.142 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 64.32.13.142 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://kvkddd.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1 Host: kvmaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif FQDN: kvmaa.com IP: 170.178.176.170 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 170.178.176.170 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /images/0102y120009tf26vrA1E9.gif?proc=autoorient HTTP/1.1 Host: dimg04.c-ctrip.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?pro (...) FQDN: dimg04.c-ctrip.com IP: 104.110.17.24 HASH: 9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade 104.110.17.24 HTTP/2 200 OK content-type: image/gif content-length: 151061 access-control-allow-origin: * last-modified: Tue, 12 May 2015 01:00:00 GMT cache-control: max-age=7724131 expires: Sun, 26 Feb 2023 14:20:09 GMT date: Tue, 29 Nov 2022 04:44:38 GMT timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 960 x 120\012- data Size: 151061 Md5: 89c820a186cb325d9979cdae663875eb Sha1: e9dbc77e9d46e03ebec28aaca2bf5e302767064f Sha256: 9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1 Host: kvmaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif FQDN: kvmaa.com IP: 170.178.176.170 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 170.178.176.170 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 0f348a69f07626c93e6dacdae01c1f7b6c0d94f484b9a645ce755cf565249f91 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 04:32:10 GMT Expires: Tue, 06 Dec 2022 04:32:09 GMT Etag: "731233b1e5b778588a42355e2123948ecf800cbb" Cache-Control: max-age=603450,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b072fcb8b4f9-OSL --- Additional Info --- Magic: data Size: 471 Md5: 53a9e6075e0614555254a4c3908fba86 Sha1: 731233b1e5b778588a42355e2123948ecf800cbb Sha256: 0f348a69f07626c93e6dacdae01c1f7b6c0d94f484b9a645ce755cf565249f91
GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1 Host: kvezz.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif FQDN: kvezz.com IP: 45.154.215.92 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 45.154.215.92 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 784a6816aadadfc7a34ecdae2c86dfd0b971314f7db79e22906bf4fa368925fb 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 00:01:01 GMT Expires: Tue, 06 Dec 2022 00:01:00 GMT Etag: "f35a3271078f2eb3fa9c6e5ab5ab4d757ee2a457" Cache-Control: max-age=587181,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b0753ec30b55-OSL --- Additional Info --- Magic: data Size: 727 Md5: 9fc1b99a217ae7a16971181fd27b3144 Sha1: f35a3271078f2eb3fa9c6e5ab5ab4d757ee2a457 Sha256: 784a6816aadadfc7a34ecdae2c86dfd0b971314f7db79e22906bf4fa368925fb
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1 Host: kzecc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif FQDN: kzecc.com IP: 64.32.13.142 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 64.32.13.142 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0929458f0ff0dceccb96bfc844263380c5424939c2e03a59bc4d71d764c4271c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0929458F0FF0DCECCB96BFC844263380C5424939C2E03A59BC4D71D764C4271C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5089 Expires: Tue, 29 Nov 2022 06:09:27 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d27e0525e331a4c3ae096be1a00433af Sha1: 764b36118b987432e13dd88b9b446a8ec0dc13e9 Sha256: 0929458f0ff0dceccb96bfc844263380c5424939c2e03a59bc4d71d764c4271c
POST / HTTP/1.1 Host: ocsp.buypass.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 78 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.buypass.com/ FQDN: ocsp.buypass.com IP: 23.36.76.200 HASH: 2f3783a7390af50e2a85d555dde85b6c6a2de0e4f188659e93b8b5888fa90744 23.36.76.200 HTTP/1.1 200 OK Content-Type: application/ocsp-response Access-Control-Allow-Origin: https://www.buypass.no Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale Access-Control-Allow-Credentials: false Access-Control-Allow-Methods: GET,POST MDC-correlationId: ff42f1f1-ed1a-42ac-9f43-977431812938 Content-Length: 1700 Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1700 Md5: 36216e04f51d2e8876be4510b1e7c7f0 Sha1: fe80784e1649b75fad562921cefa907d5bc98f40 Sha256: 2f3783a7390af50e2a85d555dde85b6c6a2de0e4f188659e93b8b5888fa90744
POST / HTTP/1.1 Host: ocsp.buypass.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 78 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.buypass.com/ FQDN: ocsp.buypass.com IP: 23.36.76.200 HASH: 2f3783a7390af50e2a85d555dde85b6c6a2de0e4f188659e93b8b5888fa90744 23.36.76.200 HTTP/1.1 200 OK Content-Type: application/ocsp-response Access-Control-Allow-Origin: https://www.buypass.no Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale Access-Control-Allow-Credentials: false Access-Control-Allow-Methods: GET,POST MDC-correlationId: 395e241a-234d-4604-83e0-e191de0a9f5f Content-Length: 1700 Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1700 Md5: 36216e04f51d2e8876be4510b1e7c7f0 Sha1: fe80784e1649b75fad562921cefa907d5bc98f40 Sha256: 2f3783a7390af50e2a85d555dde85b6c6a2de0e4f188659e93b8b5888fa90744
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 7f1b74086414ff31f9ab16fd18a8dadb7d7b77023e6bde0b9bbd5aa749a53d93 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7F1B74086414FF31F9AB16FD18A8DADB7D7B77023E6BDE0B9BBD5AA749A53D93" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16153 Expires: Tue, 29 Nov 2022 09:13:51 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 233e57f60023d3cdf4dfa75d53a03eb3 Sha1: 9dac5203260858b4de4682f9f610618454b5bb01 Sha256: 7f1b74086414ff31f9ab16fd18a8dadb7d7b77023e6bde0b9bbd5aa749a53d93
GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1 Host: kvevv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif FQDN: kvevv.com IP: 64.32.13.142 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 64.32.13.142 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://max009.top/7546c860e55fa3bf22e5cd95994dd097.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1 Host: kvemm.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif FQDN: kvemm.com IP: 64.32.13.142 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 64.32.13.142 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://kvkddd.top/0eddc09b941df608c7dbb65fd7344c05.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /template/m1938pc/static/css/mm-content.css HTTP/1.1 Host: www.jxys12.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.jxys12.xyz/template/m1938pc/static/css/mm-content.css FQDN: www.jxys12.xyz IP: 173.231.38.5 HASH: 5d29dcabbe33539247a932acbc455a5ed6a32e25053135078e42d8d050659d1d 173.231.38.5 HTTP/2 200 OK content-type: text/css server: nginx date: Tue, 29 Nov 2022 04:44:36 GMT last-modified: Fri, 14 Jan 2022 04:46:10 GMT vary: Accept-Encoding etag: W/"61e10012-1ccb" expires: Tue, 29 Nov 2022 16:44:36 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 159785 Md5: 517f0c2f6922be5e5deef337a80ea701 Sha1: 47749910893ed3f44f36b82c237cfa6e8881c27e Sha256: 5d29dcabbe33539247a932acbc455a5ed6a32e25053135078e42d8d050659d1d Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 87e51cc1ada762613fa8ddea12a61e0bfc1056f679cc8f7e4a464e4a6e77861a 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sun, 27 Nov 2022 03:39:04 GMT Expires: Sun, 04 Dec 2022 03:39:03 GMT Etag: "e60b44b493885b9e3bfcd727a512d8fded812887" Cache-Control: max-age=427464,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b074eddab511-OSL --- Additional Info --- Magic: data Size: 471 Md5: 1fbb7f61e76866ea359f7919c12bef99 Sha1: e60b44b493885b9e3bfcd727a512d8fded812887 Sha256: 87e51cc1ada762613fa8ddea12a61e0bfc1056f679cc8f7e4a464e4a6e77861a
POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp2.globalsign.com/gsorganizationvalsha2g2 FQDN: ocsp2.globalsign.com IP: 104.18.21.226 HASH: df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 1459 Connection: keep-alive Expires: Sat, 03 Dec 2022 03:18:53 GMT ETag: "ff034ade54f7c8486ef4464f8946da5e5b463ade" Last-Modified: Tue, 29 Nov 2022 03:18:54 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7718b074ec900b51-OSL --- Additional Info --- Magic: data Size: 1459 Md5: 73587ccc1a1457c55594ab1245f9ef77 Sha1: ff034ade54f7c8486ef4464f8946da5e5b463ade Sha256: df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf
POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp2.globalsign.com/gsorganizationvalsha2g2 FQDN: ocsp2.globalsign.com IP: 104.18.21.226 HASH: df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 1459 Connection: keep-alive Expires: Sat, 03 Dec 2022 03:18:53 GMT ETag: "ff034ade54f7c8486ef4464f8946da5e5b463ade" Last-Modified: Tue, 29 Nov 2022 03:18:54 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 0 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7718b0763ce40b51-OSL --- Additional Info --- Magic: data Size: 1459 Md5: 73587ccc1a1457c55594ab1245f9ef77 Sha1: ff034ade54f7c8486ef4464f8946da5e5b463ade Sha256: df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf
POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp2.globalsign.com/gsorganizationvalsha2g2 FQDN: ocsp2.globalsign.com IP: 104.18.20.226 HASH: 48f4753c03d844e325ad70adee36435463931ef82e1137dbe5f82a5fd9f335f7 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 1459 Connection: keep-alive Expires: Sat, 03 Dec 2022 01:49:05 GMT ETag: "83c6c19040243f9557381da2ea23151318e77b09" Last-Modified: Tue, 29 Nov 2022 01:49:06 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2333 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7718b07658480b02-OSL --- Additional Info --- Magic: data Size: 1459 Md5: 2cc706a5f9e09fc0e8a1a52b930d00e7 Sha1: 83c6c19040243f9557381da2ea23151318e77b09 Sha256: 48f4753c03d844e325ad70adee36435463931ef82e1137dbe5f82a5fd9f335f7
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: 6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 343 ETag: "6276E91FB8F11D447C6EB8E1EF977B69DB6934FCC8793A479D195DB13DF23F0C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9547 Expires: Tue, 29 Nov 2022 07:23:45 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 343 Md5: 9347e1cd2af04f5ca48a31f0bc3da7ae Sha1: 22beae35c318731eaa78a824f051831c85b508ef Sha256: 6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: 6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 343 ETag: "6276E91FB8F11D447C6EB8E1EF977B69DB6934FCC8793A479D195DB13DF23F0C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9547 Expires: Tue, 29 Nov 2022 07:23:45 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 343 Md5: 9347e1cd2af04f5ca48a31f0bc3da7ae Sha1: 22beae35c318731eaa78a824f051831c85b508ef Sha256: 6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c
GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23b (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5 104.22.12.214 HTTP/2 200 OK content-type: image/jpeg date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 14387 cf-bgj: imgq:85,h2pri cf-polished: origSize=15124, status=webp_bigger etag: "5e11cf7d-3b14" last-modified: Sun, 05 Jan 2020 11:58:53 GMT cache-control: max-age=31536000 cf-cache-status: HIT age: 2332 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7718b076ac3f1bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data Size: 14387 Md5: c814bbc877c9b41935908734d76b7778 Sha1: 7ba4a76ea6941ff9b06fff0ecadfd0abb64d719d Sha256: df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5
GET /upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: da1e76bdee447c2fc67b2da81b4067947f4cee2798ecf0903f16d9fb10b64c81 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 7200 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=8578 content-disposition: inline; filename="q2aftvnkn2q1356q2aftvnkn2q145240.webp" etag: "638058fe-2182" last-modified: Fri, 25 Nov 2022 05:56:14 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2332 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc411bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 7200 Md5: 4858cbdc894b0a591319a947ff5d5db3 Sha1: e01e4efdccc57ae3baf8f24a10dd9a726904f766 Sha256: da1e76bdee447c2fc67b2da81b4067947f4cee2798ecf0903f16d9fb10b64c81
GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapy (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 4468 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=6775 content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp" etag: "5dc4c133-1a77" last-modified: Fri, 08 Nov 2019 01:13:23 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc421bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 4468 Md5: 174c271fbd41b05e66270e9f781e8dc1 Sha1: 6f7b0f3b4e5527db1c55921da243ce6318be9e85 Sha256: 20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf
GET /upload/vod/2022/11-28/13/swlyhvxsn3k1335swlyhvxsn3k316316.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/swlyhvxsn (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 1b55f9a42d7b3cc95511e9aa34a3954f359bfe192c0b69064050860dd73ead79 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 4492 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=6912 content-disposition: inline; filename="swlyhvxsn3k1335swlyhvxsn3k316316.webp" etag: "638448a3-1b00" last-modified: Mon, 28 Nov 2022 05:35:31 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc451bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 4492 Md5: 69be43384dd099d503d6425448adee34 Sha1: 1d182a9da3cd8d670f7ed053cf10cfe0e2851433 Sha256: 1b55f9a42d7b3cc95511e9aa34a3954f359bfe192c0b69064050860dd73ead79
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1 Host: kveff.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: kveff.com/68a7807de3933bf7079116fa9df99e6f.gif FQDN: kveff.com IP: 64.32.13.142 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 64.32.13.142 HTTP/2 301 Moved Permanently content-type: text/html server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 162 location: https://max002.top/68a7807de3933bf7079116fa9df99e6f.gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /upload/vod/2022/11-28/13/edxyu2zpif01335edxyu2zpif0196290.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/edxyu2zpi (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 684ef985c8f535d753f3704d0b96467a3e89b80397f0ac1220cf1e63df29cb28 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 7776 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=8667 content-disposition: inline; filename="edxyu2zpif01335edxyu2zpif0196290.webp" etag: "63844897-21db" last-modified: Mon, 28 Nov 2022 05:35:19 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc461bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 7776 Md5: 94b7098d95208d480e4bf14236c99990 Sha1: f13f76c4adba5ee150d568d268ea9c83e49f3d28 Sha256: 684ef985c8f535d753f3704d0b96467a3e89b80397f0ac1220cf1e63df29cb28
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 77c2410d58d53811ae7b701ff4c501b6a21c9af6d27189170e725573ce07db2f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "77C2410D58D53811AE7B701FF4C501B6A21C9AF6D27189170E725573CE07DB2F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19211 Expires: Tue, 29 Nov 2022 10:04:49 GMT Date: Tue, 29 Nov 2022 04:44:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 313a4af0587cf0130df762583804464b Sha1: 2e81dd41e78c4b094f32575b1727a1c9207a1af1 Sha256: 77c2410d58d53811ae7b701ff4c501b6a21c9af6d27189170e725573ce07db2f
GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgw (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 5568 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=6690 content-disposition: inline; filename="2omtifvgwvo16482omtifvgwvo282149.webp" etag: "6349225c-1a22" last-modified: Fri, 14 Oct 2022 08:48:28 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc441bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5568 Md5: 187a056e67fd5cb46bc7c783f9a9fdac Sha1: 4ee4e1bf29186fa2c4d5373fe121a6a6031a8737 Sha256: a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171
GET /upload/vod/2022/11-28/13/tst0suxpwqn1335tst0suxpwqn216294.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/tst0suxpw (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 5f0ea2152c6e4237394d893b6a43154c7db9cea516ca4b2d1d18fcbbf3c4c3d0 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 7300 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=8447 content-disposition: inline; filename="tst0suxpwqn1335tst0suxpwqn216294.webp" etag: "63844899-20ff" last-modified: Mon, 28 Nov 2022 05:35:21 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc481bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 7300 Md5: 78ca33bcc515e6651b3f86b563f4adde Sha1: 1aa9831fe487e9f92b377acf7a59fb25d255a4dd Sha256: 5f0ea2152c6e4237394d893b6a43154c7db9cea516ca4b2d1d18fcbbf3c4c3d0
GET /upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsn (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: d2ccc3a3f54595284db2b42186999635433f6d4beab91a1ca15d54a8bbc51de2 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 8224 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=9431 content-disposition: inline; filename="5uhe5rvsnvm10155uhe5rvsnvm1724067.webp" etag: "5dc4cfb5-24d7" last-modified: Fri, 08 Nov 2019 02:15:17 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc401bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 8224 Md5: 81267f0dd2a21a97169d2dff3bb67578 Sha1: ec4b5545c42d0a756a2c5304979385195727d80f Sha256: d2ccc3a3f54595284db2b42186999635433f6d4beab91a1ca15d54a8bbc51de2
GET /upload/vod/2022/11-28/13/w5advwm3stk1335w5advwm3stk296312.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/w5advwm3s (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: c5d878d180374a8d47665158142a664c93d72b459ca2abadbf016d552e818906 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 5886 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=7261 content-disposition: inline; filename="w5advwm3stk1335w5advwm3stk296312.webp" etag: "638448a1-1c5d" last-modified: Mon, 28 Nov 2022 05:35:29 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc431bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5886 Md5: d30e29788a351c0d9f5692b683d2f8cd Sha1: 2765e1f06f47d3cbb8ceaadc46467c038146f960 Sha256: c5d878d180374a8d47665158142a664c93d72b459ca2abadbf016d552e818906
GET /upload/vod/2022/11-28/13/yypa41uo1f41335yypa41uo1f4246302.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/yypa41uo1 (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 5ad2b70134f43bdb67b842b9312b5dc062b744e4b01c2712ef770ed3a4795969 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 10056 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=10846 content-disposition: inline; filename="yypa41uo1f41335yypa41uo1f4246302.webp" etag: "6384489c-2a5e" last-modified: Mon, 28 Nov 2022 05:35:24 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc4d1bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 10056 Md5: c3f05d63b499d1426f8e4ce2a4e384a4 Sha1: 1f27bb24557fd99d1e0fadb074a2343400c3b2f7 Sha256: 5ad2b70134f43bdb67b842b9312b5dc062b744e4b01c2712ef770ed3a4795969
GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1 Host: 200.benbenys.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive	URL: 200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5 (...) FQDN: 200.benbenys.com IP: 23.224.61.222 HASH: 945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff 23.224.61.222 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Tue, 29 Nov 2022 04:44:38 GMT Server: Apache Expires: Thu, 29 Dec 2022 04:44:38 GMT Pragma: cache Cache-Control: max-age=2592000 Upgrade: h2 Connection: Upgrade, close Content-Length: 57375 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[0], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data Size: 57375 Md5: 61b977b3527d7c0e27e2af877b5a5c59 Sha1: 4a1f0beee6c8215da2bfda76b5f1c87d62925bfc Sha256: 945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff
GET /47a7724b974a47a0a7ff9b1c9af7a26c.gif HTTP/1.1 Host: 339282bdb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif FQDN: 339282bdb.com IP: 103.170.15.103 HASH: e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb 103.170.15.103 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: max-age=604800 ETag: "635b942d-1b9b4" Date: Sun, 27 Nov 2022 16:13:15 GMT Server: nginx Last-Modified: Fri, 28 Oct 2022 08:34:53 GMT Accept-Ranges: bytes X-Cache: HIT from yd11_13-cdn-g01-la2-33 Content-Length: 113076 --- Additional Info --- Magic: GIF image data, version 89a, 320 x 185\012- data Size: 113076 Md5: 293a0887f1ab0b9517c19b77d51626dd Sha1: 74adbd76d248f6cfc5cffdfaaaaaf942b69b080b Sha256: e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb Alerts: Blocklists: - quad9: Sinkholed
GET /tL26d3m/240x140.gif HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: i.ibb.co/tL26d3m/240x140.gif FQDN: i.ibb.co IP: 162.19.58.156 HASH: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69 162.19.58.156 HTTP/2 404 Not Found content-type: image/png server: nginx date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 1031 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data Size: 1031 Md5: 7325e2012a6cf941a6ea14f0061ff764 Sha1: 0d2ba63e280b979a98bc431bec8a7af985578769 Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c1 (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918 104.22.12.214 HTTP/2 200 OK content-type: image/jpeg date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 11122 cf-bgj: imgq:85,h2pri cf-polished: origSize=11646, status=webp_bigger etag: "5dc4d015-2d7e" last-modified: Fri, 08 Nov 2019 02:16:53 GMT cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7718b076bc4a1bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data Size: 11122 Md5: b022836144761d53fd172695cd436216 Sha1: 71dd9ccacd6072c9aeab040b290e151ff01e8d02 Sha256: 6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918
POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp2.globalsign.com/gsorganizationvalsha2g2 FQDN: ocsp2.globalsign.com IP: 104.18.20.226 HASH: df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 1459 Connection: keep-alive Expires: Sat, 03 Dec 2022 03:18:53 GMT ETag: "ff034ade54f7c8486ef4464f8946da5e5b463ade" Last-Modified: Tue, 29 Nov 2022 03:18:54 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7718b0760bb8fab8-OSL --- Additional Info --- Magic: data Size: 1459 Md5: 73587ccc1a1457c55594ab1245f9ef77 Sha1: ff034ade54f7c8486ef4464f8946da5e5b463ade Sha256: df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf
GET /upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlm (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 5660 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=6650 content-disposition: inline; filename="v5mpxydlmyj1112v5mpxydlmyj341679.webp" etag: "6371b223-19fa" last-modified: Mon, 14 Nov 2022 03:12:35 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc471bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5660 Md5: faf004bc3a9c3aeedccee94f15c2c8f1 Sha1: 024c98c2cc5fd5abbe46d5376bdf741e0171c231 Sha256: eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d
GET /upload/vod/2022/11-28/13/n4ypwectl5m1335n4ypwectl5m226298.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/n4ypwectl (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: ee0adc9a7959caadc003e437c15302cbcd598d8d51d98528685cfd1377455264 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 5556 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=6655 content-disposition: inline; filename="n4ypwectl5m1335n4ypwectl5m226298.webp" etag: "6384489b-19ff" last-modified: Mon, 28 Nov 2022 05:35:23 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc4b1bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5556 Md5: 9de4c86aeb08d6f8a6fc164e722de4ca Sha1: a5d895d894361b7390f10956e1a57844986f1cd5 Sha256: ee0adc9a7959caadc003e437c15302cbcd598d8d51d98528685cfd1377455264
GET /upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 9504 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=10345 content-disposition: inline; filename="voxkidqmc5v1447voxkidqmc5v04679.webp" etag: "6350eee8-2869" last-modified: Thu, 20 Oct 2022 06:47:04 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076bc4c1bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 9504 Md5: 8fe9c506b4edb32a653396705f3120a6 Sha1: d2eff7b1c1bfac9c1cd04ffece89fde07b0dd470 Sha256: 4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0
GET /upload/vod/2022/11-28/13/11wp2qvcp4m133511wp2qvcp4m186288.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/11wp2qvcp (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 9bbc038d5a4ae97b6f70f932dac3a777ebc61ce2b989486f732c47e01aa8c2bb 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 6114 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=7211 content-disposition: inline; filename="11wp2qvcp4m133511wp2qvcp4m186288.webp" etag: "63844896-1c2b" last-modified: Mon, 28 Nov 2022 05:35:18 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076cc531bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 6114 Md5: cb289b33537c94f5b0fb6a57cb4d43fa Sha1: 14710b0bb96871ad62a7da07beaba4ca1d46511f Sha256: 9bbc038d5a4ae97b6f70f932dac3a777ebc61ce2b989486f732c47e01aa8c2bb
GET /upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-27/14/l1ptmarpc (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: c473cf8ebaaecfc9cbd017fde1f7bf5db01a56615f5b0ee4b90f130855091492 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 7212 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=9321 content-disposition: inline; filename="l1ptmarpcmz1453l1ptmarpcmz476122.webp" etag: "6383097b-2469" last-modified: Sun, 27 Nov 2022 06:53:47 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2332 accept-ranges: bytes server: cloudflare cf-ray: 7718b076ec571bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 7212 Md5: 6a2aff2dcfb0664ccc2282c5719dca38 Sha1: b71513f6cf6d3021faaaed9e42c3a61fa416a835 Sha256: c473cf8ebaaecfc9cbd017fde1f7bf5db01a56615f5b0ee4b90f130855091492
GET /upload/vod/2022/11-28/13/03s1agsxfpo133503s1agsxfpo226296.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/03s1agsxf (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: ec9fbc7391e5d8993bb6ee6331975e87ce5acdd5a94de10fa0f4f22087198f88 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 8412 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=9533 content-disposition: inline; filename="03s1agsxfpo133503s1agsxfpo226296.webp" etag: "6384489a-253d" last-modified: Mon, 28 Nov 2022 05:35:22 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b076ec591bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 8412 Md5: b30c3f4ead010cee92fd4085c44ac5f0 Sha1: 2345edc988822d873e0075ef48ecf3f40eeb4929 Sha256: ec9fbc7391e5d8993bb6ee6331975e87ce5acdd5a94de10fa0f4f22087198f88
GET /upload/vod/2022/11-28/13/35fspfucs0p133535fspfucs0p236300.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/35fspfucs (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 2f28132755bf27845851354e7bf15ee6e139562ed411152c1a4938e7b4b8ba6f 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 6404 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=7392 content-disposition: inline; filename="35fspfucs0p133535fspfucs0p236300.webp" etag: "6384489b-1ce0" last-modified: Mon, 28 Nov 2022 05:35:23 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b0771c621bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 6404 Md5: 6057bab6390dfa52acfb7c909daa3780 Sha1: 76c4fd581b003e0d6dc81feeb18040b959035552 Sha256: 2f28132755bf27845851354e7bf15ee6e139562ed411152c1a4938e7b4b8ba6f
GET /upload/vod/2022/11-28/13/5ge3qzto32513355ge3qzto325256304.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/5ge3qzto3 (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 6a79eecdb7f0a7b652505c86e121fe6b6f7898c5fcf56695a6b9cccc25b61f6e 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 9728 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=10573 content-disposition: inline; filename="5ge3qzto32513355ge3qzto325256304.webp" etag: "6384489d-294d" last-modified: Mon, 28 Nov 2022 05:35:25 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b0774c6b1bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 9728 Md5: f97716c9cf6a28b9090b0de5143221d5 Sha1: 5da983d9171a6a0fc219873012d9d91108fcc125 Sha256: 6a79eecdb7f0a7b652505c86e121fe6b6f7898c5fcf56695a6b9cccc25b61f6e
GET /upload/vod/2022/11-28/13/jjy5x0xieib1335jjy5x0xieib276308.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/jjy5x0xie (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 682b5c4dd6447da8fdad3f93958c77f94479b0e747cebeec1bdf08d7a44123ce 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 9100 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=10082 content-disposition: inline; filename="jjy5x0xieib1335jjy5x0xieib276308.webp" etag: "6384489f-2762" last-modified: Mon, 28 Nov 2022 05:35:27 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b0774c6a1bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 9100 Md5: 0df8730f164c8ca030cae7a5f232d7d2 Sha1: ddae230735be58dfa9e3c427bea78ea92aaa5bf7 Sha256: 682b5c4dd6447da8fdad3f93958c77f94479b0e747cebeec1bdf08d7a44123ce
GET /upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lbfm.lbpictupian.com/upload/vod/2022/11-27/14/2akielas4 (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 415c375b82e01d275b8f617318c7251c31d5fb14bd92366e0ca3ec9d711492dd 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 8736 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=10968 content-disposition: inline; filename="2akielas4ot14532akielas4ot386104.webp" etag: "63830972-2ad8" last-modified: Sun, 27 Nov 2022 06:53:38 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2332 accept-ranges: bytes server: cloudflare cf-ray: 7718b0775c721bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 8736 Md5: 7bfbd10c68b3b32f40128c92669b07cb Sha1: 43b9f512dcf14d6e601fe2957013878d3776bc90 Sha256: 415c375b82e01d275b8f617318c7251c31d5fb14bd92366e0ca3ec9d711492dd
GET /upload/vod/2022/11-28/13/fhu3hkfy5ra1335fhu3hkfy5ra266306.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/fhu3hkfy5 (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 82da90108f2dd0f3b987609c7bc2f7e3504f52b3c8b5963e38175c2c5d634316 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 6944 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=7964 content-disposition: inline; filename="fhu3hkfy5ra1335fhu3hkfy5ra266306.webp" etag: "6384489e-1f1c" last-modified: Mon, 28 Nov 2022 05:35:26 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b0775c701bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 6944 Md5: 8d2915b6936e3f5b26b4dfc66d932d36 Sha1: 14a650c1b096feea8c40b628cf47b22329c58a63 Sha256: 82da90108f2dd0f3b987609c7bc2f7e3504f52b3c8b5963e38175c2c5d634316
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 81b0cc31edbd181e23d043f69d3487e0ad57a893665af3cc9ebb1fcdd97d89a3 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=168025 Date: Tue, 29 Nov 2022 04:44:38 GMT Etag: "63857b8f-1d7" Expires: Thu, 01 Dec 2022 03:25:03 GMT Last-Modified: Tue, 29 Nov 2022 03:25:03 GMT Server: nginx Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7e5a6e2829f4d2b20b0062d9930aa711 Sha1: ebb93b1d6ee2f9009e2d1753aab77b2b6de0f56c Sha256: 81b0cc31edbd181e23d043f69d3487e0ad57a893665af3cc9ebb1fcdd97d89a3
GET /upload/vod/2022/11-28/13/sd3uwlnfcm31335sd3uwlnfcm3306314.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/sd3uwlnfc (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: a85b635533bec4280e011c155eac4f33d0fecd56dd42a096cf00a1d4532cbc4c 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 6284 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=8471 content-disposition: inline; filename="sd3uwlnfcm31335sd3uwlnfcm3306314.webp" etag: "638448a2-2117" last-modified: Mon, 28 Nov 2022 05:35:30 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b0775c711bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 6284 Md5: d522d094063825c17236698af6785ee9 Sha1: f2cec336d561fd3c26455600a9c14234014ae039 Sha256: a85b635533bec4280e011c155eac4f33d0fecd56dd42a096cf00a1d4532cbc4c
GET /upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wswrngh00 (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: fef9d085f8ed814c53c48d162379bf86971f29ec4a7b7e3d2a962a006fca5de7 104.22.12.214 HTTP/2 200 OK content-type: image/jpeg date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 12826 cf-bgj: imgq:85,h2pri cf-polished: origSize=13483, status=webp_bigger etag: "638449cb-34ab" last-modified: Mon, 28 Nov 2022 05:40:27 GMT cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7718b0776c731bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data Size: 12826 Md5: 64e5d30e2c9ff8d2beacad9f64a97e7a Sha1: 7fa9fc846cd7c6695ca6bdb2bd46e21a76f9f1ae Sha256: fef9d085f8ed814c53c48d162379bf86971f29ec4a7b7e3d2a962a006fca5de7
GET /upload/vod/2022/11-28/13/3cktbr5e43s13353cktbr5e43s286310.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/3cktbr5e4 (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: d26603230ebb610c61e8ac8209446feb6ec0e57a7eba6c0b05329982bbf3fa84 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 8564 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=9688 content-disposition: inline; filename="3cktbr5e43s13353cktbr5e43s286310.webp" etag: "638448a0-25d8" last-modified: Mon, 28 Nov 2022 05:35:28 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b0776c741bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 8564 Md5: 846fc2e5c7fde4844189c7c5352c0e86 Sha1: e00eca00bf7599eccaa69465e5ce3f61f1521440 Sha256: d26603230ebb610c61e8ac8209446feb6ec0e57a7eba6c0b05329982bbf3fa84
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1527 Cache-Control: max-age=149751 Date: Tue, 29 Nov 2022 04:44:38 GMT Etag: "63852e36-2d7" Expires: Wed, 30 Nov 2022 22:20:29 GMT Last-Modified: Mon, 28 Nov 2022 21:55:02 GMT Server: ECS (amb/6BA5) X-Cache: HIT Content-Length: 727 --- Additional Info --- Magic: data Size: 727 Md5: 62ab0caeab837e52beb85fc332e51d01 Sha1: e53946379c035bd3532b3cdaef22d122b894b3a1 Sha256: 38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2366 Cache-Control: max-age=150590 Date: Tue, 29 Nov 2022 04:44:38 GMT Etag: "63852e36-2d7" Expires: Wed, 30 Nov 2022 22:34:28 GMT Last-Modified: Mon, 28 Nov 2022 21:55:02 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 727 --- Additional Info --- Magic: data Size: 727 Md5: 62ab0caeab837e52beb85fc332e51d01 Sha1: e53946379c035bd3532b3cdaef22d122b894b3a1 Sha256: 38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469
GET /upload/vod/2022/11-28/13/rwe3egzutrh1335rwe3egzutrh206292.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rwe3egzut (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: 8c2a920257bc6b41db99fadce0ac011f8a1d8a3117c600105dae0c55b6eb0de5 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 9796 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=10754 content-disposition: inline; filename="rwe3egzutrh1335rwe3egzutrh206292.webp" etag: "63844898-2a02" last-modified: Mon, 28 Nov 2022 05:35:20 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2333 accept-ranges: bytes server: cloudflare cf-ray: 7718b0776c751bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 9796 Md5: 7a73f0cfbab7791e5f97b92fbcc0af57 Sha1: 5169d28cc09dff8a5e2499881032302ddaf068ee Sha256: 8c2a920257bc6b41db99fadce0ac011f8a1d8a3117c600105dae0c55b6eb0de5
GET /upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg HTTP/1.1 Host: lbfm.lbpictupian.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0 (...) FQDN: lbfm.lbpictupian.com IP: 104.22.12.214 HASH: b7169cb05b7a76be7d7151047de2f729af659bb75e5bd953edc027b18eebd78d 104.22.12.214 HTTP/2 200 OK content-type: image/webp date: Tue, 29 Nov 2022 04:44:38 GMT content-length: 8502 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=9636 content-disposition: inline; filename="bv24ubfd0w11334bv24ubfd0w1463373.webp" etag: "6379bc76-25a4" last-modified: Sun, 20 Nov 2022 05:34:46 GMT vary: Accept cache-control: max-age=31536000 cf-cache-status: HIT age: 2332 accept-ranges: bytes server: cloudflare cf-ray: 7718b0776c761bfe-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 8502 Md5: 470fbc0b663330b5a2fd1c629f26c7a1 Sha1: 8e259d89553d796f1c8fe0d0592a390242787384 Sha256: b7169cb05b7a76be7d7151047de2f729af659bb75e5bd953edc027b18eebd78d
GET /128/318X216.gif HTTP/1.1 Host: zhibo128x.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: zhibo128x.xyz/128/318X216.gif FQDN: zhibo128x.xyz IP: 154.83.25.141 HASH: 534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d 154.83.25.141 HTTP/1.1 200 OK Content-Type: image/gif Server: openresty Date: Tue, 29 Nov 2022 04:44:00 GMT Content-Length: 89870 Connection: keep-alive Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT ETag: "63145c07-15f0e" Expires: Wed, 30 Nov 2022 00:43:29 GMT Cache-Control: max-age=2592000 Via: 154.83.25.138 CDN-Cache: HIT Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 318 x 216\012- data Size: 89870 Md5: fcfb39891df6c04744982e2f8c67f6b7 Sha1: 7a667d860bab955b1e95bce9a455cc5555783076 Sha256: 534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d
GET /sh/328.js HTTP/1.1 Host: api.79zxcv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: api.79zxcv.com/sh/328.js FQDN: api.79zxcv.com IP: 18.141.56.242 HASH: 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493 18.141.56.242 HTTP/1.1 200 OK Content-Type: application/json; charset=UTF-8 Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 463 Connection: keep-alive Server: Tengine X-Cache-Status: MISS --- Additional Info --- Magic: ASCII text, with very long lines (463), with no line terminators Size: 463 Md5: 4ada6e293a75c07ce69d0e9aa7cabe73 Sha1: a17400b9941f0fa71105caac6ce7e18eea16b7c9 Sha256: 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493 Alerts: Blocklists: - quad9: Sinkholed
GET /sh/317.js HTTP/1.1 Host: api.79zxcv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys12.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: api.79zxcv.com/sh/317.js FQDN: api.79zxcv.com IP: 18.141.56.242 HASH: 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493 18.141.56.242 HTTP/1.1 200 OK Content-Type: application/json; charset=UTF-8 Date: Tue, 29 Nov 2022 04:44:38 GMT Content-Length: 463 Connection: keep-alive Server: Tengine X-Cache-Status: MISS --- Additional Info --- Magic: ASCII text, with very long lines (463), with no line terminators Size: 463 Md5: 4ada6e293a75c07ce69d0e9aa7cabe73 Sha1: a17400b9941f0fa71105caac6ce7e18eea16b7c9 Sha256: 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 62ca2ed602e780aa5ea90ceba1819c231af058ae47a631a88925fd369977b71f 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:39 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sun, 27 Nov 2022 01:45:21 GMT Expires: Sun, 04 Dec 2022 01:45:20 GMT Etag: "6dbb2e1f1ffc56576314ef14da30c4d46b6a868f" Cache-Control: max-age=420640,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b076dc70b521-OSL --- Additional Info --- Magic: data Size: 472 Md5: d3b307de2bf339f4b96d2c1223e0f585 Sha1: 6dbb2e1f1ffc56576314ef14da30c4d46b6a868f Sha256: 62ca2ed602e780aa5ea90ceba1819c231af058ae47a631a88925fd369977b71f
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: 481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "481C32F7F67F95E55A1FACFDDE3CDB7917E686D1BA1979F96089CB9D3B4F834A" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19253 Expires: Tue, 29 Nov 2022 10:05:32 GMT Date: Tue, 29 Nov 2022 04:44:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: fc796901ab3b12631015f01cd27c8d23 Sha1: d04e98b67b1455b1a6fb826506eef6f72297c187 Sha256: 481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 6d18eb37fdf20cb0811f10b9b038b5d240f3037e0562f7a785658b03871314c1 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:39 GMT Content-Length: 728 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 04:39:31 GMT Expires: Sat, 03 Dec 2022 04:39:30 GMT Etag: "713e6f6e7fb101801cdb788aad5545d1e4003459" Cache-Control: max-age=344690,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b0771f510b55-OSL --- Additional Info --- Magic: data Size: 728 Md5: 7d22f279fb06e2257a10f1f343db46da Sha1: 713e6f6e7fb101801cdb788aad5545d1e4003459 Sha256: 6d18eb37fdf20cb0811f10b9b038b5d240f3037e0562f7a785658b03871314c1
POST / HTTP/1.1 Host: dvcasha2.ocsp-certum.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: dvcasha2.ocsp-certum.com/ FQDN: dvcasha2.ocsp-certum.com IP: 23.36.79.17 HASH: 5904afabafe989992cd033150690f3cd225b66eb0b444b1a39f088c275e0355e 23.36.79.17 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 1599 X-Cached: HIT Strict-Transport-Security: max-age=63072000,includeSubDomains,preload Cache-Control: max-age=39 Date: Tue, 29 Nov 2022 04:44:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1599 Md5: d20b3eeb10a5d2a25e6dac63522bf57d Sha1: 0a2249dcef688c79a67cfdd7a1e559ede99be925 Sha256: 5904afabafe989992cd033150690f3cd225b66eb0b444b1a39f088c275e0355e
GET /obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb HTTP/1.1 Host: p3.douyinpic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd (...) FQDN: p3.douyinpic.com IP: 47.246.44.228 HASH: 40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b 47.246.44.228 HTTP/2 200 OK content-type: image/gif server: Tengine content-length: 439790 date: Sat, 26 Nov 2022 13:16:32 GMT cache-control: max-age=31536000 imagex-fmt: gif2gif last-modified: Sat, 26 Nov 2022 11:30:39 GMT nw-session-id: 2022112619303901015013207634B66C26h2vnt03dy nw-session-trace: 2022-11-26T19:30:39.564101929+08:00 31 x-bdcdn-cache-status: TCP_HIT x-length: 439790 x-powered-by: ImageX x-response-date: Sat, 26 Nov 2022 19:30:39 GMT x-tt-logid: 2022112619303901015013207634B66C26 via: n150-059-155, cache1.l2de2[0,0,206-0,H], cache14.l2de2[1,0], cache14.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[2,0] x-request-ip: fdbd:dc02:22:88::209 x-tt-trace-tag: id=03;cdn-cache=hit;type=static x-response-cinfo: 91.90.42.154 x-response-cache: edge_hit server-timing: cdn-cache;desc=HIT,edge;dur=2 x-tt-trace-host: 017a400951cb8b1f6f99182a8c8a87682f36a7bc8c9d51c44eea0062d5621a593cf11ecf59e1d039d14eacf478f79a4f6c371b82af94314a1c2da27ab8970cef0e421d48454c58e7340acddc4faf3a396fa65def9cb218d02bc5986a2c25b010d8 x-response-lb: image ali-swift-global-savetime: 1669468593 age: 228486 x-cache: HIT TCP_MEM_HIT dirn:11:451236523 x-swift-savetime: Sat, 26 Nov 2022 13:38:46 GMT x-swift-cachetime: 31534667 timing-allow-origin: , access-control-allow-origin: * eagleid: 2ff62c9616696970790311358e X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 960 x 60\012- data Size: 439790 Md5: 07ad6948d174b603a75e166a521bbb04 Sha1: d08af2d0fc9693ce636e66cbb89277875d7954f4 Sha256: 40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b
GET /news/list.php HTTP/1.1 Host: www.jxys88.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.jxys88.net/news/index.php Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: www.jxys88.net/news/list.php FQDN: www.jxys88.net IP: 173.231.12.68 HASH: c253c33d24dc3d6b50071ecb7cb3d3c1a7f4ea1d85372d21a025de90a310b7b8 173.231.12.68 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 29 Nov 2022 04:44:34 GMT vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 257538 Md5: 7ff193da0016d3c8b98bb68d997a0cb4 Sha1: 720cafe9c8028b120802ec3f818c1e14bdeaf86b Sha256: c253c33d24dc3d6b50071ecb7cb3d3c1a7f4ea1d85372d21a025de90a310b7b8
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 4bf1dbe3570119b51bf65d5af3c0064dff22156de04e2357ffac24ec6fa6f55d 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:44:39 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 11:06:55 GMT Expires: Sat, 03 Dec 2022 11:06:54 GMT Etag: "29edc43ed06f535c1e03e413cb626143c1f5365f" Cache-Control: max-age=367934,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7718b07848e40b02-OSL --- Additional Info --- Magic: data Size: 727 Md5: b6607f0428ad18c923ac202d3c27d52a Sha1: 29edc43ed06f535c1e03e413cb626143c1f5365f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4937 

                                        
                                            
Cache-Control: max-age=112147 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:31 GMT 

                                        
                                            
Etag: "63848df9-1d7" 

                                        
                                            
Expires: Wed, 30 Nov 2022 11:53:38 GMT 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT 

                                        
                                            
Server: ECS (ska/F709) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    9408cc0694fcbea57966c3a3ba906092

                                                Sha1:   fddcee1fdcf3209298e41a4b1b5560357fa165f0

                                                Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Tue, 29 Nov 2022 04:19:35 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 1496 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    30db107dcf4380cef05efea409c2e6a3

                                                Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9

                                                Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

                                        
                                            GET /gym-and-meals HTTP/1.1 

                                        
                                            
Host: weightloss-meals.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         107.165.125.108

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:30 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Location: http://www.weightloss-meals.com/gym-and-meals 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Tue, 29 Nov 2022 04:11:13 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 1999 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 2903 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:32 GMT 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 03:56:09 GMT 

                                        
                                            
Server: ECS (ska/F709) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    7ab2ef968cb6a3078f4b9cb2dda813d4

                                                Sha1:   e669116047ca058a2c1b2999ff0ea8682719162c

                                                Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

                                        
                                            GET /common.js HTTP/1.1 

                                        
                                            
Host: www.weightloss-meals.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.weightloss-meals.com/gym-and-meals

                                         107.165.125.108

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/x-javascript

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:31 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators

                                                Size:   738

                                                Md5:    70670d0986c3d241b2799f9b5ae5e100

                                                Sha1:   e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b

                                                Sha256: 788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 

                                        
                                            
Host: ocsp.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.21.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:33 GMT 

                                        
                                            
Content-Length: 1432 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Expires: Sat, 03 Dec 2022 00:30:27 GMT 

                                        
                                            
ETag: "c450389711c5206d2afa7a2760d18f9658f6a36c" 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 00:30:28 GMT 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 3536 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7718b0546892b503-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1432

                                                Md5:    c60e4318a49ff8976f2f06944b2a81de

                                                Sha1:   c450389711c5206d2afa7a2760d18f9658f6a36c

                                                Sha256: 99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: www.weightloss-meals.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.weightloss-meals.com/gym-and-meals

                                         107.165.125.108

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/x-icon

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:32 GMT 

                                        
                                            
Content-Length: 1150 

                                        
                                            
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "4e0d81df-47e" 

                                        
                                            
Expires: Sun, 04 Dec 2022 04:44:32 GMT 

                                        
                                            
Cache-Control: max-age=432000 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data

                                                Size:   1150

                                                Md5:    7ef1f0a0093460fe46bb691578c07c95

                                                Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd

                                                Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

                                        
                                            GET /hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162 HTTP/1.1 

                                        
                                            
Host: hm.baidu.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.weightloss-meals.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         103.235.46.191

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Cache-Control: max-age=0, must-revalidate 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 11256 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:33 GMT 

                                        
                                            
Etag: 208c320822c5a84ce156663e6d7c75d4 

                                        
                                            
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" 

                                        
                                            
Server: apache 

                                        
                                            
Set-Cookie: HMACCOUNT=027B2C8911AAA98D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT 

                                        
                                            
Strict-Transport-Security: max-age=172800 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (618)

                                                Size:   11256

                                                Md5:    bc648390ae310cb651db5202ac4475b4

                                                Sha1:   c9c7e21f7767f30f1a45bba308609591aaeadb67

                                                Sha256: d9d5b22d7d12510ef8f82df17ff0cc61040c60dbb72c62a352839b0f84807abd

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2301 

                                        
                                            
Expires: Tue, 29 Nov 2022 05:22:55 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:34 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ac3edd07bb0a4ebdaae6ec26e91d2079

                                                Sha1:   b6efe3811dfa37cdcde1e9d411c171732ac7e12a

                                                Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10445 

                                        
                                            
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cCvuDGHaIAMFn_w= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ== 

                                        
                                            
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 14:31:14 GMT 

                                        
                                            
age: 51200 

                                        
                                            
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10445

                                                Md5:    c76e3c4cc159bda9b9e887fcd449ba51

                                                Sha1:   12d90c36bd455b3b859fdb761b6ed49ea9f98f80

                                                Sha256: fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 3905 

                                        
                                            
x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cMFcYHE6IAMFmpA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: qJi8Y13bwnYMJDH5WYNxMShIEZef1SYGdHsDY8_vJoPzwT0PhPr0hQ== 

                                        
                                            
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 07:10:04 GMT 

                                        
                                            
age: 77670 

                                        
                                            
etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   3905

                                                Md5:    06723cdab42df9b5334f540a8c7ebc60

                                                Sha1:   3bbc44cb84a37ce6a067db4301dd81647a77c29f

                                                Sha256: 9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4916 

                                        
                                            
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cPYcrELFoAMFaeQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg== 

                                        
                                            
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 29 Nov 2022 03:18:11 GMT 

                                        
                                            
age: 5183 

                                        
                                            
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4916

                                                Md5:    83c1fedec73299637cc7dc47c48af758

                                                Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41

                                                Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

                                        
                                            GET /push.js HTTP/1.1 

                                        
                                            
Host: push.zhanzhang.baidu.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.weightloss-meals.com/

                                         112.34.113.148

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=31536000 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 227 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:34 GMT 

                                        
                                            
Etag: "4078521116" 

                                        
                                            
Expires: Wed, 29 Nov 2023 04:44:34 GMT 

                                        
                                            
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT 

                                        
                                            
P3p: CP=" OTI DSP COR IVA OUR IND COM " 

                                        
                                            
Server: apache 

                                        
                                            
Set-Cookie: BAIDUID=1500C0FD21D1E62A03209BBD26B3920A:FG=1; max-age=31536000; expires=Wed, 29-Nov-23 04:44:34 GMT; domain=.baidu.com; path=/; version=1 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   227

                                                Md5:    e548b6ce15bb616c2bfba36e9cfbf307

                                                Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33

                                                Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=589690891&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=61878&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 

                                        
                                            
Host: hm.baidu.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.weightloss-meals.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         103.235.46.191

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/gif

                                        

                                        
                                            
Cache-Control: private, max-age=0, no-cache 

                                        
                                            
Content-Length: 43 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:34 GMT 

                                        
                                            
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Server: apache 

                                        
                                            
Set-Cookie: HMACCOUNT=25AB8517FF9465BB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT 

                                        
                                            
Strict-Transport-Security: max-age=172800 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3

                                                Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7

                                                Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "6F4A880197B3D80599716FDF39FBDF75C23B1FFA7CFBACF12D8406C25700C7F1" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6495 

                                        
                                            
Expires: Tue, 29 Nov 2022 06:32:51 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    13d04f77a84f5ab5507368a4f4f4d123

                                                Sha1:   b099cc917ef53383a6f3d035c5a74d391c618302

                                                Sha256: 6f4a880197b3d80599716fdf39fbdf75c23b1ffa7cfbacf12d8406c25700c7f1

                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=130580614&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=61882&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1 

                                        
                                            
Host: hm.baidu.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         103.235.46.191

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/gif

                                        

                                        
                                            
Cache-Control: private, max-age=0, no-cache 

                                        
                                            
Content-Length: 43 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:37 GMT 

                                        
                                            
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Server: apache 

                                        
                                            
Set-Cookie: HMACCOUNT=58241065B30D6ED6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT 

                                        
                                            
Strict-Transport-Security: max-age=172800 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3

                                                Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7

                                                Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1598 

                                        
                                            
Cache-Control: max-age=158480 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Etag: "63855008-118" 

                                        
                                            
Expires: Thu, 01 Dec 2022 00:45:58 GMT 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 00:19:20 GMT 

                                        
                                            
Server: ECS (ska/F709) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    34ebb4233594cd8491eeacc5fa7314ec

                                                Sha1:   1a720e00c78b016f1046a2e62610078af600efe2

                                                Sha256: 976170bbfc62ba9a86f6ed104b8cc175fdf38a38d730d631e2bb1917c152cdab

                                        
                                            GET /xxx12345.gif HTTP/1.1 

                                        
                                            
Host: ob699.cc

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive

                                         45.153.131.58

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/gif

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Content-Length: 19781 

                                        
                                            
Last-Modified: Sat, 01 Oct 2022 06:45:45 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "6337e219-4d45" 

                                        
                                            
Expires: Thu, 29 Dec 2022 04:44:38 GMT 

                                        
                                            
Cache-Control: max-age=2592000 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 225 x 135\012- data

                                                Size:   19781

                                                Md5:    74f156899d26c1a1ef9108ee4023052d

                                                Sha1:   3d2f15dc81ee27a7832947bbb59a7836ccc7f027

                                                Sha256: b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D114EF9D20151673A3845EABEE68CFC9FF47BD0E45098B1FB2BCC03A54A5B624" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=1897 

                                        
                                            
Expires: Tue, 29 Nov 2022 05:16:15 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9a403262c308139c9b1764274621271a

                                                Sha1:   ebdb13810e9d39bc528fd7ee78af0835a0013bb6

                                                Sha256: d114ef9d20151673a3845eabee68cfc9ff47bd0e45098b1fb2bcc03a54a5b624

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "9B348E405DA997965BBFB5A714755EBE7B05744F6E83E4C635E42D5FA9E282D1" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=18580 

                                        
                                            
Expires: Tue, 29 Nov 2022 09:54:18 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    1cdd23460571e06be2b5384a4362b213

                                                Sha1:   16016e9ac93fc8ee63645863d0e6a0536e99de26

                                                Sha256: 9b348e405da997965bbfb5a714755ebe7b05744f6e83e4c635e42d5fa9e282d1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 346 

                                        
                                            
ETag: "481C32F7F67F95E55A1FACFDDE3CDB7917E686D1BA1979F96089CB9D3B4F834A" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19254 

                                        
                                            
Expires: Tue, 29 Nov 2022 10:05:32 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   346

                                                Md5:    fc796901ab3b12631015f01cd27c8d23

                                                Sha1:   d04e98b67b1455b1a6fb826506eef6f72297c187

                                                Sha256: 481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 

                                        
                                            
Host: ocsp2.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.20.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Content-Length: 1459 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Expires: Sat, 03 Dec 2022 01:55:04 GMT 

                                        
                                            
ETag: "703ba61cb928fc585c0cc2e870ce9e53dab82401" 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 01:55:05 GMT 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 2333 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7718b073eb62fab8-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1459

                                                Md5:    9ab45e9920220fcf9443b2bf81ba6a7d

                                                Sha1:   703ba61cb928fc585c0cc2e870ce9e53dab82401

                                                Sha256: e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55

                                        
                                            GET /upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif HTTP/1.1 

                                        
                                            
Host: www.yssydh.top

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.67.209.49

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 47538 

                                        
                                            
last-modified: Wed, 27 Jul 2022 08:34:24 GMT 

                                        
                                            
etag: "62e0f890-b9b2" 

                                        
                                            
expires: Sat, 03 Dec 2022 16:45:35 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2203143 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bs8U0lYlxFsZ%2FDWWgoNsikIhjLiogMM%2FlBth803Udf8LwobucTp4dxcYrukMdEfW9F23fzIIh2K1UwGv4LN6RQ7eE2K15nb6NahezPm8P6WLkR4GoyT%2FuK%2BEVcUm0BIeTQ%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b0742b58b518-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 150 x 150\012- data

                                                Size:   47538

                                                Md5:    238e06fae36a60963dd217adc895c9e4

                                                Sha1:   feb1b8c405b5e162fb23a7727aedb83eae0a9e9f

                                                Sha256: 321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 15:19:39 GMT 

                                        
                                            
Expires: Sat, 03 Dec 2022 15:19:38 GMT 

                                        
                                            
Etag: "2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1" 

                                        
                                            
Cache-Control: max-age=383099,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb2 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7718b072fab8b521-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    b407444fc65f86948d0f257a7a63c73c

                                                Sha1:   2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1

                                                Sha256: 300712a9df82ffbb5fd337feddd86f3b23bc602b78969fee87fda5d6de9b05f1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sun, 27 Nov 2022 15:31:14 GMT 

                                        
                                            
Expires: Sun, 04 Dec 2022 15:31:13 GMT 

                                        
                                            
Etag: "0ffef801a05eb8a92497aae04daeb6c2748de482" 

                                        
                                            
Cache-Control: max-age=470194,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb3 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7718b0738d56b511-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    0262bdb2a5c0432d40d36cd9e3f133b1

                                                Sha1:   0ffef801a05eb8a92497aae04daeb6c2748de482

                                                Sha256: 771ecb84a2bc4aceb92524a4e44718a439eee03aa761f88a1e739378f1dbf330

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "87050CC8E0E155A6FE7FD11AE7270D58F539F9A022BE944778CAD0A17EBEF22F" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3481 

                                        
                                            
Expires: Tue, 29 Nov 2022 05:42:39 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    5b4bc4d091d314a559fc8d4b2dbbb5f5

                                                Sha1:   62f9d886b9e85e64462f75988e0d0b349c569c0d

                                                Sha256: 87050cc8e0e155a6fe7fd11ae7270d58f539f9a022be944778cad0a17ebef22f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 10:05:42 GMT 

                                        
                                            
Expires: Sat, 03 Dec 2022 10:05:41 GMT 

                                        
                                            
Etag: "2bf2252d9f68bdb1504969d1216a0e9f1873a865" 

                                        
                                            
Cache-Control: max-age=364262,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb6 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7718b072fab7b521-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    8c860f6cc16cec53769d4433e6f0ddf2

                                                Sha1:   2bf2252d9f68bdb1504969d1216a0e9f1873a865

                                                Sha256: 7107d5b0e028993ce463eb29eebae9f15bcd8ff4403a0d15f909861ef9e676c5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C8AE8C1D1166B7A0D166FE89AA95C74C00FCD8EDC94AA95B5AEF8A2B33D87999" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16299 

                                        
                                            
Expires: Tue, 29 Nov 2022 09:16:17 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    03155dd0188bbb26580d8aa9b9a128ea

                                                Sha1:   f51e0dd8ab1a0c0a260b866525acd296d4e7f105

                                                Sha256: c8ae8c1d1166b7a0d166fe89aa95c74c00fcd8edc94aa95b5aef8a2b33d87999

                                        
                                            GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1 

                                        
                                            
Host: kvmaa.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         170.178.176.170

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 162 

                                        
                                            
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   162

                                                Md5:    4f8e702cc244ec5d4de32740c0ecbd97

                                                Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff

                                                Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

                                        
                                            GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1 

                                        
                                            
Host: kvmaa.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         170.178.176.170

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 162 

                                        
                                            
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   162

                                                Md5:    4f8e702cc244ec5d4de32740c0ecbd97

                                                Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff

                                                Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

                                        
                                            GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1 

                                        
                                            
Host: kvezz.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         45.154.215.92

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 162 

                                        
                                            
location: https://kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   162

                                                Md5:    4f8e702cc244ec5d4de32740c0ecbd97

                                                Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff

                                                Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

                                        
                                            GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1 

                                        
                                            
Host: kzecc.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         64.32.13.142

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 162 

                                        
                                            
location: https://max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   162

                                                Md5:    4f8e702cc244ec5d4de32740c0ecbd97

                                                Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff

                                                Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.buypass.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 78 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.200

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Access-Control-Allow-Origin: https://www.buypass.no 

                                        
                                            
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale 

                                        
                                            
Access-Control-Allow-Credentials: false 

                                        
                                            
Access-Control-Allow-Methods: GET,POST 

                                        
                                            
MDC-correlationId: ff42f1f1-ed1a-42ac-9f43-977431812938 

                                        
                                            
Content-Length: 1700 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1700

                                                Md5:    36216e04f51d2e8876be4510b1e7c7f0

                                                Sha1:   fe80784e1649b75fad562921cefa907d5bc98f40

                                                Sha256: 2f3783a7390af50e2a85d555dde85b6c6a2de0e4f188659e93b8b5888fa90744

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "7F1B74086414FF31F9AB16FD18A8DADB7D7B77023E6BDE0B9BBD5AA749A53D93" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16153 

                                        
                                            
Expires: Tue, 29 Nov 2022 09:13:51 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    233e57f60023d3cdf4dfa75d53a03eb3

                                                Sha1:   9dac5203260858b4de4682f9f610618454b5bb01

                                                Sha256: 7f1b74086414ff31f9ab16fd18a8dadb7d7b77023e6bde0b9bbd5aa749a53d93

                                        
                                            GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1 

                                        
                                            
Host: kvemm.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         64.32.13.142

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 162 

                                        
                                            
location: https://kvkddd.top/0eddc09b941df608c7dbb65fd7344c05.gif 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   162

                                                Md5:    4f8e702cc244ec5d4de32740c0ecbd97

                                                Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff

                                                Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sun, 27 Nov 2022 03:39:04 GMT 

                                        
                                            
Expires: Sun, 04 Dec 2022 03:39:03 GMT 

                                        
                                            
Etag: "e60b44b493885b9e3bfcd727a512d8fded812887" 

                                        
                                            
Cache-Control: max-age=427464,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb5 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7718b074eddab511-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    1fbb7f61e76866ea359f7919c12bef99

                                                Sha1:   e60b44b493885b9e3bfcd727a512d8fded812887

                                                Sha256: 87e51cc1ada762613fa8ddea12a61e0bfc1056f679cc8f7e4a464e4a6e77861a

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 

                                        
                                            
Host: ocsp2.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.21.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Content-Length: 1459 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Expires: Sat, 03 Dec 2022 03:18:53 GMT 

                                        
                                            
ETag: "ff034ade54f7c8486ef4464f8946da5e5b463ade" 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 03:18:54 GMT 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 0 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7718b0763ce40b51-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1459

                                                Md5:    73587ccc1a1457c55594ab1245f9ef77

                                                Sha1:   ff034ade54f7c8486ef4464f8946da5e5b463ade

                                                Sha256: df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 343 

                                        
                                            
ETag: "6276E91FB8F11D447C6EB8E1EF977B69DB6934FCC8793A479D195DB13DF23F0C" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9547 

                                        
                                            
Expires: Tue, 29 Nov 2022 07:23:45 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   343

                                                Md5:    9347e1cd2af04f5ca48a31f0bc3da7ae

                                                Sha1:   22beae35c318731eaa78a824f051831c85b508ef

                                                Sha256: 6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c

                                        
                                            GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 14387 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: origSize=15124, status=webp_bigger 

                                        
                                            
etag: "5e11cf7d-3b14" 

                                        
                                            
last-modified: Sun, 05 Jan 2020 11:58:53 GMT 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2332 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b076ac3f1bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data

                                                Size:   14387

                                                Md5:    c814bbc877c9b41935908734d76b7778

                                                Sha1:   7ba4a76ea6941ff9b06fff0ecadfd0abb64d719d

                                                Sha256: df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5

                                        
                                            GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 4468 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=6775 

                                        
                                            
content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp" 

                                        
                                            
etag: "5dc4c133-1a77" 

                                        
                                            
last-modified: Fri, 08 Nov 2019 01:13:23 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b076bc421bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   4468

                                                Md5:    174c271fbd41b05e66270e9f781e8dc1

                                                Sha1:   6f7b0f3b4e5527db1c55921da243ce6318be9e85

                                                Sha256: 20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf

                                        
                                            GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1 

                                        
                                            
Host: kveff.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         64.32.13.142

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 162 

                                        
                                            
location: https://max002.top/68a7807de3933bf7079116fa9df99e6f.gif 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   162

                                                Md5:    4f8e702cc244ec5d4de32740c0ecbd97

                                                Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff

                                                Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "77C2410D58D53811AE7B701FF4C501B6A21C9AF6D27189170E725573CE07DB2F" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19211 

                                        
                                            
Expires: Tue, 29 Nov 2022 10:04:49 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    313a4af0587cf0130df762583804464b

                                                Sha1:   2e81dd41e78c4b094f32575b1727a1c9207a1af1

                                                Sha256: 77c2410d58d53811ae7b701ff4c501b6a21c9af6d27189170e725573ce07db2f

                                        
                                            GET /upload/vod/2022/11-28/13/tst0suxpwqn1335tst0suxpwqn216294.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 7300 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=8447 

                                        
                                            
content-disposition: inline; filename="tst0suxpwqn1335tst0suxpwqn216294.webp" 

                                        
                                            
etag: "63844899-20ff" 

                                        
                                            
last-modified: Mon, 28 Nov 2022 05:35:21 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b076bc481bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   7300

                                                Md5:    78ca33bcc515e6651b3f86b563f4adde

                                                Sha1:   1aa9831fe487e9f92b377acf7a59fb25d255a4dd

                                                Sha256: 5f0ea2152c6e4237394d893b6a43154c7db9cea516ca4b2d1d18fcbbf3c4c3d0

                                        
                                            GET /upload/vod/2022/11-28/13/w5advwm3stk1335w5advwm3stk296312.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 5886 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=7261 

                                        
                                            
content-disposition: inline; filename="w5advwm3stk1335w5advwm3stk296312.webp" 

                                        
                                            
etag: "638448a1-1c5d" 

                                        
                                            
last-modified: Mon, 28 Nov 2022 05:35:29 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b076bc431bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   5886

                                                Md5:    d30e29788a351c0d9f5692b683d2f8cd

                                                Sha1:   2765e1f06f47d3cbb8ceaadc46467c038146f960

                                                Sha256: c5d878d180374a8d47665158142a664c93d72b459ca2abadbf016d552e818906

                                        
                                            GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1 

                                        
                                            
Host: 200.benbenys.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive

                                         23.224.61.222

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Expires: Thu, 29 Dec 2022 04:44:38 GMT 

                                        
                                            
Pragma: cache 

                                        
                                            
Cache-Control: max-age=2592000 

                                        
                                            
Upgrade: h2 

                                        
                                            
Connection: Upgrade, close 

                                        
                                            
Content-Length: 57375 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data

                                                Size:   57375

                                                Md5:    61b977b3527d7c0e27e2af877b5a5c59

                                                Sha1:   4a1f0beee6c8215da2bfda76b5f1c87d62925bfc

                                                Sha256: 945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff

                                        
                                            GET /tL26d3m/240x140.gif HTTP/1.1 

                                        
                                            
Host: i.ibb.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         162.19.58.156

                                        
                                            HTTP/2 404 Not Found 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 1031 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data

                                                Size:   1031

                                                Md5:    7325e2012a6cf941a6ea14f0061ff764

                                                Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769

                                                Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 

                                        
                                            
Host: ocsp2.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.20.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Content-Length: 1459 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Expires: Sat, 03 Dec 2022 03:18:53 GMT 

                                        
                                            
ETag: "ff034ade54f7c8486ef4464f8946da5e5b463ade" 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 03:18:54 GMT 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7718b0760bb8fab8-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1459

                                                Md5:    73587ccc1a1457c55594ab1245f9ef77

                                                Sha1:   ff034ade54f7c8486ef4464f8946da5e5b463ade

                                                Sha256: df8b9f2d032d0aef4522c2a2d37ae7b11dae6f4f1ec56378baf702d9d60820cf

                                        
                                            GET /upload/vod/2022/11-28/13/n4ypwectl5m1335n4ypwectl5m226298.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 5556 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=6655 

                                        
                                            
content-disposition: inline; filename="n4ypwectl5m1335n4ypwectl5m226298.webp" 

                                        
                                            
etag: "6384489b-19ff" 

                                        
                                            
last-modified: Mon, 28 Nov 2022 05:35:23 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b076bc4b1bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   5556

                                                Md5:    9de4c86aeb08d6f8a6fc164e722de4ca

                                                Sha1:   a5d895d894361b7390f10956e1a57844986f1cd5

                                                Sha256: ee0adc9a7959caadc003e437c15302cbcd598d8d51d98528685cfd1377455264

                                        
                                            GET /upload/vod/2022/11-28/13/11wp2qvcp4m133511wp2qvcp4m186288.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 6114 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=7211 

                                        
                                            
content-disposition: inline; filename="11wp2qvcp4m133511wp2qvcp4m186288.webp" 

                                        
                                            
etag: "63844896-1c2b" 

                                        
                                            
last-modified: Mon, 28 Nov 2022 05:35:18 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b076cc531bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   6114

                                                Md5:    cb289b33537c94f5b0fb6a57cb4d43fa

                                                Sha1:   14710b0bb96871ad62a7da07beaba4ca1d46511f

                                                Sha256: 9bbc038d5a4ae97b6f70f932dac3a777ebc61ce2b989486f732c47e01aa8c2bb

                                        
                                            GET /upload/vod/2022/11-28/13/03s1agsxfpo133503s1agsxfpo226296.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 8412 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=9533 

                                        
                                            
content-disposition: inline; filename="03s1agsxfpo133503s1agsxfpo226296.webp" 

                                        
                                            
etag: "6384489a-253d" 

                                        
                                            
last-modified: Mon, 28 Nov 2022 05:35:22 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b076ec591bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   8412

                                                Md5:    b30c3f4ead010cee92fd4085c44ac5f0

                                                Sha1:   2345edc988822d873e0075ef48ecf3f40eeb4929

                                                Sha256: ec9fbc7391e5d8993bb6ee6331975e87ce5acdd5a94de10fa0f4f22087198f88

                                        
                                            GET /upload/vod/2022/11-28/13/5ge3qzto32513355ge3qzto325256304.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 9728 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=10573 

                                        
                                            
content-disposition: inline; filename="5ge3qzto32513355ge3qzto325256304.webp" 

                                        
                                            
etag: "6384489d-294d" 

                                        
                                            
last-modified: Mon, 28 Nov 2022 05:35:25 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b0774c6b1bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   9728

                                                Md5:    f97716c9cf6a28b9090b0de5143221d5

                                                Sha1:   5da983d9171a6a0fc219873012d9d91108fcc125

                                                Sha256: 6a79eecdb7f0a7b652505c86e121fe6b6f7898c5fcf56695a6b9cccc25b61f6e

                                        
                                            GET /upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 8736 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=10968 

                                        
                                            
content-disposition: inline; filename="2akielas4ot14532akielas4ot386104.webp" 

                                        
                                            
etag: "63830972-2ad8" 

                                        
                                            
last-modified: Sun, 27 Nov 2022 06:53:38 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2332 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b0775c721bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   8736

                                                Md5:    7bfbd10c68b3b32f40128c92669b07cb

                                                Sha1:   43b9f512dcf14d6e601fe2957013878d3776bc90

                                                Sha256: 415c375b82e01d275b8f617318c7251c31d5fb14bd92366e0ca3ec9d711492dd

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=168025 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Etag: "63857b8f-1d7" 

                                        
                                            
Expires: Thu, 01 Dec 2022 03:25:03 GMT 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 03:25:03 GMT 

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    7e5a6e2829f4d2b20b0062d9930aa711

                                                Sha1:   ebb93b1d6ee2f9009e2d1753aab77b2b6de0f56c

                                                Sha256: 81b0cc31edbd181e23d043f69d3487e0ad57a893665af3cc9ebb1fcdd97d89a3

                                        
                                            GET /upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 12826 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: origSize=13483, status=webp_bigger 

                                        
                                            
etag: "638449cb-34ab" 

                                        
                                            
last-modified: Mon, 28 Nov 2022 05:40:27 GMT 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b0776c731bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data

                                                Size:   12826

                                                Md5:    64e5d30e2c9ff8d2beacad9f64a97e7a

                                                Sha1:   7fa9fc846cd7c6695ca6bdb2bd46e21a76f9f1ae

                                                Sha256: fef9d085f8ed814c53c48d162379bf86971f29ec4a7b7e3d2a962a006fca5de7

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1527 

                                        
                                            
Cache-Control: max-age=149751 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
Etag: "63852e36-2d7" 

                                        
                                            
Expires: Wed, 30 Nov 2022 22:20:29 GMT 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:55:02 GMT 

                                        
                                            
Server: ECS (amb/6BA5) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 727 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   727

                                                Md5:    62ab0caeab837e52beb85fc332e51d01

                                                Sha1:   e53946379c035bd3532b3cdaef22d122b894b3a1

                                                Sha256: 38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469

                                        
                                            GET /upload/vod/2022/11-28/13/rwe3egzutrh1335rwe3egzutrh206292.jpg HTTP/1.1 

                                        
                                            
Host: lbfm.lbpictupian.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.22.12.214

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/webp

                                        

                                        
                                            
date: Tue, 29 Nov 2022 04:44:38 GMT 

                                        
                                            
content-length: 9796 

                                        
                                            
cf-bgj: imgq:85,h2pri 

                                        
                                            
cf-polished: qual=85, origFmt=jpeg, origSize=10754 

                                        
                                            
content-disposition: inline; filename="rwe3egzutrh1335rwe3egzutrh206292.webp" 

                                        
                                            
etag: "63844898-2a02" 

                                        
                                            
last-modified: Mon, 28 Nov 2022 05:35:20 GMT 

                                        
                                            
vary: Accept 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2333 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7718b0776c751bfe-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   9796

                                                Md5:    7a73f0cfbab7791e5f97b92fbcc0af57

                                                Sha1:   5169d28cc09dff8a5e2499881032302ddaf068ee

                                                Sha256: 8c2a920257bc6b41db99fadce0ac011f8a1d8a3117c600105dae0c55b6eb0de5

                                        
                                            GET /128/318X216.gif HTTP/1.1 

                                        
                                            
Host: zhibo128x.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys12.xyz/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         154.83.25.141

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/gif

                                        

                                        
                                            
Server: openresty 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:00 GMT 

                                        
                                            
Content-Length: 89870 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT 

                                        
                                            
ETag: "63145c07-15f0e" 

                                        
                                            
Expires: Wed, 30 Nov 2022 00:43:29 GMT 

                                        
                                            
Cache-Control: max-age=2592000 

                                        
                                            
Via: 154.83.25.138 

                                        
                                            
CDN-Cache: HIT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 318 x 216\012- data

                                                Size:   89870

                                                Md5:    fcfb39891df6c04744982e2f8c67f6b7

                                                Sha1:   7a667d860bab955b1e95bce9a455cc5555783076

                                                Sha256: 534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 346 

                                        
                                            
ETag: "481C32F7F67F95E55A1FACFDDE3CDB7917E686D1BA1979F96089CB9D3B4F834A" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19253 

                                        
                                            
Expires: Tue, 29 Nov 2022 10:05:32 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:39 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   346

                                                Md5:    fc796901ab3b12631015f01cd27c8d23

                                                Sha1:   d04e98b67b1455b1a6fb826506eef6f72297c187

                                                Sha256: 481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: dvcasha2.ocsp-certum.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.79.17

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 1599 

                                        
                                            
X-Cached: HIT 

                                        
                                            
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload 

                                        
                                            
Cache-Control: max-age=39 

                                        
                                            
Date: Tue, 29 Nov 2022 04:44:39 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1599

                                                Md5:    d20b3eeb10a5d2a25e6dac63522bf57d

                                                Sha1:   0a2249dcef688c79a67cfdd7a1e559ede99be925

                                                Sha256: 5904afabafe989992cd033150690f3cd225b66eb0b444b1a39f088c275e0355e

                                        
                                            GET /news/list.php HTTP/1.1 

                                        
                                            
Host: www.jxys88.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.jxys88.net/news/index.php 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         173.231.12.68

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 04:44:34 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   257538

                                                Md5:    7ff193da0016d3c8b98bb68d997a0cb4

                                                Sha1:   720cafe9c8028b120802ec3f818c1e14bdeaf86b

                                                Sha256: c253c33d24dc3d6b50071ecb7cb3d3c1a7f4ea1d85372d21a025de90a310b7b8

URL	weightloss-meals.com/gym-and-meals
IP	107.165.125.108 (United States)
ASN	#18779 EGIHOSTING
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-29 04:44:45 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	20
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (79)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 107.165.125.108

Last 5 reports on ASN: EGIHOSTING

Last 3 reports on domain: weightloss-meals.com

No other reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (1)

#1 JavaScript::Eval (size: 473) - SHA256: bd6c47b0f777a0d657a27188564ce3d79d981db13810fff1b42f4357534cee47

Executed Writes (4)

#1 JavaScript::Write (size: 351) - SHA256: bc6eefa90005a569493948d8ae97575bf163beae520323be99102d7d8fb217a1

#2 JavaScript::Write (size: 454) - SHA256: 29a509c17c4110f9006d2107b69c77742a293c5cd7c474ff53248173b756d525

#3 JavaScript::Write (size: 201) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca

#4 JavaScript::Write (size: 328) - SHA256: 380ed21bcde40c675ea4aa1b4208659bcfec7172b3b42ba8c71961b354c91c28

HTTP Transactions (234)

Overview

Domain Summary (79)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 107.165.125.108

Last 5 reports on ASN: EGIHOSTING

Last 3 reports on domain: weightloss-meals.com

No other reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (1)

#1 JavaScript::Eval (size: 473) - SHA256: bd6c47b0f777a0d657a27188564ce3d79d981db13810fff1b42f4357534cee47

Executed Writes (4)

#1 JavaScript::Write (size: 351) - SHA256: bc6eefa90005a569493948d8ae97575bf163beae520323be99102d7d8fb217a1

#2 JavaScript::Write (size: 454) - SHA256: 29a509c17c4110f9006d2107b69c77742a293c5cd7c474ff53248173b756d525

#3 JavaScript::Write (size: 201) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca

#4 JavaScript::Write (size: 328) - SHA256: 380ed21bcde40c675ea4aa1b4208659bcfec7172b3b42ba8c71961b354c91c28

HTTP Transactions (234)

Network Intrusion Detection Systems