r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4291
Expires: Fri, 25 Nov 2022 13:17:13 GMT
Date: Fri, 25 Nov 2022 12:05:42 GMT
Connection: keep-alive
nils-holgerson.com/
172.121.89.17301 Moved Permanently 0 B IP 172.121.89.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 12:05:42 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.nils-holgerson.com/index.php
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12562
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 12:05:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5340
Cache-Control: max-age=86069
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:42 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:00:11 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FkcDNhjmGBvklbBVO2Y2ud2rcEpDZ6jTBPh8pXYwtRQqiU/W/L+h3mtXATVSW+TmS/QF89hhpRQ=
x-amz-request-id: BYA5KP3P05QNJWQ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 11:40:47 GMT
age: 1495
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 11:19:06 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2796
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 11:08:53 GMT
cache-control: public,max-age=3600
age: 3410
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.nils-holgerson.com/index.php
172.121.89.17200 OK 785 B URL HTTP/1.1 www.nils-holgerson.com/index.php
IP 172.121.89.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 449979d226b4709e707902a1275adecd
bc5083da744f7892a81e1a630855e6250b5f3959
235f81865fe0e97383deb1b88df3ba218d51bfc6cedb0ecbf0ad24f7029f1c0c
GET /index.php HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 12:05:42 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6238
Cache-Control: max-age=168306
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:43 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:50:49 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.nils-holgerson.com/tj.js
172.121.89.17200 OK 520 B URL HTTP/1.1 www.nils-holgerson.com/tj.js
IP 172.121.89.17:0
File type ASCII text, with CRLF line terminators
Hash c641843bbee2dbe645c9de13d8f953ed
1a93b5d7b8540d5acbaae9c8bc00c16926a23588
4604c89ab81e21b0a8e7e762b60c0190dd44643056504ae5c28ebd2b4e739ed7
GET /tj.js HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 12:05:43 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hX7yZ3+lOmr7wKvzix0G5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JfSDCavzxUZoquh65eJ7oDK2vQ0=
www.nils-holgerson.com/common.js
172.121.89.17200 OK 738 B URL HTTP/1.1 www.nils-holgerson.com/common.js
IP 172.121.89.17:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash 70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6
GET /common.js HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 12:05:43 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
180.101.212.103200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 25 Nov 2022 12:05:43 GMT
Etag: "4078521116"
Expires: Sat, 25 Nov 2023 12:05:43 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=0118490D295835BB98FD755A7A9C6E5A:FG=1; max-age=31536000; expires=Sat, 25-Nov-23 12:05:43 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5ed665c986f3bf3ec9dad76cac54a48
fc2d572f74202406218df3a55f2bd78fdab4ee57
a1b84584d4150c52d2fc0175f72368a12ec3fb9d5221101e084a09007d0c3dbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1B84584D4150C52D2FC0175F72368A12EC3FB9D5221101E084A09007D0C3DBF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14557
Expires: Fri, 25 Nov 2022 16:08:21 GMT
Date: Fri, 25 Nov 2022 12:05:44 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash a69d3acc10aa0821cd46bf82c1e87188
b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f
bb50a1777adf4b17040bf6163185440258a58bc4120aa810dbd3e2224606a2a1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 08:29:14 GMT
ETag: "b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f"
Last-Modified: Fri, 25 Nov 2022 08:29:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2651
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa4117293a1c0e-OSL
www.nils-holgerson.com/favicon.ico
172.121.89.17200 OK 1.2 kB URL HTTP/1.1 www.nils-holgerson.com/favicon.ico
IP 172.121.89.17:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 12:05:44 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 30 Nov 2022 12:05:44 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.nils-holgerson.com/index.php
39.156.68.163200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.nils-holgerson.com/index.php
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.nils-holgerson.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 25 Nov 2022 12:05:44 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9975
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:05:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9975
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:05:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9975
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:05:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9975
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:05:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 27765
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:46:20 GMT
age: 15565
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kkI9Vh2vZeJPwz2JVL5MErsBBwk8-2Jo49yc0sFqv5pxIyBi6azFIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:00:34 GMT
age: 50711
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 51472
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 51066
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:35:26 GMT
age: 16219
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 3d7c4a35fe40cbd34179c260dc825bea
03841ad293e806446646e3900a94287b00e98420
e3464401a3ddd9fd460f27e566c200a6d75f14574a9d7da71e0c25c77f6acb0b
GET /hm.js?fec0eaa8fc52795617f18f518d42aaab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 12:05:44 GMT
Etag: 05ceac446f89d9ad6868c8ec53097e1a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EDF2551BD7903044; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash ef847d30f627e603ad8fe95f2f65d9f8
a544b9a25307fdf2426bfdb7bd14c6abbb13d596
72955b389539aa4fe62044213a14ac0874c78f99b019372c8d9a97016aae1d90
GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 12:05:44 GMT
Etag: 8aba6767da6813034449a73cb78bda4b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=17C3C53A19742321; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1829937081&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=4890&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1829937081&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=4890&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1829937081&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=4890&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 12:05:45 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DB379B7921A0ECAB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1305380370&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=4890&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1305380370&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=4890&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1305380370&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=4890&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 12:05:45 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F219D8FF99F048DD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.jxys88.net/news/data.php
173.231.12.68200 OK 712 B URL HTTP/2 www.jxys88.net/news/data.php
IP 173.231.12.68:0
Hash 23599f9362da6ae70ef9b6c598fd47e3
6fd60a240f090a1300daefac824507257fcbd6a1
1d92b42486b8d5e40a868b76851e4815846a7a3cc80dd4e9928794ceef53c787
GET /news/data.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxys6.xyz/template/m1938pc/html9/ads/1.gif
173.231.38.5200 OK 254 B URL HTTP/2 www.jxys6.xyz/template/m1938pc/html9/ads/1.gif
IP 173.231.38.5:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Sun, 25 Dec 2022 12:05:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys6.xyz/template/m1938pc/html9/ads/ob1.gif
173.231.38.5200 OK 193 kB URL HTTP/2 www.jxys6.xyz/template/m1938pc/html9/ads/ob1.gif
IP 173.231.38.5:0
File type GIF image data, version 89a, 960 x 90\012- data
Size 193 kB (193193 bytes)
Hash a0f25aca4ee2af38f3d3f5cbfde1bdf8
252b04cdfaa6918b897fc8ef8ae759469ca831eb
89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: image/gif
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Sun, 25 Dec 2022 12:05:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z06k2215d3m9fgtcDE68.gif
96.6.16.143200 OK 121 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z06k2215d3m9fgtcDE68.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 121 kB (120799 bytes)
Hash b0f8e806d4a30c123d6404fd5b9f0876
ad7f7d43d3e5340016ef521d346cd2a6c518bfaa
0785b7dd32685c1301b017a5852d0614edd564035e709b6791823d1bd454a454
GET /images/0Z06k2215d3m9fgtcDE68.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 120799
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 32
x-edgeconnect-origin-mex-latency: 41
cache-control: max-age=7623085
expires: Tue, 21 Feb 2023 17:37:12 GMT
date: Fri, 25 Nov 2022 12:05:47 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6547546
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Fri, 25 Nov 2022 12:05:47 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
96.6.16.143200 OK 917 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 917 kB (917226 bytes)
Hash 28998a87f539b948e98fdc9c82fc6a69
c0085b4e65a2679d63c10ccf8bcffd7b6014b211
1bcb305b12f83cc84760b87cc0d7088e774e0d67e19657f131fdc6a0fadbec0a
GET /images/0Z05r2224t6z9bba9EA9A.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 917226
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7613550
expires: Tue, 21 Feb 2023 14:58:17 GMT
date: Fri, 25 Nov 2022 12:05:47 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
www.jxys6.xyz/template/m1938pc/static/images/pic.png
173.231.38.5200 OK 90 B URL HTTP/2 www.jxys6.xyz/template/m1938pc/static/images/pic.png
IP 173.231.38.5:0
File type HTML document, ASCII text
Hash 5341dd3aa19c0eb3bc809f9150e3e833
7beaba24a698410e4ffc93357d82c6f683cbaba1
f4ea9875d59d8391034d2c230808d5812fd183e2c83751288cea542747f5ef53
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/images/pic.png HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:47 GMT
content-type: image/png
content-length: 90
last-modified: Fri, 14 Jan 2022 04:46:48 GMT
etag: "61e10038-5a"
expires: Sun, 25 Dec 2022 12:05:47 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
96.6.16.143200 OK 457 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 457 kB (457345 bytes)
Hash c715f378075493153db049a8d2e70e1c
8c86edc72c9fa616aa484a42b84cff16c35f06b9
7ea2d9498a4d7b0467811099cc382871149c383a4d2639f222b0b928494c91dd
GET /images/0Z0462215cypa2gv406F9.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 457345
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6547473
expires: Thu, 09 Feb 2023 06:50:20 GMT
date: Fri, 25 Nov 2022 12:05:47 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
www.jxys6.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
173.231.38.5200 OK 13 kB URL HTTP/2 www.jxys6.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP 173.231.38.5:0
File type Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Hash 99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys6.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:47 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient
104.110.17.24200 OK 151 kB URL HTTP/2 dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 151 kB (151061 bytes)
Hash 89c820a186cb325d9979cdae663875eb
e9dbc77e9d46e03ebec28aaca2bf5e302767064f
9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade
GET /images/0102y120009tf26vrA1E9.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 151061
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=8476046
expires: Fri, 03 Mar 2023 14:33:13 GMT
date: Fri, 25 Nov 2022 12:05:47 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 7
x-edgeconnect-origin-mex-latency: 99
cache-control: max-age=7773643
expires: Thu, 23 Feb 2023 11:26:30 GMT
date: Fri, 25 Nov 2022 12:05:47 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0392f120009z0w9os41A2.gif
104.110.17.24200 OK 2.6 MB URL HTTP/2 dimg04.c-ctrip.com/images/0392f120009z0w9os41A2.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 2.6 MB (2643442 bytes)
Hash ffbc057a89fded997b059241f4f62c8e
36e8883858804959ce2597b61378e809ea789b4a
2de6e43216a0750e04a759344cb97bf648c34e69aff52e164cbf88703eeb03e7
GET /images/0392f120009z0w9os41A2.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2643442
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7772160
expires: Thu, 23 Feb 2023 11:01:47 GMT
date: Fri, 25 Nov 2022 12:05:47 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
www.jxys6.xyz/template/m1938pc/static/css/swiper.min.css
173.231.38.5200 OK 14 kB URL HTTP/2 www.jxys6.xyz/template/m1938pc/static/css/swiper.min.css
IP 173.231.38.5:0
File type ASCII text, with very long lines (18077), with CRLF, LF line terminators
Hash 4090c395b46c705f6dbc0af6b3fe5ba5
854187017fbfb9ae9b6ec871d70270ee201ca0e8
bdab9148422f01cd66b9cbcc150d8d0b6d4d8b5a294d86a38a8cd78cb63645cb
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Sat, 26 Nov 2022 00:05:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 3a0d7727a38e14e81b456868b27c1f20
fa9b8861ce580fe29d01d9b7a860baab03231422
71e4de287267104c26294102a65cfed8b6d89491d4ef1383462976ece37a5417
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:49:52 GMT
ETag: "fa9b8861ce580fe29d01d9b7a860baab03231422"
Last-Modified: Fri, 25 Nov 2022 09:49:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 262
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa412e4d2e0b4d-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 3a0d7727a38e14e81b456868b27c1f20
fa9b8861ce580fe29d01d9b7a860baab03231422
71e4de287267104c26294102a65cfed8b6d89491d4ef1383462976ece37a5417
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:49:52 GMT
ETag: "fa9b8861ce580fe29d01d9b7a860baab03231422"
Last-Modified: Fri, 25 Nov 2022 09:49:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 262
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa412e485db512-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 3a0d7727a38e14e81b456868b27c1f20
fa9b8861ce580fe29d01d9b7a860baab03231422
71e4de287267104c26294102a65cfed8b6d89491d4ef1383462976ece37a5417
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:49:52 GMT
ETag: "fa9b8861ce580fe29d01d9b7a860baab03231422"
Last-Modified: Fri, 25 Nov 2022 09:49:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 262
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa412e4eadb4eb-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42278ef7e6589af98c2423b75e7c46bd
caf43419f16b0946e0ff0c590096dd2b945e7b92
16aff9cc0c99e7ab1ce8918e332416be4e5daeda76ea2265849088dcba0caad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16AFF9CC0C99E7AB1CE8918E332416BE4E5DAEDA76EA2265849088DCBA0CAAD7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12151
Expires: Fri, 25 Nov 2022 15:28:18 GMT
Date: Fri, 25 Nov 2022 12:05:47 GMT
Connection: keep-alive
tt.1468tu.com/58tu/405x204.gif
43.153.174.204301 Moved Permanently 166 B URL HTTP/1.1 tt.1468tu.com/58tu/405x204.gif
IP 43.153.174.204:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /58tu/405x204.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 12:05:47 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://tt.1468tu.com:1382/58tu/405x204.gif
Server: X-Y
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 3a0d7727a38e14e81b456868b27c1f20
fa9b8861ce580fe29d01d9b7a860baab03231422
71e4de287267104c26294102a65cfed8b6d89491d4ef1383462976ece37a5417
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:49:52 GMT
ETag: "fa9b8861ce580fe29d01d9b7a860baab03231422"
Last-Modified: Fri, 25 Nov 2022 09:49:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 263
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa412fded30b4d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3bd62144364e8a26fc6f6f93ca1e97cd
277b931bbedd1937e0666778dfd3f037c70ff1fe
5b583d3275549f0781d6b139ae0bbc19622a0e5bbca2f0702fbf0990b43a753e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6186
Cache-Control: max-age=136611
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:48 GMT
Etag: "63800a15-118"
Expires: Sun, 27 Nov 2022 02:02:39 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=617583354&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=4892&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys6.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=617583354&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=4892&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys6.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=617583354&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=4892&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys6.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 12:05:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9E99C1EA510DCEF7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.jxys6.xyz/template/m1938pc/static/css/white.css
173.231.38.5200 OK 23 kB URL HTTP/2 www.jxys6.xyz/template/m1938pc/static/css/white.css
IP 173.231.38.5:0
Hash 98419ca48bfef2f4082b5b0840adb92d
91bb0cb45631b9fae96fa1af28bc1b0f10ef639a
945e30c87a65693fbfd696d8732b309bbd65f711070f8b7514e5987f07412b4d
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Sat, 26 Nov 2022 00:05:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
104.18.2.36200 OK 309 kB URL HTTP/2 imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
IP 104.18.2.36:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 309 kB (308789 bytes)
Hash 799d622d8489838225bdf632d1ae4095
4f6c51fcc2b138919eaffddb4e0552eccd639540
ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8
GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 308789
cf-ray: 76fa41302b18b4ed-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf7jj0DExcr4Eulp_4fW43VFQZ8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
cf-images: internal=ok/- q=0 n=515 c=29+582 v=2022.11.4 l=308789
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
warning: cf-images 299 "original is 182253B smaller"
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a8ccf5b571c6c3ad33c7a00dc73cee15
d5099be07a28dc4ace29ed48f4a542900e25f153
4e067cf255c6b3d102931f21894775dafb9e8c425e1fe13fe6602f4b3c7d2207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:19:40 GMT
Expires: Wed, 30 Nov 2022 03:19:39 GMT
Etag: "d5099be07a28dc4ace29ed48f4a542900e25f153"
Cache-Control: max-age=399830,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa412ffdc9b4ff-OSL
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04aaff5e66d8b66fffa155d352b7673c
95746ed5e962b2880e63e31154869efcc3317581
3e37c0490f85e3391d9513599ae2df2cd25acdb994de1ffa1eb76fb2635de2b5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3E37C0490F85E3391D9513599AE2DF2CD25ACDB994DE1FFA1EB76FB2635DE2B5"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14559
Expires: Fri, 25 Nov 2022 16:08:27 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.jxys6.xyz/template/m1938pc/static/css/style.css
173.231.38.5200 OK 62 kB URL HTTP/2 www.jxys6.xyz/template/m1938pc/static/css/style.css
IP 173.231.38.5:0
Hash 975bbd6db7b6b1f960d7cc68826a6b8e
f5c218244e72a1de2ec02386e16091145713ade1
945560617f39fcd99d469590219d8a3b79a35a0137b542b65d8e05a06edbf49f
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Sat, 26 Nov 2022 00:05:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 62e1241d2f892dd0358d10bc58897543
c429bc925e26bdc1cfbf8f061c092437c2f980da
d31cf74ba322eae9cf783734a4716069a07df3d8afa6f644925ade3cb7200750
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 08:52:33 GMT
Expires: Tue, 29 Nov 2022 08:52:32 GMT
Etag: "c429bc925e26bdc1cfbf8f061c092437c2f980da"
Cache-Control: max-age=333403,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4130ae9cb4ff-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 66d4aa039dadf48328acbaa40aff2009
242dea3a5347e0ce3493e61468c58fd74cfda635
85ee627c065662eb96ee9a71b8344f9deae61fd62782dd831913461fb4128a1c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 04:16:55 GMT
Expires: Thu, 01 Dec 2022 04:16:54 GMT
Etag: "242dea3a5347e0ce3493e61468c58fd74cfda635"
Cache-Control: max-age=489665,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa412fbbc71c0e-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dce8ee1fa8d1015fb532092abacc9359
169b07506a34587443ded2cb51fe798c9b3c9f97
62b436793a7f4f0171c15eac68dc2bf3c612349ef273d4c1d6d2d86a088d083f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:05:45 GMT
Expires: Tue, 29 Nov 2022 22:05:44 GMT
Etag: "169b07506a34587443ded2cb51fe798c9b3c9f97"
Cache-Control: max-age=380995,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4130ea97b509-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c43cd7eff889c7574c754fcecd2118fe
7c8118b4e27d144f96f375ae985e1676223229a6
7eda225f9eff08db9385d8193069dee4799d31a987040c215fe130b8ddadce20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 03:31:13 GMT
Expires: Thu, 01 Dec 2022 03:31:12 GMT
Etag: "7c8118b4e27d144f96f375ae985e1676223229a6"
Cache-Control: max-age=486923,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa41311d691c0e-OSL
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
104.18.2.36200 OK 24 kB URL HTTP/2 imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2ca0538b0b77324a38cf2b74f16cb6fe
0ef6374accaaedf856fe2532b8001519894e7fbf
2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4
GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 24176
cf-ray: 76fa41314c6bb4ed-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfECSi5uQ1bVzCSelFGwcyrA"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=855 c=1+45 v=2022.10.4 l=24176
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.u1779.com/images/63523e155fe50f0585d3ef82.gif
91.199.87.220302 Found 471 B URL HTTP/2 img.u1779.com/images/63523e155fe50f0585d3ef82.gif
IP 91.199.87.220:0
Hash bd05065a53ad0b467e08bebaf080c1ef
f2bf98c511ebe6ffb73c751082a8cc984cd04d30
b6816ab715ba62a2b29ed985297a1d33b27a4c3653a5a9c575fb2097c80f76df
GET /images/63523e155fe50f0585d3ef82.gif HTTP/1.1
Host: img.u1779.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
cache-control: max-age=3600
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dce8ee1fa8d1015fb532092abacc9359
169b07506a34587443ded2cb51fe798c9b3c9f97
62b436793a7f4f0171c15eac68dc2bf3c612349ef273d4c1d6d2d86a088d083f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:05:45 GMT
Expires: Tue, 29 Nov 2022 22:05:44 GMT
Etag: "169b07506a34587443ded2cb51fe798c9b3c9f97"
Cache-Control: max-age=380995,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa413049c3b509-OSL
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6404
Expires: Fri, 25 Nov 2022 13:52:32 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6404
Expires: Fri, 25 Nov 2022 13:52:32 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 07570daf9d11b9b8b8357b089ad60a5a
1e0c563991e0918f538182a887165bf2fd225b80
8f7ff4d51ecb7edcdefc1d6d0aa80e6774d0bd665b2d0f6bcbeaa4b40acbef60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128240
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:48 GMT
Etag: "6380018c-117"
Expires: Sat, 26 Nov 2022 23:43:08 GMT
Last-Modified: Thu, 24 Nov 2022 23:43:08 GMT
Server: nginx
Content-Length: 279
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg
172.67.28.138200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2f0ec0c3bf644e72dcbfcb8d14e02ea1
4553d5489822e369a291e9c952a3b3c1ffa9f152
01ad7825992981c3a01023249462883e24fa6a97382e66232060240b6c8d143a
GET /upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 6290
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8693
content-disposition: inline; filename="anitywmvnmi1356anitywmvnmi135238.webp"
etag: "638058fd-21f5"
last-modified: Fri, 25 Nov 2022 05:56:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa4131fd4fb4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
172.67.28.138200 OK 5.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 187a056e67fd5cb46bc7c783f9a9fdac
4ee4e1bf29186fa2c4d5373fe121a6a6031a8737
a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171
GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 5568
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6690
content-disposition: inline; filename="2omtifvgwvo16482omtifvgwvo282149.webp"
etag: "6349225c-1a22"
last-modified: Fri, 14 Oct 2022 08:48:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d6eb4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
172.67.28.138200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash faf004bc3a9c3aeedccee94f15c2c8f1
024c98c2cc5fd5abbe46d5376bdf741e0171c231
eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d
GET /upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 5660
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6650
content-disposition: inline; filename="v5mpxydlmyj1112v5mpxydlmyj341679.webp"
etag: "6371b223-19fa"
last-modified: Mon, 14 Nov 2022 03:12:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d72b4ee-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdb957248ee69ab7d924620a3e4712af
b72d955c710a36c92789cfe3fb9d03bcd011bc13
c9e0e166fcfaaf0b95b0608e39efc77ebb5acf3173457615fcbf690674603296
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9E0E166FCFAAF0B95B0608E39EFC77EBB5ACF3173457615FCBF690674603296"
Last-Modified: Fri, 25 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10300
Expires: Fri, 25 Nov 2022 14:57:28 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg
172.67.28.138200 OK 5.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 91f36a4d8e8f31da957a80484700665f
08f11c6d7f13bbaad178ce2a4301a921f086e6ac
30541e98d358e976678ad35d1e286e9c74af2a3e8971192168189239acfe1ef3
GET /upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 5236
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7514
content-disposition: inline; filename="flvtdlipkzo1356flvtdlipkzo065222.webp"
etag: "638058f6-1d5a"
last-modified: Fri, 25 Nov 2022 05:56:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2312
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d6fb4ee-OSL
X-Firefox-Spdy: h2
acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif
104.21.33.100200 OK 158 kB URL HTTP/2 acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif
IP 104.21.33.100:0
File type GIF image data, version 89a, 500 x 300\012- data
Size 158 kB (158376 bytes)
Hash 55574ea2b72e2fbe45871f66165442a8
7fd461a708c87486335dde3e12740c188af0facd
005f42b2004591c7bdb51b40cab0711f489c32bb10ddc2061c5c48469fd769a0
GET /30e6eb2de3e8d7da7879e39548fdfe92.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 158376
last-modified: Mon, 02 May 2022 19:18:16 GMT
etag: "62702e78-26aa8"
expires: Mon, 12 Dec 2022 14:19:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1115188
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAU4fM%2BtODgVlMM07zs5TapBV22IMn4r5WHP6id4MQOUoWJABs9cmhbxN7gRNX%2BlVQ2SSMec6Pc94F3%2B6LLoX7OBuMszQLqomDSza%2B29hX66TrFQ%2BkSGeZhqeAik7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa41324c86b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg
172.67.28.138200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf69a6d78ee1e30a8c97df7cd674d99e
9ecbf0fc89db78954428b4907456ff7e5a7cd244
0c6dd97843c01c2e4cfebff9c34e98575dc7919822f486694e33459194568903
GET /upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 6006
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8669
content-disposition: inline; filename="o3n100jgfy41356o3n100jgfy4085228.webp"
etag: "638058f8-21dd"
last-modified: Fri, 25 Nov 2022 05:56:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d70b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg
172.67.28.138200 OK 5.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f35875af5e31dbb593e014fcd061bcec
459d4a85dfdbfdf49db8cdb4c99caf12664d39a9
f5268c4c28142eb2d9175c15a75ecb3b7a5a9608f9434a06731bc2e7516ff9b3
GET /upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 5580
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6754
content-disposition: inline; filename="jxltqszym4w1356jxltqszym4w115234.webp"
etag: "638058fb-1a62"
last-modified: Fri, 25 Nov 2022 05:56:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d75b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
172.67.28.138200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 174c271fbd41b05e66270e9f781e8dc1
6f7b0f3b4e5527db1c55921da243ce6318be9e85
20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf
GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 4468
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6775
content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp"
etag: "5dc4c133-1a77"
last-modified: Fri, 08 Nov 2019 01:13:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d76b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg
172.67.28.138200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e88ed40a8c5658e34c4b24468eb90090
2b225f93e3bb9826b65574d1582d420b9bee2590
6bfd5b117f2d507b861d0c18fdbb1112379e451417d3ee51746f7ef8dcd91787
GET /upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 6134
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8540
content-disposition: inline; filename="oaweu1apnap1356oaweu1apnap075224.webp"
etag: "638058f7-215c"
last-modified: Fri, 25 Nov 2022 05:56:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2312
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d78b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg
172.67.28.138200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f6bba11d01650b6be831dbbbd9049be
4e1ee5afdd2be49e29cf2073b92bc1b5cf859102
d6179215b68cc350bf8965ab2986ac2882697ee711f33764b04ec553e126ac48
GET /upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 7688
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8984
content-disposition: inline; filename="ayblf4jkvjm1356ayblf4jkvjm105232.webp"
etag: "638058fa-2318"
last-modified: Fri, 25 Nov 2022 05:56:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d74b4ee-OSL
X-Firefox-Spdy: h2
200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
23.224.61.222200 OK 57 kB URL HTTP/1.1 200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
IP 23.224.61.222:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data
Hash 61b977b3527d7c0e27e2af877b5a5c59
4a1f0beee6c8215da2bfda76b5f1c87d62925bfc
945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff
GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1
Host: 200.benbenys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Server: Apache
Expires: Sun, 25 Dec 2022 12:05:48 GMT
Pragma: cache
Cache-Control: max-age=2592000
Upgrade: h2
Connection: Upgrade, close
Content-Length: 57375
Content-Type: image/jpeg
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg
172.67.28.138200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c034ed261bc1e5168cf2d8c0fd4f706f
530065a905f58ad684c94d55846c7358a75087e0
ceb33fbb4bfa2d6ef992f28d25e5537d8a2c1acb95dd297acd8c5a3617ce8301
GET /upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 7470
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8694
content-disposition: inline; filename="q3je3gx1uhj1356q3je3gx1uhj055220.webp"
etag: "638058f5-21f6"
last-modified: Fri, 25 Nov 2022 05:56:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2312
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d71b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg
172.67.28.138200 OK 6.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a74bf9aeb21338e364e6e407b908591a
9e85c72d1bc49a27ab5b4db7720293b4fb5b62a8
4dd6f4c4f741d4240c7ace849216eefa2299fde27416f2b6a47b7f79e81614b2
GET /upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 6776
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8884
content-disposition: inline; filename="rjt440xdpw11356rjt440xdpw1095230.webp"
etag: "638058f9-22b4"
last-modified: Fri, 25 Nov 2022 05:56:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41321d7ab4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3a80c4daf67aed258e3532710555d26b
a247cb3f4189848cfe4f1054aa640b7939bc084b
026ed47200fe59a2685daa7ad6e63a0f2c11b2e3f1f72772b210302b243d3fba
GET /upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/jpeg
content-length: 10317
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10742, status=webp_bigger
etag: "638058f8-29f6"
last-modified: Fri, 25 Nov 2022 05:56:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2312
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa41321d73b4ee-OSL
X-Firefox-Spdy: h2
i.ibb.co/tL26d3m/240x140.gif
162.19.58.161404 Not Found 1.0 kB URL HTTP/2 i.ibb.co/tL26d3m/240x140.gif
IP 162.19.58.161:0
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /tL26d3m/240x140.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg
172.67.28.138200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f3d8fe5a3f14b8fee3d30beca60c5fc
c6b2378caf81769dbd6094bf41f8dca6ba0bed74
6454f66dd530ddb45b942ff5fc960f992181f3810887b79f49662ddf8c8cd09d
GET /upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 6672
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7870
content-disposition: inline; filename="siwkm0nzqjn1356siwkm0nzqjn125236.webp"
etag: "638058fc-1ebe"
last-modified: Fri, 25 Nov 2022 05:56:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41323d9bb4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg
172.67.28.138200 OK 4.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c32d6711e95babf7cdabd2618f4cdbef
97918517d83573eacda8e86a020ef373f5b3231f
5693e3c9d54b536060ea790c49a1ed484c7863c1d563e22bbe937bb11d419658
GET /upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 3992
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6328
content-disposition: inline; filename="zuha4gbiiyb1356zuha4gbiiyb015212.webp"
etag: "638058f1-18b8"
last-modified: Fri, 25 Nov 2022 05:56:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2312
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41324da9b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
172.67.28.138200 OK 9.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8fe9c506b4edb32a653396705f3120a6
d2eff7b1c1bfac9c1cd04ffece89fde07b0dd470
4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0
GET /upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 9504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10345
content-disposition: inline; filename="voxkidqmc5v1447voxkidqmc5v04679.webp"
etag: "6350eee8-2869"
last-modified: Thu, 20 Oct 2022 06:47:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41324daab4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg
172.67.28.138200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5745e616dd38808c0425a269e61b05ae
d58d51a8f7baca857224f3686f6c9e810534e5ed
75f3285518d70b028b15f5424e165f53bdfe717c963054017c89df0632497b2e
GET /upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 4486
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6359
content-disposition: inline; filename="j5igkkrtdfc1356j5igkkrtdfc035216.webp"
etag: "638058f3-18d7"
last-modified: Fri, 25 Nov 2022 05:56:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2312
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41326dd4b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg
172.67.28.138200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 41b27eefaf8e3bae4144ddcf1ffd72fd
7289c6083a81b41245c503323d68459de9535dc9
88969b8192cfac4f99c53132142409935cda7d20550765b4fc9e8c3dc8070120
GET /upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 6870
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9082
content-disposition: inline; filename="qnmpazoreer1356qnmpazoreer045218.webp"
etag: "638058f4-237a"
last-modified: Fri, 25 Nov 2022 05:56:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2312
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41327de7b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg
172.67.28.138200 OK 5.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c22d1ff3bafd5c323827bdafdc918cc
d10dd261c0b6fa17a0d6400ea0316fc01439a1c4
c2110723ccd89a21cd1376c8fa3da40697b1dc06d091e20834fab65ebdc25297
GET /upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 5244
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7402
content-disposition: inline; filename="vyzzlmq42hb1356vyzzlmq42hb025214.webp"
etag: "638058f2-1cea"
last-modified: Fri, 25 Nov 2022 05:56:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2312
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41327df3b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
172.67.28.138200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4858cbdc894b0a591319a947ff5d5db3
e01e4efdccc57ae3baf8f24a10dd9a726904f766
da1e76bdee447c2fc67b2da81b4067947f4cee2798ecf0903f16d9fb10b64c81
GET /upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 7200
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8578
content-disposition: inline; filename="q2aftvnkn2q1356q2aftvnkn2q145240.webp"
etag: "638058fe-2182"
last-modified: Fri, 25 Nov 2022 05:56:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa41329e07b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash b022836144761d53fd172695cd436216
71dd9ccacd6072c9aeab040b290e151ff01e8d02
6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918
GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/jpeg
content-length: 11122
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11646, status=webp_bigger
etag: "5dc4d015-2d7e"
last-modified: Fri, 08 Nov 2019 02:16:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa41329e09b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
172.67.28.138200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 470fbc0b663330b5a2fd1c629f26c7a1
8e259d89553d796f1c8fe0d0592a390242787384
b7169cb05b7a76be7d7151047de2f729af659bb75e5bd953edc027b18eebd78d
GET /upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 8502
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9636
content-disposition: inline; filename="bv24ubfd0w11334bv24ubfd0w1463373.webp"
etag: "6379bc76-25a4"
last-modified: Sun, 20 Nov 2022 05:34:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa4132ae1cb4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
172.67.28.138200 OK 14 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c814bbc877c9b41935908734d76b7778
7ba4a76ea6941ff9b06fff0ecadfd0abb64d719d
df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5
GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/jpeg
content-length: 14387
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15124, status=webp_bigger
etag: "5e11cf7d-3b14"
last-modified: Sun, 05 Jan 2020 11:58:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa4132be28b4ee-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
172.67.28.138200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81267f0dd2a21a97169d2dff3bb67578
ec4b5545c42d0a756a2c5304979385195727d80f
d2ccc3a3f54595284db2b42186999635433f6d4beab91a1ca15d54a8bbc51de2
GET /upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/webp
content-length: 8224
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9431
content-disposition: inline; filename="5uhe5rvsnvm10155uhe5rvsnvm1724067.webp"
etag: "5dc4cfb5-24d7"
last-modified: Fri, 08 Nov 2019 02:15:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6991
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa4132be2db4ee-OSL
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a3ca36ae67fadb9bb104a0bdff33f40
0026246dd49b411842f772d4eccbecce5fa44128
58bcfde5dd7f452ce106dd714c5b239bebdf8bdda928b7d3a3adf6883a8cc31f
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 12:05:48 GMT
Ali-Swift-Global-Savetime: 1669377948
Via: cache12.l2de2[187,186,200-0,M], cache12.l2de2[188,0], cache7.se1[210,210,200-0,M], cache7.se1[212,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 12:05:48 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16693779483847060e
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=586446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4132a9dab4ff-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=586446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4132aeb4b515-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3256c7d72f0a4494f2605104cae6ad6c
ceaff749b7a335a8505ae74153570578fc6941e2
bbfb61d0016d8f163810c6edf369362ed7b0683124d4fd4e0f7361ecaea356ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141556
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:48 GMT
Etag: "63803590-1d7"
Expires: Sun, 27 Nov 2022 03:25:04 GMT
Last-Modified: Fri, 25 Nov 2022 03:25:04 GMT
Server: nginx
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f8e8ead073e427c1bbe82d750fb5ad4d
f78d61e482ca3694f02e5b09974acf5dec4ac5ef
57964cddbd17a258fc0cb60ffa508f82e9f5160ef1a4848bfeb834e007576f5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57964CDDBD17A258FC0CB60FFA508F82E9F5160EF1A4848BFEB834E007576F5A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4389
Expires: Fri, 25 Nov 2022 13:18:57 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b999ac9e1fb33bb58afca6c67d7fe5b
f85f13b2e6382937e2fdc3e50ec720ca7da8b7f6
8b0bf7b415e81c1941c072dc7155e69c244e1420799f2b7755ba68d516072cba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B0BF7B415E81C1941C072DC7155E69C244E1420799F2B7755BA68D516072CBA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6391
Expires: Fri, 25 Nov 2022 13:52:19 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=586446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4132fa4bb4ff-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be0348371bc6a916b7f40ec39bde9853
5dc3bfed8a23520b9402aec1d8d52271d5d81d22
ce741063521a98582bab21caac2262f66fee79331ca69fecdf211c958acbf0a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE741063521A98582BAB21CAAC2262F66FEE79331CA69FECDF211C958ACBF0A9"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16195
Expires: Fri, 25 Nov 2022 16:35:43 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0yFVWR9AM6k
163.171.140.79200 OK 140 kB URL HTTP/2 si1.go2yd.com/get-image/0yFVWR9AM6k
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 750 x 376\012- data
Size 140 kB (140259 bytes)
Hash 4125d9bf66b1a755f42abaea805ee9af
17232f64827beb19e2a717d1bdbf384b3e938249
d3c1b29a4d2c0fa6fc41d308d6c110eeb868276c2a74697766283838ebe1f732
GET /get-image/0yFVWR9AM6k HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 140259
x-application-context: application
x-kss-request-id: 42be03856f37421d8d1834ac0d22900d
etag: "4125d9bf66b1a755f42abaea805ee9af"
content-md5: QSXZv2axp1X0KrrqgF7prw==
last-modified: Mon, 28 Feb 2022 07:48:08 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:9 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:10 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:17 (Cdn Cache Server V2.0)
x-ws-request-id: 6380af9c_PShlamstdAMS1vj92_7724-11246
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a3ca36ae67fadb9bb104a0bdff33f40
0026246dd49b411842f772d4eccbecce5fa44128
58bcfde5dd7f452ce106dd714c5b239bebdf8bdda928b7d3a3adf6883a8cc31f
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 12:05:48 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:04 GMT
ETag: "638009f8-1d7"
Expires: Sun, 27 Nov 2022 00:19:04 GMT
Cache-Control: max-age=130396
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669377948
Via: cache1.l2de2[276,275,200-0,M], cache1.l2de2[277,0], cache5.se1[299,298,200-0,M], cache5.se1[299,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 12:05:48 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916693779483872466e
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 070adce81a19d67670b68786d54b23d0
80638373c4e6f5888f72e66e68aa7a0838087ea2
38368231281f2c45700735de8e2349ead573925d7474122994a354c9dc0eab6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38368231281F2C45700735DE8E2349EAD573925D7474122994A354C9DC0EAB6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8787
Expires: Fri, 25 Nov 2022 14:32:15 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 070adce81a19d67670b68786d54b23d0
80638373c4e6f5888f72e66e68aa7a0838087ea2
38368231281f2c45700735de8e2349ead573925d7474122994a354c9dc0eab6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38368231281F2C45700735DE8E2349EAD573925D7474122994A354C9DC0EAB6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8787
Expires: Fri, 25 Nov 2022 14:32:15 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 070adce81a19d67670b68786d54b23d0
80638373c4e6f5888f72e66e68aa7a0838087ea2
38368231281f2c45700735de8e2349ead573925d7474122994a354c9dc0eab6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38368231281F2C45700735DE8E2349EAD573925D7474122994A354C9DC0EAB6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8787
Expires: Fri, 25 Nov 2022 14:32:15 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 87e87b075c2fc5ef989ca520aee4e62d
459c1518d42924e67954f633622ee1581b4fb5d2
b9c3d040d7dd66d2a01c2db68ee2f137d6ec60ec8a408c94f00d062cacfeb47d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9C3D040D7DD66D2A01C2DB68EE2F137D6EC60EC8A408C94F00D062CACFEB47D"
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4166
Expires: Fri, 25 Nov 2022 13:15:14 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede9d7df49a7e00d51c415d5022c7936
bf85e6580bf13510d145273c27b0ed7f35fd76a4
924dbbab8cfc5f6878c78e36b562723253fdcf06826fdab6bb4b2af6f5242e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "924DBBAB8CFC5F6878C78E36B562723253FDCF06826FDAB6BB4B2AF6F5242E4B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15018
Expires: Fri, 25 Nov 2022 16:16:06 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede9d7df49a7e00d51c415d5022c7936
bf85e6580bf13510d145273c27b0ed7f35fd76a4
924dbbab8cfc5f6878c78e36b562723253fdcf06826fdab6bb4b2af6f5242e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "924DBBAB8CFC5F6878C78E36B562723253FDCF06826FDAB6BB4B2AF6F5242E4B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15018
Expires: Fri, 25 Nov 2022 16:16:06 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 05f5b7b5e017e038a4a30b685d869cf0
d0bd2cc39d852d86a444a81b4933713bb33aade0
119c0de44c498bd3b9f87d9c7210f447e88abe562142ec87d8c056af28ef4c7d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:26:07 GMT
ETag: "d0bd2cc39d852d86a444a81b4933713bb33aade0"
Last-Modified: Fri, 25 Nov 2022 09:26:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2348
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa4133cf9db512-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede9d7df49a7e00d51c415d5022c7936
bf85e6580bf13510d145273c27b0ed7f35fd76a4
924dbbab8cfc5f6878c78e36b562723253fdcf06826fdab6bb4b2af6f5242e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "924DBBAB8CFC5F6878C78E36B562723253FDCF06826FDAB6BB4B2AF6F5242E4B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15018
Expires: Fri, 25 Nov 2022 16:16:06 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de84d1f0137fc671cea29600bc2eb1f1
57e0e910838a086a5ecceb27c929be65a04a785a
62cc5e66ef3ee45f97e6d81791ffdb7b12e19d7edaca1fc476eedaed26a007b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62CC5E66EF3EE45F97E6D81791FFDB7B12E19D7EDACA1FC476EEDAED26A007B5"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10284
Expires: Fri, 25 Nov 2022 14:57:12 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
si1.go2yd.com/get-image/0yFQ28gLGhP
163.171.140.79200 OK 280 kB URL HTTP/2 si1.go2yd.com/get-image/0yFQ28gLGhP
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 600 x 350\012- data
Size 280 kB (279676 bytes)
Hash b25d41aed5450abed3b57ce91edeb1ef
32246d3032e682f04be554c60fa343835bf7a1c9
3198df78ef5491bd63c4dbd8fea3604f34dad6baa285ea8629ec250954f405ba
GET /get-image/0yFQ28gLGhP HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 279676
server: Tengine
x-application-context: application
x-kss-request-id: 7619a86ae5664556a23b9964f031b63f
etag: "b25d41aed5450abed3b57ce91edeb1ef"
content-md5: sl1BrtVFCr7TtXzpHt6x7w==
last-modified: Mon, 28 Feb 2022 06:31:20 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjzwdx5aa31:0 (Cdn Cache Server V2.0), 1.1 jszjsx22:12 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:6 (Cdn Cache Server V2.0)
x-ws-request-id: 6380af9c_PShlamstdAMS1vj92_7724-11254
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 57660d3bd5387ee6665ec15d709ea7fe
ac9b888400c9eaff9c3bb57fb2b8f07156e20854
f5d882027ce4a50f472caf1dbf1dadda9816a23fdea0dba9cdae92f4bb30ac23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5D882027CE4A50F472CAF1DBF1DADDA9816A23FDEA0DBA9CDAE92F4BB30AC23"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Fri, 25 Nov 2022 14:48:54 GMT
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 1bf6d92bc7a467a0de270afc58a19916
abedb693f7ad748c93df236f0adbe83ac9a3f847
3a05afdbd30da40825a64e7383804646549e751a96d46e32495a0485e8ddb2bf
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 16:05:52 GMT
Expires: Wed, 30 Nov 2022 16:05:51 GMT
Etag: "abedb693f7ad748c93df236f0adbe83ac9a3f847"
Cache-Control: max-age=445802,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4133afd3b515-OSL
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3bd62144364e8a26fc6f6f93ca1e97cd
277b931bbedd1937e0666778dfd3f037c70ff1fe
5b583d3275549f0781d6b139ae0bbc19622a0e5bbca2f0702fbf0990b43a753e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6186
Cache-Control: max-age=136611
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:48 GMT
Etag: "63800a15-118"
Expires: Sun, 27 Nov 2022 02:02:39 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/800a83efcf662b60b2ec0c6bb37ce110.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 27ea44223e7ee5e2826eaaa486b72e6b
70f97cccb848cd305039dd1783c8cde29451835a
4b47ac60af2b2055a0e01e8979f718b4eadd7fc8716f427f53afba42652fbddb
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 57c75fe1-68c6-42a1-b110-e74ef77b7d11
Content-Length: 1700
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://kvhbbb.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
acoozzh.top/800a83efcf662b60b2ec0c6bb37ce110.gif
104.21.33.100200 OK 740 kB URL HTTP/2 acoozzh.top/800a83efcf662b60b2ec0c6bb37ce110.gif
IP 104.21.33.100:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 740 kB (739561 bytes)
Hash 5318e42d25e6b9b53726d8166248cc33
762b03c16562865a9a58a02dba471f78608376db
b632e7a04d032c4853a8460e9d636ac032f697db8f50cfee6a6016587ed8f62c
GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 739561
last-modified: Mon, 02 May 2022 19:20:49 GMT
etag: "62702f11-b48e9"
expires: Thu, 22 Dec 2022 17:58:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 238061
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXuYg7npLrM%2Bz0bnBPRCXPuy3XQfoH2r%2F8SuOs8IrgdI%2Fqu2rhm%2FPa43p6tsfeWudtvgAiAtKoPWeur2YcTl%2FO%2F%2BUEMZcp6kUeviWeGAdpB5ZKAVNWdr5rx%2BqJBOqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa41348fe8b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.jxys6.xyz/template/m1938pc/static/css/1.css
173.231.38.5200 OK 114 kB URL HTTP/2 www.jxys6.xyz/template/m1938pc/static/css/1.css
IP 173.231.38.5:0
Size 114 kB (113627 bytes)
Hash de5e654a98ea83e8e664e8ea87fcea98
cbe7271062eef22b79038ca84393ea346473781b
2672b5c20f9230e5b0eaea90d24bcaf4f6a43a5e515e8c8ec546ff529da6a672
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Sat, 26 Nov 2022 00:05:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 27ea44223e7ee5e2826eaaa486b72e6b
70f97cccb848cd305039dd1783c8cde29451835a
4b47ac60af2b2055a0e01e8979f718b4eadd7fc8716f427f53afba42652fbddb
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 4b8b3cc8-184a-43cd-a7a4-e2ef49c29b6d
Content-Length: 1700
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 4aed606ae977bb967faf4d089261d531
fd1d9064d9d60e37ef561243b3e11e02a63d5f9d
7e668f34f4c59999eed2d193f13df7d51ce1617d5507ab65b6bb95d89d5ee35e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 08:58:53 GMT
ETag: "fd1d9064d9d60e37ef561243b3e11e02a63d5f9d"
Last-Modified: Fri, 25 Nov 2022 08:58:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2404
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa41349929b4eb-OSL
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 1115b0ae2aebbe7352f7ef7e8aaa6a0c
2f5436899ed4ffd81d19c90aae2b502ee6626b9b
91a5be6b81cdbd467018450ca9834ff443a673f356b25cef50111f5591ef8faf
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=94
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 1115b0ae2aebbe7352f7ef7e8aaa6a0c
2f5436899ed4ffd81d19c90aae2b502ee6626b9b
91a5be6b81cdbd467018450ca9834ff443a673f356b25cef50111f5591ef8faf
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=94
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 1115b0ae2aebbe7352f7ef7e8aaa6a0c
2f5436899ed4ffd81d19c90aae2b502ee6626b9b
91a5be6b81cdbd467018450ca9834ff443a673f356b25cef50111f5591ef8faf
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=94
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: text/html
content-length: 162
location: https://max002.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 1115b0ae2aebbe7352f7ef7e8aaa6a0c
2f5436899ed4ffd81d19c90aae2b502ee6626b9b
91a5be6b81cdbd467018450ca9834ff443a673f356b25cef50111f5591ef8faf
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=94
Date: Fri, 25 Nov 2022 12:05:48 GMT
Connection: keep-alive
www.jxys88.net/news/list.php
173.231.12.68200 OK 359 kB URL HTTP/2 www.jxys88.net/news/list.php
IP 173.231.12.68:0
Size 359 kB (358724 bytes)
Hash 569ae5df1f43d62ab37b673fddf189e2
f262201c665721ab3319c249812c1ffd3e8cb302
9593de53d36f45042a6a9d5bd107150451715824ed855edb42a72f76cb8e8125
GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4387
Cache-Control: max-age=126141
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:49 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 23:08:10 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 727
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04aaff5e66d8b66fffa155d352b7673c
95746ed5e962b2880e63e31154869efcc3317581
3e37c0490f85e3391d9513599ae2df2cd25acdb994de1ffa1eb76fb2635de2b5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3E37C0490F85E3391D9513599AE2DF2CD25ACDB994DE1FFA1EB76FB2635DE2B5"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14558
Expires: Fri, 25 Nov 2022 16:08:27 GMT
Date: Fri, 25 Nov 2022 12:05:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4387
Cache-Control: max-age=126141
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:49 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 23:08:10 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 727
3p8801.co/yy-960x60.gif
142.0.131.26200 OK 37 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644
GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Sun, 25 Dec 2022 12:05:48 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 1a846355d732b691514041b1b4874b12
52a28192382c4273a80a3525df0266bc758272b0
7702003437b9fa2c49671de578d0d1795f407f4655954c73e9da56c587c6f982
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:06:56 GMT
Expires: Tue, 29 Nov 2022 23:06:55 GMT
Etag: "52a28192382c4273a80a3525df0266bc758272b0"
Cache-Control: max-age=384665,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa41357d51b4ff-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/9f72c309b4cd48799e412b9020cada94
47.246.44.227200 OK 644 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9f72c309b4cd48799e412b9020cada94
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 644 kB (644516 bytes)
Hash 6f4d0e5c73acef4297be21786b04ec66
b585f8035533ae8f2e026816a8541f41c1531a61
bc7cc9d3368c6dad22e3ab42ed2ace33d4f111f651cb7e8460377d5c62cb00b7
GET /obj/tos-cn-i-dy/9f72c309b4cd48799e412b9020cada94 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 644516
date: Thu, 24 Nov 2022 06:18:46 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 06:18:46 GMT
nw-session-id: 202211241418460101581651440DB5AD38v2zg902dy
nw-session-trace: 2022-11-24T14:18:46.538612731+08:00 29
x-bdcdn-cache-status: TCP_MISS
x-length: 644516
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 14:18:46 GMT
x-tt-logid: 202211241418460101581651440DB5AD38
via: n150-057-099, cache11.l2de2[0,0,206-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[2,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01828e55a3aae08103c59996ea14c72a4a21e979d074814c218d8a662ea022b856674fc57746570c3a948a2f0eded123006ad2497e7e72c308828dc3218b230c11465fa10ff416b2089bd0df49809c91f75336f7bd13cf00c67f19a54945aff467
x-response-lb: image
ali-swift-global-savetime: 1669270726
age: 107223
x-cache: HIT TCP_MEM_HIT dirn:11:339664198 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 06:46:44 GMT
x-swift-cachetime: 31534322
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693779490192758e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a
47.246.44.227200 OK 366 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 366 kB (366541 bytes)
Hash c9e86d7a56b581cc32a6a4380112c0ce
0d35256c35a6f9a4716ae254265428d2f4240c87
5870de497beb45d424d67b39a4aaa841f675d3162780e738bcc26e8ca3e81fc2
GET /obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 366541
date: Thu, 17 Nov 2022 09:57:38 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:55:33 GMT
nw-session-id: 202211171755330101351600153CA97837jtqbj03dy
nw-session-trace: 2022-11-17T17:55:33.515252114+08:00 348
x-bdcdn-cache-status: TCP_HIT
x-length: 366541
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:55:33 GMT
x-tt-logid: 202211171755330101351600153CA97837
via: n150-062-144, cache19.l2de2[0,0,206-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache3.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc02:19:466::76
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0110eacfba1d3294f86dd74dc0b7b71efc055ca732c6600bba2d6741b693d82f2d1590ac9ee4aaedb3b340de3ae0e5d8206554d70f1b5f0128f5ddf57f5761d5d118ed9bfd3ce7ed23b9f7c85bc468e1789327cf0f953a0eefbb84065abddde000
x-response-lb: image
ali-swift-global-savetime: 1668679059
age: 698890
x-cache: HIT TCP_MEM_HIT dirn:11:63435800
x-swift-savetime: Thu, 17 Nov 2022 09:58:21 GMT
x-swift-cachetime: 31535958
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693779490452786e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
47.246.44.227200 OK 420 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 420 kB (420442 bytes)
Hash 7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
GET /obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Thu, 17 Nov 2022 08:05:12 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 08:04:55 GMT
nw-session-id: 20221117160455010175088205489D283Edffxv02dy
nw-session-trace: 2022-11-17T16:04:55.135790407+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 16:04:55 GMT
x-tt-logid: 20221117160455010175088205489D283E
via: n150-056-038, cache1.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc02:22:591::147
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01307a3fb6122614a2cf2861b66f794cde44fb789caf024a9d7b2c6561afdf19f775a092f1c68726af9bc843af9d0ac960e24a539cf77cbcdda5d0e4291dcc3344458d0ed78fd87e483c6a160aeb1e5530716a4a1a22319dfa833dc91d61d824ef
x-response-lb: image
ali-swift-global-savetime: 1668672312
age: 705637
x-cache: HIT TCP_MEM_HIT dirn:1:303239936
x-swift-savetime: Thu, 17 Nov 2022 08:34:25 GMT
x-swift-cachetime: 31534247
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693779490792827e
X-Firefox-Spdy: h2
pic.picnewsss.com/tu-2022290039/se-1.jpg
23.225.139.251200 OK 27 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/se-1.jpg
IP 23.225.139.251:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Hash d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e
GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Fri, 25 Nov 2022 11:15:57 GMT
etag: "1669375857"
expires: Sun, 25 Dec 2022 11:15:57 GMT
last-modified: Fri, 25 Nov 2022 11:30:57 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2
362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
103.170.15.84200 OK 423 kB URL HTTP/1.1 362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
IP 103.170.15.84:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 423 kB (422791 bytes)
Hash bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4
Analyzer Verdict Alert quad9 Sinkholed
GET /33f557d8ed124da9b6a2642dac638bcd..gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9147-67387"
Date: Wed, 16 Nov 2022 16:06:42 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:22:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-14
Content-Length: 422791
p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
47.246.44.227200 OK 562 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (561802 bytes)
Hash 6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
GET /obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Wed, 23 Nov 2022 18:17:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 23 Nov 2022 09:43:01 GMT
nw-session-id: 20221123174301010131136052464A87C3qsdgc03dy
nw-session-trace: 2022-11-23T17:43:01.694902751+08:00 92
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Wed, 23 Nov 2022 17:43:01 GMT
x-tt-logid: 20221123174301010131136052464A87C3
via: n150-053-221, cache9.l2de2[0,0,206-0,H], cache14.l2de2[1,0], cache14.l2de2[1,0], cache3.se1[22,21,200-0,M], cache3.se1[24,0]
x-request-ip: fdbd:dc02:20:306::101
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: parent_hit
x-tt-trace-host: 01de7516b2be8a6c589dcb05e98f0ccb4f6b92a652c9eae433a3fd2c1a5c90af0b97726c0fe129406d127bf5700a608187a0c670a5c5ad3aa2fe89dda228ae09e1dd713c780a0352432c3386c21829dd51023f17bf2655687c66b54dc3cddef6d5
x-response-lb: image
ali-swift-global-savetime: 1669227478
age: 150471
x-cache: MISS TCP_MISS dirn:-2:-2 mlen:561802
x-swift-savetime: Fri, 25 Nov 2022 12:05:49 GMT
x-swift-cachetime: 31385529
timing-allow-origin: *, *
access-control-allow-origin: *
server-timing: inner; dur=6, cdn-cache;desc=MISS,edge;dur=0,origin;dur=346
eagleid: 2ff62c9716693779490582803e
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg
172.247.77.250200 OK 8.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 94cce198be510e7dad60f740fbecec8c
8314c91f10f5ec38742b3780681e6cec16190d2e
59267bae18e01a3c0744581e1376c17fd507651854a3122056d887b4d9e66f0a
GET /upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: image/jpeg
Content-Length: 8028
Last-Modified: Fri, 25 Nov 2022 10:13:26 GMT
Connection: keep-alive
ETag: "63809546-1f5c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg
172.247.77.250429 Too Many Requests 631 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg
IP 172.247.77.250:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b389eca57390281d983c2a328f708582
27f3dc9927e898d1b0b77fb7e03e6b1fa1b65a13
548c1884fe55b15d539df1073bd7d2460fd880a98064d2f8fe163e606fe42d29
GET /upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: Tengine
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 631
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg
172.247.77.250429 Too Many Requests 632 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg
IP 172.247.77.250:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0b6e2cfae438569c8ed0ff6dbc3405fb
f98f9306f07c7f914404c235b6d66a64d1195d3c
38a3294e1bdc0eb56479626103c9d7ad742ec1e34bc78c433717ba522b7ec48c
GET /upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: Tengine
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 632
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg
172.247.77.250200 OK 7.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg
IP 172.247.77.250:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 0f1c4007154f75c35d75f408e001bc6a
64724f653ce003586c12680c0ede2638533b9404
ebe54255a4390cb473cf6c734a3dba31e94a9ade9d5b9443eb2e2c5ed46c4f3e
GET /upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: image/jpeg
Content-Length: 7756
Last-Modified: Fri, 25 Nov 2022 10:13:26 GMT
Connection: keep-alive
ETag: "63809546-1e4c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 637d307f35a65f0d652c7e9b46157717
b15b3c7cdfb8368b908cd208b2edc9b98ff72532
401dd7484bcd581ebf07c1bb1bcfdfb46eebbc0fd786d4ed28c98cced16a0c1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116014
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:49 GMT
Etag: "637fd1cb-117"
Expires: Sat, 26 Nov 2022 20:19:23 GMT
Last-Modified: Thu, 24 Nov 2022 20:19:23 GMT
Server: nginx
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg
172.247.77.250429 Too Many Requests 633 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg
IP 172.247.77.250:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 27e6ff9f7433b3b645685b57b5bbea56
33d66b98a17be6a597e8d80d9d4b25b36b1fe9ab
0de874cde6e41f27e435bb17d7ebbdf652fd835bb4620716ca7295c859c22a8b
GET /upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: Tengine
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 633
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg
172.247.77.250200 OK 14 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8943af77fc234d1e4a935f8ff3007471
5316de2c0e183897735ae3f64ddc21172c9427bf
0bd345fe3484025bd9e72a45f52e661e91f606531c48f60f97a39f598187acad
GET /upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: image/jpeg
Content-Length: 14304
Last-Modified: Fri, 25 Nov 2022 10:13:26 GMT
Connection: keep-alive
ETag: "63809546-37e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 969353902efb669fc05f2851f3b8eff6
5c02eb4c0b109f7946ae56edf12024ee0027ed00
135921e84af3643a7f0925c945aa75f79cfa9a4b42dc7b9c9ba3f3fc0579bf4c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 06:12:19 GMT
Expires: Thu, 01 Dec 2022 06:12:18 GMT
Etag: "5c02eb4c0b109f7946ae56edf12024ee0027ed00"
Cache-Control: max-age=496588,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4135ac5c1c0e-OSL
zhibo128x.xyz/128/318X216.gif
154.83.25.141200 OK 90 kB URL HTTP/1.1 zhibo128x.xyz/128/318X216.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 318 x 216\012- data
Hash fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d
GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 12:05:18 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Wed, 30 Nov 2022 00:43:29 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
339282bdb.com/e20f57018fba490b9af887342222147f.gif
45.61.212.60200 OK 553 kB URL HTTP/1.1 339282bdb.com/e20f57018fba490b9af887342222147f.gif
IP 45.61.212.60:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /e20f57018fba490b9af887342222147f.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b939b-86f72"
Date: Thu, 17 Nov 2022 22:01:08 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-30
Content-Length: 552818
628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
45.61.212.225200 OK 670 kB URL HTTP/1.1 628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
IP 45.61.212.225:0
File type GIF image data, version 89a, 750 x 150\012- data
Size 670 kB (669569 bytes)
Hash fb77824f7c4e9baba62da5b690a5c7b3
ab57e7f711d25f95c55d7d29aa282af565b4c428
e465f0dc2491c84d9be51ac6638bfcb16d43fd3c1b257bc64e0553f2fefe7528
Analyzer Verdict Alert quad9 Sinkholed
GET /fef6570cf2754141af2117d4ae96f801.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6379dc97-a3781"
Date: Mon, 21 Nov 2022 12:41:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 20 Nov 2022 07:51:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-25
Content-Length: 669569
5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
103.170.15.84200 OK 748 kB URL HTTP/1.1 5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP 103.170.15.84:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 748 kB (748166 bytes)
Hash dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608
Analyzer Verdict Alert quad9 Sinkholed
GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 5593qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63032a8a-b6a86"
Date: Fri, 25 Nov 2022 07:56:37 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 22 Aug 2022 07:04:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-14
Content-Length: 748166
592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
103.170.15.90200 OK 580 kB URL HTTP/1.1 592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
IP 103.170.15.90:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
GET /ec0e8c2b5d2a4082a1acaceabcfca983.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba261-8dadb"
Date: Tue, 22 Nov 2022 05:55:07 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:35:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-20
Content-Length: 580315
api.79zxcv.com/sh/328.js
18.140.71.234200 OK 463 B IP 18.140.71.234:0
File type ASCII text, with very long lines (463), with no line terminators
Hash 4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493
Analyzer Verdict Alert quad9 Sinkholed
GET /sh/328.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS
api.79zxcv.com/sh/317.js
18.140.71.234200 OK 463 B IP 18.140.71.234:0
File type ASCII text, with very long lines (463), with no line terminators
Hash 4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493
Analyzer Verdict Alert quad9 Sinkholed
GET /sh/317.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS
6937555.com/111/x11.gif
104.149.136.94200 OK 426 kB IP 104.149.136.94:0
File type GIF image data, version 89a, 393 x 262\012- data
Size 426 kB (425627 bytes)
Hash 8bae222affa48844776828e91737c9ea
3c24ae989fed8a463e723b513634d6c96416a8ca
203d9927c0f470cc1b9e2116f2ffc23d3ede6acbdd657fe66aa7874526f2b5a3
GET /111/x11.gif HTTP/1.1
Host: 6937555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: image/gif
Content-Length: 425627
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 11:21:10 GMT
ETag: "6332dca6-67e9b"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
3p8801.co/a-960x60.gif
142.0.131.26200 OK 49 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db
GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Sun, 25 Dec 2022 12:05:48 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 07570daf9d11b9b8b8357b089ad60a5a
1e0c563991e0918f538182a887165bf2fd225b80
8f7ff4d51ecb7edcdefc1d6d0aa80e6774d0bd665b2d0f6bcbeaa4b40acbef60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=128240
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:49 GMT
Etag: "6380018c-117"
Expires: Sat, 26 Nov 2022 23:43:09 GMT
Last-Modified: Thu, 24 Nov 2022 23:43:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
47.246.44.227200 OK 358 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 440 x 240\012- data
Size 358 kB (358276 bytes)
Hash 40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43
GET /obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Fri, 21 Oct 2022 06:41:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:37:28 GMT
nw-session-id: 20221021143728010175136074453D5CBFz8wd402dy
nw-session-trace: 2022-10-21T14:37:28.551011358+08:00 71
x-bdcdn-cache-status: TCP_HIT
x-length: 358276
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:37:28 GMT
x-tt-logid: 20221021143728010175136074453D5CBF
via: n204-098-037, cache6.l2de2[0,0,206-0,H], cache14.l2de2[4,0], cache14.l2de2[5,0], cache1.se1[0,0,200-0,H], cache3.se1[3,0]
x-request-ip: fdbd:dc01:25:80::214
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 0117853d8cc79e5d77738cab4f594f364156c824771e29f615804f746fdb99e074612b530aaff0431fb3c2f771771ecafad581836a17d7ab7f11b242956cf29bfa52e7a0c525a19a5811d03d87a864a9c15e73d6d056b582e53a7965d856d36e13
x-response-lb: image
ali-swift-global-savetime: 1666334511
age: 3043438
x-cache: HIT TCP_MEM_HIT dirn:4:277650373
x-swift-savetime: Fri, 21 Oct 2022 08:23:11 GMT
x-swift-cachetime: 31529920
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693779494753131e
X-Firefox-Spdy: h2
kvhjjj.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
104.21.234.217200 OK 1.6 MB URL HTTP/2 kvhjjj.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP 104.21.234.217:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvhjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:49 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sun, 26 Jun 2022 12:04:30 GMT
etag: "62b84b4e-1844d9"
expires: Tue, 13 Dec 2022 14:24:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1028471
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpJUcZVfvYtIxVmzwtfqLmtGOTtBGlydJwrbkIurAn0tOLie8A8FkHnt%2FPUkvkNgCpg1iVF1L4Nrwo7Bl23QpuFRXTGjGpAYduXuQ67MVB1Y9ypVvRxskRCqOcXA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa4136eb79776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3p8801.co/11-960x60.gif
142.0.131.26200 OK 242 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 242 kB (242091 bytes)
Hash b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Sun, 25 Dec 2022 12:05:48 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
20.189.126.156200 OK 261 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 261 kB (261015 bytes)
Hash 68ca80e6c19384277e66f07f304b6ed7
680dea475bf73401cd981b5d64f81a23c5536fed
cdbf4e9a6e9fd6b14415c2039f70aef83ec4067c4d82510246096432cd8b93a8
GET /static/uploads/image/x26/20221004/1664894189710457.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:45:32 GMT
ETag: "1667493932"
Expires: Sat, 03 Dec 2022 16:45:32 GMT
Last-Modified: Thu, 03 Nov 2022 16:45:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
20.189.126.156200 OK 212 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (211695 bytes)
Hash 0b39ec7c3e074e11a5629819f3aa4700
df59dbbb9d99b72d01f518d9c8484cd188440f0f
f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8
GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:33:58 GMT
ETag: "1668166438"
Expires: Sun, 11 Dec 2022 11:33:58 GMT
Last-Modified: Fri, 11 Nov 2022 11:33:58 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
20.189.126.156200 OK 245 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245365 bytes)
Hash 15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d
GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:39:44 GMT
ETag: "1667486385"
Expires: Sat, 03 Dec 2022 14:39:44 GMT
Last-Modified: Thu, 03 Nov 2022 14:39:45 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
20.189.126.156200 OK 212 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212163 bytes)
Hash 14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4
GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:20 GMT
ETag: "1667486459"
Expires: Sat, 03 Dec 2022 14:40:20 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:59 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
47.246.44.227200 OK 671 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 480\012- data
Size 671 kB (670683 bytes)
Hash 61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
GET /obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Wed, 23 Nov 2022 17:12:04 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 23 Nov 2022 09:06:10 GMT
nw-session-id: 202211231706100101351600141541FD52kxb2701dy
nw-session-trace: 2022-11-23T17:06:10.11502157+08:00 75
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Wed, 23 Nov 2022 17:06:10 GMT
x-tt-logid: 202211231706100101351600141541FD52
via: n129-069-085, cache19.l2de2[0,0,206-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache5.se1[0,0,200-0,H], cache3.se1[2,0]
x-request-ip: fdbd:dc03:4:481::52
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 015a3b9199adf986dc1a7283b0173494440838bdeaf0719540461d0fe2682c55bccf66501ae48e46ef19c5eb083f25712622be75eab5d9b90c22f18fbfaca83d7cc2040c9ed209cfba18ab316c995f6ca66467b59e239c4a976422122007d1df50
x-response-lb: image
ali-swift-global-savetime: 1669223524
age: 154425
x-cache: HIT TCP_MEM_HIT dirn:1:279621702 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 10:04:25 GMT
x-swift-cachetime: 31475259
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693779496483271e
X-Firefox-Spdy: h2
www.jxys6.xyz/
173.231.38.5200 OK 83 kB IP 173.231.38.5:0
Hash 561792dfb39edd2fd3a8bb77ca73a32f
6f4aa7e307d8c18099c6c020e6c707a69777c720
fbd264fa0603e56dbfa1a0d3939a854ed3cf9189543ef1f22b623549625dfe4c
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
20.189.126.156200 OK 252 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 252 kB (251962 bytes)
Hash feb5419ef22c0a10470f6cfe2b0f1517
412e6b8e6f4244071851549b9d5ba5fdf9a5b631
d889e702650ec0543cef9a6d281f576366872f31463f3b707498aac5cef2ae07
GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif
45.61.212.123200 OK 62 kB URL HTTP/1.1 829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif
IP 45.61.212.123:0
File type GIF image data, version 89a, 320 x 185\012- data
Hash a39609b18140975f8099754386591e3c
5758379628e0102c65a87bd04cbe5158e43a94b0
fcd1a2d3584bb5dd209871dca8cef09495c9b1a3651ee204f87319e9b4a670de
Analyzer Verdict Alert quad9 Sinkholed
GET /f22c9bb27e174bb0b6dd1b2034189f8f.gif HTTP/1.1
Host: 829355rff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba2a2-f205"
Date: Tue, 22 Nov 2022 12:46:31 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:36:34 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-23
Content-Length: 61957
zhibo128x.xyz/128/960x120.gif
154.83.25.141200 OK 647 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 647 kB (647290 bytes)
Hash 4fd1179d632274467f2d161456d79264
7e14d27cde6b11c437d17d7abf8ea273a5e63798
4a24512ccf73527d8996dc5a02acc63fe7fcb7c9f9ae22cac178345c6d46361c
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 12:05:18 GMT
Content-Type: image/gif
Content-Length: 647290
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:08:16 GMT
ETag: "634113d0-9e07a"
Expires: Wed, 30 Nov 2022 00:43:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
api.79zxcv.com/js/dom.js
18.140.71.234200 OK 4.8 kB IP 18.140.71.234:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1791)
Hash 271c3e5f6f883bf1187eb95946d8246e
4b32995d1e5dce4ba696e0aaf57794db6884d2b6
a5451841cb1edffb1130d0e4c564cfeb352d7f2283665a4d01221f84dc72c1fd
Analyzer Verdict Alert quad9 Sinkholed
GET /js/dom.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1d8c96ac8343425"
Last-Modified: Fri, 16 Sep 2022 01:22:27 GMT
Server: Tengine
X-Cache-Status: MISS
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2d4a90a58c676eaaf42e173ea529c226
c8a97ae20b3ecbb6d2109349f084eeaf17cb54ca
fb96426dc5e0afff3ca640a01875fe32c28e6d9f228c1813be002d86b05aee0f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 13:45:20 GMT
Expires: Wed, 30 Nov 2022 13:45:19 GMT
Etag: "c8a97ae20b3ecbb6d2109349f084eeaf17cb54ca"
Cache-Control: max-age=437369,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa413588b8b509-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash f74db977ea7b6777a59ba4ebf080dd24
6037c8cce6f4eaf1969a664b82136c4b9f08c32e
4348fbd1f14d03e010dab6b8dd703626fff6d6110062fb1254898d7c2e9ef822
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 05:36:52 GMT
Expires: Tue, 29 Nov 2022 05:36:51 GMT
Etag: "6037c8cce6f4eaf1969a664b82136c4b9f08c32e"
Cache-Control: max-age=321661,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa41362b9cb515-OSL
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
20.189.126.156200 OK 133 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 133 kB (133073 bytes)
Hash f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8
GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
20.189.126.156200 OK 132 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 132 kB (131724 bytes)
Hash 6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01
GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:15 GMT
ETag: "1667486415"
Expires: Sat, 03 Dec 2022 14:40:15 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:15 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2aee78ed2e3d7de1b2a7a2b23d097360
782463d3db74bbe0439feaf7c1fe18aa6f20aef7
72337b48ac80604e2338c6889fc2ffd9560062931e228fe1abc422e3312d9be9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=95809
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:49 GMT
Etag: "637f82de-117"
Expires: Sat, 26 Nov 2022 14:42:38 GMT
Last-Modified: Thu, 24 Nov 2022 14:42:38 GMT
Server: nginx
Content-Length: 279
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
104.21.55.74200 OK 1.1 MB URL HTTP/2 nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:49 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 937915
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQPf51OMOGWCzRADHlkQlicrnftL8CLWZmFhTYmga7hB99SXj7X6xgELIhCS7WbFe6%2BE3%2BcypG8dyMOoFf18RboZTnwuIPWpnk%2BZwKrRYF6ac4lqfUXMEqJVRUwm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa413afc0fb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 737cd378417f24ff8e303905e80180fb
e03e769db8b118823e8658f4eb3e6c6547fe3455
7ae737f92d72789db034845133363edd36688c9bec0fe62b9f37027704372f8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:28:29 GMT
Expires: Wed, 30 Nov 2022 01:28:28 GMT
Etag: "e03e769db8b118823e8658f4eb3e6c6547fe3455"
Cache-Control: max-age=393158,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa413ac828b509-OSL
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
43.129.255.47200 OK 331 kB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:56:24 GMT
cache-control: max-age=2592000
x-delay: 49798 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 027a9512-a67a-4b03-ae6a-7fa267408b5a
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif
20.189.126.156200 OK 143 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 143 kB (142810 bytes)
Hash e7fa5fab9c6f638bf6e867ab976713a1
0e04672bf56def9eb8eef15e9aedc4b6ead6dd05
1145d5d9f499e6f3e2818a598b72cf02ff750ba41752bc94ff06513a522ee23e
GET /static/uploads/image/x22/20221005/1664958053685368.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:20:59 GMT
ETag: "1667550059"
Expires: Sun, 04 Dec 2022 08:20:59 GMT
Last-Modified: Fri, 04 Nov 2022 08:20:59 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
www.jxys6.xyz/template/m1938pc/html9/ads/zxf.js
173.231.38.5200 OK 66 kB URL HTTP/2 www.jxys6.xyz/template/m1938pc/html9/ads/zxf.js
IP 173.231.38.5:0
Hash edf16a9c773db2f5529fad5323da0dca
b2968bc349d262a45eb0923266fb385341c90adb
98b628103b668dca5d9e93e987c279b555f0ee6879de77c79c4f9d66de2a16d5
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 15:57:59 GMT
vary: Accept-Encoding
etag: W/"63765a07-520"
expires: Sat, 26 Nov 2022 00:05:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
43.129.255.47200 OK 208 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 208 kB (208040 bytes)
Hash 192c74d36701b586f3201dfd6d080d9b
e5b46de78b75c72974ba4a73638a581e7114d55b
b02c98fd0349520c864b26c96f998aa1814c1342db3e694568a437d90a523df0
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 208040
vary: Accept,Origin
last-modified: Fri, 25 Nov 2022 04:38:13 GMT
cache-control: max-age=2592000
x-delay: 32637 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 208040
chid: 0
fid: 0
x-nws-log-uuid: 301c47ea-3bab-46eb-9c5d-3667f74c4abe
X-Firefox-Spdy: h2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
104.21.55.74200 OK 524 kB URL HTTP/2 nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 325 x 143\012- data
Size 524 kB (523775 bytes)
Hash 2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:50 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Fri, 16 Dec 2022 18:59:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 752796
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EREkzgclZSw%2FyJ8l1Z31vNVMBiEDafb6E%2F04cZQ%2FK8znZtOR3zPEXr5gtIym8cv5pdOerwUcSrRh9vWyYrGHYQBTVX3V7LY3O8az81gUXkI5R9qEUwRVs04swOuS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa413bad9ab518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ad72f8c21844009758f7df30b4681e23
1299f1e573e0f60163d324bc8bc5909df6dd9e34
ca8600f2170bae7330a374bbe8727b55ae123a29ce620ccfbd4dc5f5fa997d7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:43:07 GMT
Expires: Thu, 01 Dec 2022 00:43:06 GMT
Etag: "1299f1e573e0f60163d324bc8bc5909df6dd9e34"
Cache-Control: max-age=476836,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa41380f761c0e-OSL
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif
20.189.126.156200 OK 138 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 138 kB (137556 bytes)
Hash bd3f6c291cab93e830a11147c254ba40
84e34f4b6d924250b792926a4000b057496a171c
f83c49320f5c7ebedeeb3c449113fc15dd505bcc55a074c6c4cbebc3fb3a209f
GET /static/uploads/image/x22/20221005/1664958002923244.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:20:07 GMT
ETag: "1667550008"
Expires: Sun, 04 Dec 2022 08:20:07 GMT
Last-Modified: Fri, 04 Nov 2022 08:20:08 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif
20.189.126.156200 OK 157 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 157 kB (157109 bytes)
Hash b2ab67245d12303f5bbafd7d9b5f0114
44e3a620562fb6e6542b21d4ff534057d7dbe116
44748a35ac18f29a7fb6aa261701604648c5a5c2edf8b6a4d7789ef52b992afe
GET /static/uploads/image/x22/20221005/1664958086287321.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:21:31 GMT
ETag: "1667550091"
Expires: Sun, 04 Dec 2022 08:21:31 GMT
Last-Modified: Fri, 04 Nov 2022 08:21:31 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ad72f8c21844009758f7df30b4681e23
1299f1e573e0f60163d324bc8bc5909df6dd9e34
ca8600f2170bae7330a374bbe8727b55ae123a29ce620ccfbd4dc5f5fa997d7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:43:07 GMT
Expires: Thu, 01 Dec 2022 00:43:06 GMT
Etag: "1299f1e573e0f60163d324bc8bc5909df6dd9e34"
Cache-Control: max-age=476835,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa413bd812b4ff-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cbcc471840270b19536a7385c435e090
6dc931336032d76c21f6b2136408f184b8005ffd
354b0163e71484d2bb42400be51f32f7cf3e4723e4f86ec9a3bdb4b104ac25da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "354B0163E71484D2BB42400BE51F32F7CF3E4723E4F86EC9A3BDB4B104AC25DA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7542
Expires: Fri, 25 Nov 2022 14:11:32 GMT
Date: Fri, 25 Nov 2022 12:05:50 GMT
Connection: keep-alive
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
20.189.126.156200 OK 259 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (258804 bytes)
Hash 70649fd49138ca6897fe0c9365470117
f0cbcec39497ab084adb72c03a6225c2144c6866
48f51d425b1ad9363336bc2edf9009cbfd17d0c24f817fe60fec9e6ed258e5b0
GET /static/uploads/image/x22/20221004/1664894256451036.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:37:39 GMT
ETag: "1667486259"
Expires: Sat, 03 Dec 2022 14:37:39 GMT
Last-Modified: Thu, 03 Nov 2022 14:37:39 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
20.189.126.156200 OK 279 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 279 kB (278909 bytes)
Hash cbbb3d8ff70b59b11fd1182f7e5d77e9
06af5df2b2aeaa07b578979ee331b52e1f298323
f62a633b62c1dea5bca396206d4956bf14db30141e6e524bf3a00e3588c1c893
GET /static/uploads/image/x22/20221004/1664894518194257.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:11:40 GMT
ETag: "1667491901"
Expires: Sat, 03 Dec 2022 16:11:40 GMT
Last-Modified: Thu, 03 Nov 2022 16:11:41 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
91.199.87.220302 Found 278 B URL HTTP/2 img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
IP 91.199.87.220:0
Hash 89f54e6d1223063005f05f5941826663
f33e72226cacfb1c0db83105ae65f9706820f81a
f3de4d68480aff21f9dea8bd72700ed65aa3ae7cd736ffc836dc6bef5b48f60c
GET /images/636ce31fc474e9c06ec29f98.gif HTTP/1.1
Host: img.2559u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
cache-control: max-age=3600
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e188ce51b38e9805227d1a92d4c5225
0731d96f487b8d08cef458b9946fa01df18e7556
cf0ee8eda7572e2a907c4aaefb22cf8511ed845a313db050ac2518df07440964
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF0EE8EDA7572E2A907C4AAEFB22CF8511ED845A313DB050AC2518DF07440964"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14655
Expires: Fri, 25 Nov 2022 16:10:05 GMT
Date: Fri, 25 Nov 2022 12:05:50 GMT
Connection: keep-alive
kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif
104.21.234.157200 OK 65 kB URL HTTP/2 kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP 104.21.234.157:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvhkkk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:50 GMT
content-type: image/gif
content-length: 65414
last-modified: Tue, 22 Nov 2022 05:45:31 GMT
etag: "637c61fb-ff86"
expires: Sun, 25 Dec 2022 11:25:29 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OY7K561LcU2eTM4aOg9ryeimACybx0m5Gd1SQCwgifGgMgfzhoe2om7AecpaJSPModKdCyOJ7Vmm44NWibXsb0gDOa9Ks%2BKxXP7wey%2FH6sorgKNqAO3B5lbGjGE9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa413c6c68dd87-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tt.1468tu.com/58tu/960x100.gif
43.153.174.204200 OK 166 kB URL HTTP/1.1 tt.1468tu.com/58tu/960x100.gif
IP 43.153.174.204:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 100\012- data
Size 166 kB (165870 bytes)
Hash ac63ac5a8f69ce5bd9f5c6dbcbe5e449
ea0e3a5a67615ba236262770bfbf9aacaaf59ef8
c509935cc565a4e97603bb9ae7ed879b22b0ac048e825cd771be70b69ce0842d
GET /58tu/960x100.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: image/gif
Content-Length: 165870
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 08:09:12 GMT
ETag: "b6ce236cffd6d81:0"
X-Powered-By: ASP.NET
Server: X-Y
X-Cache-Status: HIT
Accept-Ranges: bytes
kvhjjj.top/0eddc09b941df608c7dbb65fd7344c05.gif
104.21.234.217200 OK 501 kB URL HTTP/2 kvhjjj.top/0eddc09b941df608c7dbb65fd7344c05.gif
IP 104.21.234.217:0
File type GIF image data, version 89a, 384 x 216\012- data
Size 501 kB (500709 bytes)
Hash 034336a5237349a60154dea96de80b58
3542d0bbdf703508930fc994eabce17681c818fa
602d2dfc2f528acbe33ca7ff13c163f8ea4f908fc7aed58c4d3a50a5931ccc0d
GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvhjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:50 GMT
content-type: image/gif
content-length: 500709
last-modified: Sun, 26 Jun 2022 12:08:26 GMT
etag: "62b84c3a-7a3e5"
expires: Thu, 15 Dec 2022 01:42:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 901394
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0n3HPFWCteq%2B%2FlOzDcuEow4fU1trFyrXRnD1AsH99yIVNOKukCvVC9r9Zypo4OHBINZRQUJWcqhKVu3vG353XlcPtp9BIg0sTcJ5M7Cy6Ac%2BvuGR6%2FUD5pp2Noa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa413caf52776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 637d307f35a65f0d652c7e9b46157717
b15b3c7cdfb8368b908cd208b2edc9b98ff72532
401dd7484bcd581ebf07c1bb1bcfdfb46eebbc0fd786d4ed28c98cced16a0c1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=116014
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:50 GMT
Etag: "637fd1cb-117"
Expires: Sat, 26 Nov 2022 20:19:24 GMT
Last-Modified: Thu, 24 Nov 2022 20:19:23 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
sysupload.csiteadmin.com/static/uploads/image/x22/20221011/1665488736300773.gif
20.189.126.156200 OK 144 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221011/1665488736300773.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 144 kB (143652 bytes)
Hash 8daacd0fa11caf19d79c021488006888
a8f6cf9ab8a92ac90a0a43b89bccf574cfe1b7ce
78538e6491052878c6d573ac5fa7deab612a7dfc3b8916147c8bfd81ae7ceb59
GET /static/uploads/image/x22/20221011/1665488736300773.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 03:00:09 GMT
ETag: "1668135609"
Expires: Sun, 11 Dec 2022 03:00:09 GMT
Last-Modified: Fri, 11 Nov 2022 03:00:09 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
IP 142.250.74.3:0
Hash 783391420a5e7aab947b2d44d96fb5a2
f277929d38caca52085af2d545f40666c9e08630
b4c16e0809d95b5d46f88e09fd3b0244e6ce9f500eb128e11b15e5b42a3f0658
POST /s/gts1p5/6NFsAw0VKxk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 737cd378417f24ff8e303905e80180fb
e03e769db8b118823e8658f4eb3e6c6547fe3455
7ae737f92d72789db034845133363edd36688c9bec0fe62b9f37027704372f8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:28:29 GMT
Expires: Wed, 30 Nov 2022 01:28:28 GMT
Etag: "e03e769db8b118823e8658f4eb3e6c6547fe3455"
Cache-Control: max-age=393157,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa413ba9bcb509-OSL
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958351815456.gif
20.189.126.156200 OK 122 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958351815456.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 122 kB (122077 bytes)
Hash 37114d23edd40ed9e0901b4a9719e67b
203de7186613dabd8a3468c1869544447c99edaa
3c27d4f44ba0e325468830935351ed317f9db77d46ff0d07154900e5f41ec4de
GET /static/uploads/image/x22/20221005/1664958351815456.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:25:55 GMT
ETag: "1667550356"
Expires: Sun, 04 Dec 2022 08:25:55 GMT
Last-Modified: Fri, 04 Nov 2022 08:25:56 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958058465466.gif
20.189.126.156200 OK 119 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958058465466.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 119 kB (118706 bytes)
Hash 3af8a82b93e6db570c683b4c6e5f0450
937c3dd1c9fffec78b039ec5973008e928e279bf
ea57b0fdaf3bb2d726e9677a4b7ac267b8ca18b7e8e4abcb6b8e02fa6e89b383
GET /static/uploads/image/x26/20221005/1664958058465466.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:54 GMT
ETag: "1667551194"
Expires: Sun, 04 Dec 2022 08:39:54 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif
104.21.234.157200 OK 685 kB URL HTTP/2 kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif
IP 104.21.234.157:0
File type GIF image data, version 89a, 384 x 216\012- data
Size 685 kB (684992 bytes)
Hash 6f531c957ea61da41ab38ccc064ac606
e2c1ccf65b2c8e2dadee1bd61ecf5539a2100825
e1094802df1cac8e84815e0d8807bbb5e73e161994c773d3a58d201f918d64b3
GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvhkkk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:50 GMT
content-type: image/gif
content-length: 684992
last-modified: Tue, 22 Nov 2022 11:00:48 GMT
etag: "637cabe0-a73c0"
expires: Sat, 24 Dec 2022 23:05:53 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 46797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=204FKEcTkfDHlM258gf6pT3x%2BDhIZdtLkmyHrhklLVBuqcceLf4MpuKNEcC%2B9b2OsfWUa5RMG9UKC8RlTc7MShx9KW8uOgWrK0%2Fkcbs7ZVKdgELT%2Feo9M4TpBfvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa413c8c99dd87-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664957978608725.gif
20.189.126.156200 OK 108 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664957978608725.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 108 kB (108092 bytes)
Hash 44f342e4357af0d5256493db6e7fc924
2f62b8f1d1c167566367105d5cae6dc52dc73133
156f4985af424639dd35a2ec1f77217a45781e148a4504f4109b48c2d71a0cfa
GET /static/uploads/image/x26/20221005/1664957978608725.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:54 GMT
ETag: "1667551194"
Expires: Sun, 04 Dec 2022 08:39:54 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7a8daad4ab6e765df1af9dd1c0eb2da5
0a17bb68661cccb2714b7b98d0f7b8df1b700cb4
cfa1ebd1b22eeb6cb79139c1d465de12da2f0e1a3f050ecce2fd0a90656c7fae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 01:44:18 GMT
Expires: Fri, 02 Dec 2022 01:44:17 GMT
Etag: "0a17bb68661cccb2714b7b98d0f7b8df1b700cb4"
Cache-Control: max-age=566906,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4136faa8b509-OSL
taiwtp1.com/img/960240.gif
220.128.218.220200 OK 224 kB URL HTTP/2 taiwtp1.com/img/960240.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 240\012- data
Size 224 kB (223879 bytes)
Hash a39bb27f09ccd6961fe1c0f3074a8b97
0e914bc58abc78e7275d3c639e2aeb548313d627
269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020
GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:03:25 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Sun, 25 Dec 2022 12:03:25 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 00830cd9c198594ab9584700a3fa8b33
26672ecd71a9a3b8e762df907a7cb850ff9da8b6
348dd89bbfd495bad00ede7de45346d9c772db0dbc972a135ded670829097b60
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 16:39:34 GMT
Expires: Tue, 29 Nov 2022 16:39:33 GMT
Etag: "26672ecd71a9a3b8e762df907a7cb850ff9da8b6"
Cache-Control: max-age=361422,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa413d5f3bb515-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2aee78ed2e3d7de1b2a7a2b23d097360
782463d3db74bbe0439feaf7c1fe18aa6f20aef7
72337b48ac80604e2338c6889fc2ffd9560062931e228fe1abc422e3312d9be9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=95809
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:50 GMT
Etag: "637f82de-117"
Expires: Sat, 26 Nov 2022 14:42:39 GMT
Last-Modified: Thu, 24 Nov 2022 14:42:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
kvhbbb.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
104.21.234.66200 OK 864 kB URL HTTP/2 kvhbbb.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 104.21.234.66:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:50 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Sun, 25 Dec 2022 11:48:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1047
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK%2Fj%2FhTZxP3pW%2BnGq%2BRCivAeRsszNOcxaXgnhMMecaOdPDF0KG7mvzQlXKg4DgCZfzZUMNjT7GKRG%2BgytDZEStaZh%2FU4ANuqDeEgnhX2W44Glcmo3rvEaToH%2FNTv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa413cce707480-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958243131147.gif
20.189.126.156200 OK 133 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958243131147.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 133 kB (132742 bytes)
Hash 917f961ed729bc558e9962fd1484dbe2
f0962f3292c4097bb4f6a4ae63ca765714c7262d
51fd38511ac427eaad10ac504a836bb4ad732c51176e3cf8a6eca65df60302eb
GET /static/uploads/image/x22/20221005/1664958243131147.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:24:09 GMT
ETag: "1667550249"
Expires: Sun, 04 Dec 2022 08:24:09 GMT
Last-Modified: Fri, 04 Nov 2022 08:24:09 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958027512691.gif
20.189.126.156200 OK 271 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958027512691.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 271 kB (270639 bytes)
Hash 8a598123a6c21612760ffc08cd6ddd05
b6bc973f2e717c2077eae5f43163fde18981eb30
349c245fb89068bc9236b8960f553a1bca367b07e75b988f67383ca21ff68908
GET /static/uploads/image/x26/20221005/1664958027512691.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
120.77.166.72200 OK 112 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 640 x 350\012- data
Size 112 kB (112297 bytes)
Hash 8bb96c4387fdae545693ec79e18c0278
e0428e9c4e3f04c38ef89e236c37e523151329c6
0222f1b7240cf95fca28796002c45ea1b6cd976750e3223f25d2aaeeb1b6c106
GET /1212/af640x350.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: image/gif
Content-Length: 112297
Connection: keep-alive
x-oss-request-id: 6380AF9D511B14343689AEC1
Accept-Ranges: bytes
ETag: "8BB96C4387FDAE545693EC79E18C0278"
Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9438539724646848523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i7lsQ4f9rlRWk+x54YwCeA==
x-oss-server-time: 1
max002.top/68a7807de3933bf7079116fa9df99e6f.gif
172.67.136.248200 OK 366 kB URL HTTP/2 max002.top/68a7807de3933bf7079116fa9df99e6f.gif
IP 172.67.136.248:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: max002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys6.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:50 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sun, 25 Dec 2022 12:05:50 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnSwc8fVn4bZclWLI326m7nCIqVtez57FCO9AwF2BFsjhGANKekhN1X71oZ1%2BVw5iQfkEnehXXv%2B1d%2F74hgAMsMF4P6lyN1Nl6emPD%2FwkID4Rd8GMjb5BYixQmn2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa413d7eb40b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664957962898269.gif
20.189.126.156200 OK 136 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664957962898269.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 136 kB (135617 bytes)
Hash e2b3f17c74651d10d199dc95cb7bdf21
173e21137df4427a1bb417a60162e604fa43fe36
590d8375f2b0dd21dc6eecc7a14f3e939b3f4838784f0e1da463aa29a36e3a61
GET /static/uploads/image/x22/20221005/1664957962898269.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:19:26 GMT
ETag: "1667549966"
Expires: Sun, 04 Dec 2022 08:19:26 GMT
Last-Modified: Fri, 04 Nov 2022 08:19:26 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 109018c9967059aecab8b0061b106bee
41d6f0679f56a86e3b9e698c4cfe04cc1336f387
84096a631e9c19af0b587ff224d35b3fe6edc3afb5c8433f70bc04ce8de5b3b0
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 12:05:50 GMT
Ali-Swift-Global-Savetime: 1669377950
Via: cache15.l2de2[186,186,200-0,M], cache15.l2de2[188,0], cache5.se1[209,209,200-0,M], cache5.se1[211,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 12:05:50 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916693779502813690e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d183a512817ed8daf0fed811671bac08
be98e95615d2f62f3e276aba1494d7af98c41589
8136a86dfd4bfd9903cfe52d836e6f06a3773aa423a772dec94e0b0177ad72ab
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 12:05:50 GMT
Last-Modified: Fri, 25 Nov 2022 04:06:38 GMT
ETag: "63803f4e-1d7"
Expires: Sun, 27 Nov 2022 04:06:38 GMT
Cache-Control: max-age=144048
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669377950
Via: cache25.l2de2[190,190,200-0,M], cache25.l2de2[192,0], cache7.se1[214,214,200-0,M], cache7.se1[216,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 12:05:50 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16693779502648307e
www.jxys6.xyz/template/m1938pc/static/css/bootstrap.min.css
173.231.38.5200 OK 204 kB URL HTTP/2 www.jxys6.xyz/template/m1938pc/static/css/bootstrap.min.css
IP 173.231.38.5:0
Size 204 kB (204492 bytes)
Hash aef9e66128003464dc404b2b21ac71a1
cf8571ac7b10fe855c4a2452504b99f3b1a1e5af
1fab6ef16cc8c5b611b2c7011035cfdbc332e39a9befdcac09df4ef11f54a498
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:46 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Sat, 26 Nov 2022 00:05:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cbcc471840270b19536a7385c435e090
6dc931336032d76c21f6b2136408f184b8005ffd
354b0163e71484d2bb42400be51f32f7cf3e4723e4f86ec9a3bdb4b104ac25da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "354B0163E71484D2BB42400BE51F32F7CF3E4723E4F86EC9A3BDB4B104AC25DA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7542
Expires: Fri, 25 Nov 2022 14:11:32 GMT
Date: Fri, 25 Nov 2022 12:05:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 89f54e6d1223063005f05f5941826663
f33e72226cacfb1c0db83105ae65f9706820f81a
f3de4d68480aff21f9dea8bd72700ed65aa3ae7cd736ffc836dc6bef5b48f60c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3701
Cache-Control: max-age=162868
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:50 GMT
Etag: "63807a5d-116"
Expires: Sun, 27 Nov 2022 09:20:18 GMT
Last-Modified: Fri, 25 Nov 2022 08:18:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
120.77.166.119200 OK 614 kB URL HTTP/1.1 sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP 120.77.166.119:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 614 kB (614471 bytes)
Hash b5d129edaaaec2db9b9fbdbb13e162ff
65f3ce758707891ffd332f10aa834db951797eff
5d05e4e57c27de7a91acd77be5e011b27d207edf3125163ab66dc23af7dd2952
GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: image/gif
Content-Length: 614471
Connection: keep-alive
x-oss-request-id: 6380AF9DD0DEFE393183A0CA
Accept-Ranges: bytes
ETag: "B5D129EDAAAEC2DB9B9FBDBB13E162FF"
Last-Modified: Sun, 20 Nov 2022 08:15:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1485979328286445117
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: tdEp7aquwtubn727E+Fi/w==
x-oss-server-time: 1
img.9717x.com/images/637f0bb78d97bc67605fd8a5.gif
91.199.87.220302 Found 471 B URL HTTP/2 img.9717x.com/images/637f0bb78d97bc67605fd8a5.gif
IP 91.199.87.220:0
Hash 109018c9967059aecab8b0061b106bee
41d6f0679f56a86e3b9e698c4cfe04cc1336f387
84096a631e9c19af0b587ff224d35b3fe6edc3afb5c8433f70bc04ce8de5b3b0
GET /images/637f0bb78d97bc67605fd8a5.gif HTTP/1.1
Host: img.9717x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ydschool-online.nosdn.127.net/tiku/72955337d3a97fb538f5ce9ebd7fe97d8689130eafab95cbef229731703681f8.gif
cache-control: max-age=3600
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
IP 142.250.74.3:0
Hash 783391420a5e7aab947b2d44d96fb5a2
f277929d38caca52085af2d545f40666c9e08630
b4c16e0809d95b5d46f88e09fd3b0244e6ce9f500eb128e11b15e5b42a3f0658
POST /s/gts1p5/6NFsAw0VKxk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:05:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ydschool-online.nosdn.127.net/tiku/72955337d3a97fb538f5ce9ebd7fe97d8689130eafab95cbef229731703681f8.gif
47.246.44.225200 OK 244 kB URL HTTP/2 ydschool-online.nosdn.127.net/tiku/72955337d3a97fb538f5ce9ebd7fe97d8689130eafab95cbef229731703681f8.gif
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 360 x 246\012- data
Size 244 kB (243887 bytes)
Hash c809f64a696a5f0aa2356797ac0cf992
12d9623b39a70ebc2297cf1d9ff9e558826677fa
2b9fd787a0ac1d770ad0d8b3b717db4d9aafaca418058cec7a88b05f4948e8f5
GET /tiku/72955337d3a97fb538f5ce9ebd7fe97d8689130eafab95cbef229731703681f8.gif HTTP/1.1
Host: ydschool-online.nosdn.127.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif;charset=UTF-8
content-length: 243887
date: Thu, 24 Nov 2022 06:14:17 GMT
content-disposition: inline; filename="tiku%2F72955337d3a97fb538f5ce9ebd7fe97d8689130eafab95cbef229731703681f8.gif"
etag: c809f64a696a5f0aa2356797ac0cf992
last-modified: Thu, 24 Nov 2022 14:14:17 Asia/Shanghai
x-nos-object-name: tiku%2F72955337d3a97fb538f5ce9ebd7fe97d8689130eafab95cbef229731703681f8.gif
x-nos-request-id: 7a2a73a2-8c0c-4682-9694-a921cb3e0a2f
x-nos-requesttype: GetObject
x-nos-storage-class: STANDARD
ali-swift-global-savetime: 1669270457
via: cache25.l2st3-1[163,163,206-0,M], cache45.l2st3-1[164,0], cache3.l2hk2[170,170,206-0,M], cache33.l2hk2[171,0], cache17.l2de2[0,0,206-0,H], cache10.l2de2[0,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0]
age: 107493
x-cache: HIT TCP_MEM_HIT dirn:4:43742763
x-swift-savetime: Thu, 24 Nov 2022 07:03:49 GMT
x-swift-cachetime: 2589028
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9816693779505474664e
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash f74db977ea7b6777a59ba4ebf080dd24
6037c8cce6f4eaf1969a664b82136c4b9f08c32e
4348fbd1f14d03e010dab6b8dd703626fff6d6110062fb1254898d7c2e9ef822
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 05:36:52 GMT
Expires: Tue, 29 Nov 2022 05:36:51 GMT
Etag: "6037c8cce6f4eaf1969a664b82136c4b9f08c32e"
Cache-Control: max-age=321660,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa4137d8b3b4ff-OSL
885364.com/af487946377641ea8b2db51483f4b919.gif
47.75.19.145200 OK 33 kB URL HTTP/1.1 885364.com/af487946377641ea8b2db51483f4b919.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 250 x 150\012- data
Hash bc3f27f450ad0ebd19370d3737fc2e07
f1ac03dc00b5370bafdfdc604cea7f8bbdb3d75b
f76a84ddee61f9d582915900d7074fbb4c989b9669c3f871fd9fbf465895cbe1
GET /af487946377641ea8b2db51483f4b919.gif HTTP/1.1
Host: 885364.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 12:05:50 GMT
Content-Type: image/gif
Content-Length: 33267
Connection: keep-alive
x-oss-request-id: 6380AF9E0E14E43439262D2E
Accept-Ranges: bytes
ETag: "BC3F27F450AD0EBD19370D3737FC2E07"
Last-Modified: Tue, 02 Aug 2022 10:36:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2465277436600690179
x-oss-storage-class: Standard
Content-MD5: vD8n9FCtDr0ZNw03N/wuBw==
x-oss-server-time: 1
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
47.56.33.17200 OK 294 kB URL HTTP/1.1 aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
IP 47.56.33.17:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 1000 x 120\012- data
Size 294 kB (294418 bytes)
Hash b5f554e2887180883376a154c0d49550
054d301265d3dcfae8744965a1ecd81c39d938c9
07cb8aac7eb97f735999f176016eb0f26e1b4958acfb3924d22c9ff901250b2a
GET /b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif HTTP/1.1
Host: aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 12:05:49 GMT
Content-Type: image/gif
Content-Length: 294418
Connection: keep-alive
x-oss-request-id: 6380AF9D9DB5783535ADDE3B
Vary: Origin
Accept-Ranges: bytes
ETag: "B5F554E2887180883376A154C0D49550"
Last-Modified: Tue, 25 Jan 2022 08:46:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7927258656666560621
x-oss-storage-class: Standard
Content-Disposition: inline;filename=899E8306-3565-4974-AD46-916F3A0C3E17.gif
Content-MD5: tfVU4ohxgIgzdqFUwNSVUA==
x-oss-server-time: 2
585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
45.61.212.52200 OK 161 kB URL HTTP/1.1 585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
IP 45.61.212.52:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 161 kB (160599 bytes)
Hash 1e6146135f463f9dd5a91b6ec27e6dc6
b4871d778c720ce51a7c0e9fef07230b6ac0935a
ee63a02abc03ac35bb66a8010518568351f9215b346ffdc244f6b8926ff08519
Analyzer Verdict Alert quad9 Sinkholed
GET /41b638d808b64a4db1c3e57fb5622e78.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9085-27357"
Date: Mon, 14 Nov 2022 06:06:27 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:19:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-22
Content-Length: 160599
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
20.189.126.156200 OK 258 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 258 kB (257993 bytes)
Hash 038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71
GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:38:52 GMT
ETag: "1667486333"
Expires: Sat, 03 Dec 2022 14:38:52 GMT
Last-Modified: Thu, 03 Nov 2022 14:38:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 109018c9967059aecab8b0061b106bee
41d6f0679f56a86e3b9e698c4cfe04cc1336f387
84096a631e9c19af0b587ff224d35b3fe6edc3afb5c8433f70bc04ce8de5b3b0
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 12:05:50 GMT
Last-Modified: Fri, 25 Nov 2022 08:54:39 GMT
ETag: "638082cf-1d7"
Expires: Sun, 27 Nov 2022 08:54:39 GMT
Cache-Control: max-age=161329
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669377950
Via: cache11.l2de2[473,472,200-0,M], cache11.l2de2[474,0], cache7.se1[496,496,200-0,M], cache7.se1[497,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 12:05:50 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16693779504458412e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 109018c9967059aecab8b0061b106bee
41d6f0679f56a86e3b9e698c4cfe04cc1336f387
84096a631e9c19af0b587ff224d35b3fe6edc3afb5c8433f70bc04ce8de5b3b0
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 12:05:50 GMT
Last-Modified: Fri, 25 Nov 2022 08:54:39 GMT
ETag: "638082cf-1d7"
Expires: Sun, 27 Nov 2022 08:54:39 GMT
Cache-Control: max-age=161329
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669377950
Via: cache17.l2de2[475,474,200-0,M], cache17.l2de2[477,0], cache2.se1[499,499,200-0,M], cache2.se1[500,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 12:05:50 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616693779504441901e
1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif
47.75.19.69200 OK 944 kB URL HTTP/1.1 1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif
IP 47.75.19.69:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 944 kB (944089 bytes)
Hash aa2183d37f4bb3e32799aa7559d6828b
9d75c1091c801574931943dc3e4fe4ff38118950
2db5c59fac7361ef8ba376e459ccbe1c98beb6b831dac82d855ca8a0324b4eab
GET /se/lq.gif HTTP/1.1
Host: 1088hg01.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 12:05:48 GMT
Content-Type: image/gif
Content-Length: 944089
Connection: keep-alive
x-oss-request-id: 6380AF9C4C8B373934CC32B1
Accept-Ranges: bytes
ETag: "AA2183D37F4BB3E32799AA7559D6828B"
Last-Modified: Sat, 05 Nov 2022 08:29:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9189525011022840236
x-oss-storage-class: Standard
Content-MD5: qiGD039Ls+Mnmap1WdaCiw==
x-oss-server-time: 1
8499163.com/8499/224x134.gif
23.224.101.37200 OK 195 kB URL HTTP/2 8499163.com/8499/224x134.gif
IP 23.224.101.37:0
File type GIF image data, version 89a, 220 x 130\012- data
Size 195 kB (194792 bytes)
Hash d6be4c83c9a5f3de01fca27ad55cc029
f93ab36f1db949e8c94d7fd983e7ca136ea3e7d2
03a89dc11430b0a5c56b73e6b8d2f31739ba23742b8014fe9474a47a5401c641
GET /8499/224x134.gif HTTP/1.1
Host: 8499163.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:48 GMT
content-type: image/gif
content-length: 194792
last-modified: Thu, 17 Nov 2022 05:33:07 GMT
etag: "2f8e8-5eda3ec91c7d5"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.qwahk.com/960x60.gif
206.119.105.167200 OK 477 kB URL HTTP/1.1 static.qwahk.com/960x60.gif
IP 206.119.105.167:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 477289
Content-Type: image/gif;charset=UTF-8
Date: Fri, 04 Nov 2022 05:24:22 GMT
ETag: "1667539462"
Last-Modified: Fri, 04 Nov 2022 05:24:22 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 anxun42:2 (W)
X-Cache: HIT, server, disk
X-Px: ms anxun42000(origin)
X-Reqid: 201921416722818020221104132422Vjecd9ZYsampled
X-Ws-Request-Id: 6364a206_anxun42_30023-57835
539397377.com/db431bafa2474156b9fddc3d9c277b4d.gif
47.75.19.145200 OK 177 kB URL HTTP/1.1 539397377.com/db431bafa2474156b9fddc3d9c277b4d.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 240 x 140\012- data
Size 177 kB (176976 bytes)
Hash 5c383b781891f009bfe7545eb03e78d9
75d4973454dc1243aeb3e10c8f58033b904f55a0
3fcb048f35db216dd311386f685b6dd7ed68384951f09cc018287cdb49d1d35b
GET /db431bafa2474156b9fddc3d9c277b4d.gif HTTP/1.1
Host: 539397377.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 12:05:50 GMT
Content-Type: image/gif
Content-Length: 176976
Connection: keep-alive
x-oss-request-id: 6380AF9E0E14E431341A2D2E
Accept-Ranges: bytes
ETag: "5C383B781891F009BFE7545EB03E78D9"
Last-Modified: Fri, 23 Sep 2022 09:18:01 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8278321731206139918
x-oss-storage-class: Standard
Content-MD5: XDg7eBiR8Am/51ResD542Q==
x-oss-server-time: 1
img.9712x.com/images/63523e235fe50f0585d3ef83.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.9712x.com/images/63523e235fe50f0585d3ef83.gif
IP 91.199.87.220:0
GET /images/63523e235fe50f0585d3ef83.gif HTTP/1.1
Host: img.9712x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.1129555.com/images/6375e9e9e718d3da5a918058.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.1129555.com/images/6375e9e9e718d3da5a918058.gif
IP 91.199.87.220:0
GET /images/6375e9e9e718d3da5a918058.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
cache-control: max-age=3600
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
120.77.166.72200 OK 0 B URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /af/q960x120-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 12:05:50 GMT
Content-Type: image/gif
Content-Length: 478685
Connection: keep-alive
x-oss-request-id: 6380AF9E4EAD113530B4729C
Accept-Ranges: bytes
ETag: "5BF732E915BAF1D960C69A7DFEB3EF7C"
Last-Modified: Tue, 27 Sep 2022 07:43:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8402549840524505905
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: W/cy6RW68dlgxpp9/rPvfA==
x-oss-server-time: 1
acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
91.195.240.12403 Forbidden 0 B URL HTTP/2 acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
IP 91.195.240.12:0
GET /3c1bcbe1527d69a7efc3687b42d7ea1f.gif HTTP/1.1
Host: acoosso.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Fri, 25 Nov 2022 12:05:48 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.jxys88.net/news/index.php
173.231.12.68200 OK 0 B URL HTTP/2 www.jxys88.net/news/index.php
IP 173.231.12.68:0
GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:05:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.8961x.com/images/636ce2e7c474e9c06ec29f97.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.8961x.com/images/636ce2e7c474e9c06ec29f97.gif
IP 91.199.87.220:0
GET /images/636ce2e7c474e9c06ec29f97.gif HTTP/1.1
Host: img.8961x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a
cache-control: max-age=3600
X-Firefox-Spdy: h2
yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg
113.96.208.98200 OK 0 B URL HTTP/2 yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg
IP 113.96.208.98:0
GET /fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg HTTP/1.1
Host: yzf.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 12:05:50 GMT
content-type: image/jpeg
set-cookie: tgw_l7_route=f269fee9b6566b9c6f92d3317870bb0e; Expires=Fri, 25-Nov-2022 12:10:50 GMT; Path=/
server: nginx/1.12.2
last-modified: Mon, 14 Nov 2022 12:16:03 GMT
x-content-type-options: nosniff
x-xss-protection: 1
x-request-id: 5e5ecfac166eafe480d3ee963ca839be
content-encoding: gzip
X-Firefox-Spdy: h2
img.u1158.com/images/637f0b6b8d97bc67605fd8a2.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.u1158.com/images/637f0b6b8d97bc67605fd8a2.gif
IP 91.199.87.220:0
GET /images/637f0b6b8d97bc67605fd8a2.gif HTTP/1.1
Host: img.u1158.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9f72c309b4cd48799e412b9020cada94
cache-control: max-age=3600
X-Firefox-Spdy: h2