r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18457
Expires: Sat, 07 Jan 2023 07:12:06 GMT
Date: Sat, 07 Jan 2023 02:04:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12514
Expires: Sat, 07 Jan 2023 05:33:03 GMT
Date: Sat, 07 Jan 2023 02:04:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 01:48:05 GMT
content-type: application/json
age: 984
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12428
Expires: Sat, 07 Jan 2023 05:31:37 GMT
Date: Sat, 07 Jan 2023 02:04:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jTj49B2OxRJhh1gLR52sfSgVWv0mB/SWhQXvrXRY6WBoRzkfbM5W5EJ/2s7NI6guoRar8b8nj+E=
x-amz-request-id: 5JAVG7PNB06Y33AN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 02:00:13 GMT
age: 256
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:29 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
nils-holgerson.com/
172.121.89.17301 Moved Permanently 0 B IP 172.121.89.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 07 Jan 2023 02:04:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.nils-holgerson.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 01:33:39 GMT
age: 1850
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1234
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 02:04:30 GMT
Etag: "63b7e4a8-1d7"
Last-Modified: Sat, 07 Jan 2023 01:43:56 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.nils-holgerson.com/index.php
172.121.89.17200 OK 785 B URL HTTP/1.1 www.nils-holgerson.com/index.php
IP 172.121.89.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 449979d226b4709e707902a1275adecd
bc5083da744f7892a81e1a630855e6250b5f3959
235f81865fe0e97383deb1b88df3ba218d51bfc6cedb0ecbf0ad24f7029f1c0c
GET /index.php HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Jan 2023 02:04:29 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
www.nils-holgerson.com/tj.js
172.121.89.17200 OK 520 B URL HTTP/1.1 www.nils-holgerson.com/tj.js
IP 172.121.89.17:0
File type ASCII text, with CRLF line terminators
Hash c641843bbee2dbe645c9de13d8f953ed
1a93b5d7b8540d5acbaae9c8bc00c16926a23588
4604c89ab81e21b0a8e7e762b60c0190dd44643056504ae5c28ebd2b4e739ed7
GET /tj.js HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Jan 2023 02:04:30 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CV8tpkAk+GqS5va76FMhcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xtTCxLMuN0HChig38g66VveH8tU=
www.nils-holgerson.com/common.js
172.121.89.17200 OK 753 B URL HTTP/1.1 www.nils-holgerson.com/common.js
IP 172.121.89.17:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash 422fd880589a7fc1a2f9b43c88c64fbe
cd02b22cba108051097edd967d9b4e937386a05f
51ceb85b881f6f3a9a9deea0265b4960a9fd3d7fe698b72c0329332dc91585b9
GET /common.js HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Jan 2023 02:04:30 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 61adf6dce2ebec8ade148498f953d1f1
183934d791fde6d38b5b679e6f0b700dc0deacce
4ddb6f01741d4603fe6cd24fbfffe21a57d28ae46038418113c7f88502a10b81
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 11 Jan 2023 00:00:29 GMT
ETag: "183934d791fde6d38b5b679e6f0b700dc0deacce"
Last-Modified: Sat, 07 Jan 2023 00:00:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1819
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78591f85effab50c-OSL
www.nils-holgerson.com/favicon.ico
172.121.89.17200 OK 1.2 kB URL HTTP/1.1 www.nils-holgerson.com/favicon.ico
IP 172.121.89.17:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Jan 2023 02:04:30 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 12 Jan 2023 02:04:30 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash ad58b588213fb95d9802fd918f9b212e
d11084bdc43199fdf79155677238351368581eb9
e3c48962c266832623e3f762427967a08c0774afc4d31779c2e520401b8a4d23
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:31 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 06:23:37 GMT
Expires: Thu, 12 Jan 2023 06:23:36 GMT
Etag: "d11084bdc43199fdf79155677238351368581eb9"
Cache-Control: max-age=446944,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78591f8848320b61-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13818
Expires: Sat, 07 Jan 2023 05:54:49 GMT
Date: Sat, 07 Jan 2023 02:04:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13818
Expires: Sat, 07 Jan 2023 05:54:49 GMT
Date: Sat, 07 Jan 2023 02:04:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13818
Expires: Sat, 07 Jan 2023 05:54:49 GMT
Date: Sat, 07 Jan 2023 02:04:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528de87e-4c51-4e2a-90d5-fa6c5a52a300.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528de87e-4c51-4e2a-90d5-fa6c5a52a300.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3735c87d612da35bd07f0397b95799a
47a017ef6a57d5ec43482308cda3e15f35bfacf6
e075dd0433540b3c35030bd9312273e1ed472ab1a25cfe2912086d35e6019a60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528de87e-4c51-4e2a-90d5-fa6c5a52a300.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10420
x-amzn-requestid: 3feb5ad5-2b7c-48b5-8a0d-f780c780a72e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6bPHGNoAMFQYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63de1-3d6b89744fc025f2770caaf1;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:02:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HO5g694cJLUDm7L75ZDxrLYWowwIpwHYyXKEIN9PItTp0PR932AqmQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 04:28:00 GMT
age: 77791
etag: "47a017ef6a57d5ec43482308cda3e15f35bfacf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0fd17757d97ed3b4570387623f465f
889b2e3d0db6f9bc03393ff59a5eb7bee816cac3
1035a9d3c973762adfc08529b59642c3839ef95a7e8cfcced63e61ec154ad092
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10695
x-amzn-requestid: ae69c1c3-22f6-49de-91ec-8e7a854e4b27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNWFo5IAMFUKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-75032a3e7ab3eb897382cad4;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kkpb41RwNIWi4GQrpRiCAGUGsFyv9v-lpjPdStHiI1KxfkRi4tFCOQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:59:50 GMT
age: 14681
etag: "889b2e3d0db6f9bc03393ff59a5eb7bee816cac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f422f55-b598-4b18-ad6c-d64bb470b0c5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f422f55-b598-4b18-ad6c-d64bb470b0c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4dd5fc3111e49a998f6c1c8e8ef049
54c51c4566a514b9d8567a34e5b6f7dfd6614fa6
f05de119c3ddf9ad7bec9189889f9a8ddbd4aa764ce71d8ef8c839163faf5825
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f422f55-b598-4b18-ad6c-d64bb470b0c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7569
x-amzn-requestid: 45c4580d-6e09-4b37-991d-62a479e2f8df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ4DGExkIAMF_5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d3ad-69ed220f00ec899e1d7852aa;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:05:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VEt2UgPgvn8nnbu2YTvxxgpHFqhhuQny_CgH4x3FLZA2pmZVcYqqBQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 13:26:07 GMT
age: 45504
etag: "54c51c4566a514b9d8567a34e5b6f7dfd6614fa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4459605-f609-4708-9d2f-a9847e75083d.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4459605-f609-4708-9d2f-a9847e75083d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b9a1ed2794a7736b50852eb3686003c
86eca466bc7f92bf08faa14e0e81689014e956a8
5e5ebb24253d640719db3e8c27d4de71405173004e1be4df49af7c493fb504b8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4459605-f609-4708-9d2f-a9847e75083d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9314
x-amzn-requestid: d7733987-847e-446f-ab4e-8f4022e5ca2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6aOH9joAMFzeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63dda-4b395435357054a273ce94e8;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:02:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rQQBSZ09w7R-z2Hq7swh5LQhpSsGpdnmLkTYPa3t_f2sHWgmkdO7Zg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 03:13:29 GMT
age: 82262
etag: "86eca466bc7f92bf08faa14e0e81689014e956a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skIlgzeKmjJ2Wsx2QeubgMvO7chgpPNZYqW4E_xhRgkCtDEhAfBp4w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:33:22 GMT
age: 66669
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f88c409-63db-4390-90f5-6c6c8dd31b89.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f88c409-63db-4390-90f5-6c6c8dd31b89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6630160260bdfbe296d0fffb086f3677
a137158a0837301cd3676a9a13b65be7935b74fa
f0cc89839f0a24de53666338dad8ff0302a3edc014518b1e4c88e18cecb98180
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f88c409-63db-4390-90f5-6c6c8dd31b89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7923
x-amzn-requestid: c0b10d88-c03d-4229-b166-6df35e165165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxEpE9PIAMF8AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89550-11af51761a44ec5049de843b;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 50E7goXB1DnB-t3U9LkBlN62AEmHM6PpM3UfTn9c-6qgC7AEYSGxEw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:48:13 GMT
age: 15378
etag: "a137158a0837301cd3676a9a13b65be7935b74fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 31438974454acdbe045858769ff34177
8f6827a701f487aefeaf3080497e50df64dc5773
fdcd5bb6385f006c2200109cfc986212811fa7dde189edb37185798284d7cdad
GET /hm.js?fec0eaa8fc52795617f18f518d42aaab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Sat, 07 Jan 2023 02:04:31 GMT
Etag: aebd6a5380335e6db7184edb89334763
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FABD6FAE444294D6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash e7bbd49f92ff4c15bf521b89ebc77dd2
45c17daa6946f60cfb287d7f5325ede1f5e80e87
f4b66b3e9aad44c76da124fba8af8ef085b0d5735fecf2622168ced43cf9183b
GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 07 Jan 2023 02:04:31 GMT
Etag: 3118a8098513db72fdf89bc59baa0a05
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=301D9FE06DA7CCE4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 07 Jan 2023 02:04:32 GMT
Etag: "4078521116"
Expires: Sun, 07 Jan 2024 02:04:32 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=32AB06711DB8903CF8CE811FD5085432:FG=1; max-age=31536000; expires=Sun, 07-Jan-24 02:04:32 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1114019929&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=14046&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1114019929&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=14046&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1114019929&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=14046&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 07 Jan 2023 02:04:32 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=064B59F1BE7D1FB9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=216921961&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=14046&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=216921961&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=14046&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=216921961&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=14046&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 07 Jan 2023 02:04:32 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=3F6ADED8E8D03184; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc6c07ccc0820d7a8695f5e8fb9eba12
5aa83cbafad19e62402ad1221928a70a7097f85a
84f57c5beef3bd13a715a0e1d1bc674df241b276dcba64f960de08437823ffde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84F57C5BEEF3BD13A715A0E1D1BC674DF241B276DCBA64F960DE08437823FFDE"
Last-Modified: Fri, 06 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Sat, 07 Jan 2023 08:03:48 GMT
Date: Sat, 07 Jan 2023 02:04:33 GMT
Connection: keep-alive
api.share.baidu.com/s.gif?l=http://www.nils-holgerson.com/index.php
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.nils-holgerson.com/index.php
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.nils-holgerson.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 07 Jan 2023 02:04:33 GMT
www.jxys16.xyz/template/m1938pc/html9/ads/1.gif
173.231.38.6200 OK 254 B URL HTTP/2 www.jxys16.xyz/template/m1938pc/html9/ads/1.gif
IP 173.231.38.6:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:34 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Mon, 06 Feb 2023 02:04:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys16.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
173.231.38.6200 OK 13 kB URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP 173.231.38.6:0
File type Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Hash 99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys16.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:34 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys16.xyz/
173.231.38.6200 OK 26 kB IP 173.231.38.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (335), with CRLF, LF line terminators
Hash 8cbfd5a75d4aafc867488b55a83d01eb
d7dad06c5c8fdb5f0c10d1edd64bce0640b1f3d8
6032d74ca42af918280882443b7b91e6b4cb84c0d14b9f14a3462f38ff03d70f
GET / HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:33 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=884795871&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=14049&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=884795871&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=14049&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=884795871&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=14049&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 07 Jan 2023 02:04:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=22446E502BC9FA29; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5692997ebee318acc49233ac224a6b0c
cdeef9b8e764067b69cedb7cb4df17ff4ea8665c
5f7c1b34c314bd7bfa7a95422d6e196ad6c0a1da82b23413aa348647136c5c79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1793
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 02:04:36 GMT
Last-Modified: Sat, 07 Jan 2023 01:34:43 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5692997ebee318acc49233ac224a6b0c
cdeef9b8e764067b69cedb7cb4df17ff4ea8665c
5f7c1b34c314bd7bfa7a95422d6e196ad6c0a1da82b23413aa348647136c5c79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1793
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 02:04:36 GMT
Last-Modified: Sat, 07 Jan 2023 01:34:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5692997ebee318acc49233ac224a6b0c
cdeef9b8e764067b69cedb7cb4df17ff4ea8665c
5f7c1b34c314bd7bfa7a95422d6e196ad6c0a1da82b23413aa348647136c5c79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1793
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 02:04:36 GMT
Last-Modified: Sat, 07 Jan 2023 01:34:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
104.110.17.24200 OK 489 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7720277
expires: Thu, 06 Apr 2023 10:35:53 GMT
date: Sat, 07 Jan 2023 02:04:36 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101k12000ae486x63B3D.gif?proc=autoorient
104.110.17.24200 OK 529 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101k12000ae486x63B3D.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 529 kB (528634 bytes)
Hash d51af10f1a8750247c1dc04aca2d8c30
f20abf7a2162ef5927858a0ee5ef0737e9bb6db3
eccf366128053f6427ec50c21f11c01579a07536cb9e86df7a13043946cbc37c
GET /images/0101k12000ae486x63B3D.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 528634
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7731091
expires: Thu, 06 Apr 2023 13:36:07 GMT
date: Sat, 07 Jan 2023 02:04:36 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f7776eb098c90b8f9ef02fb90fb99562
783c6138b5222617435173c8deed6603b6e2fda2
c5698bc921e1396a4137004ebb4bae909cd82da87dfe988919257d8865ff6b1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5698BC921E1396A4137004EBB4BAE909CD82DA87DFE988919257D8865FF6B1C"
Last-Modified: Fri, 06 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11761
Expires: Sat, 07 Jan 2023 05:20:37 GMT
Date: Sat, 07 Jan 2023 02:04:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f7776eb098c90b8f9ef02fb90fb99562
783c6138b5222617435173c8deed6603b6e2fda2
c5698bc921e1396a4137004ebb4bae909cd82da87dfe988919257d8865ff6b1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5698BC921E1396A4137004EBB4BAE909CD82DA87DFE988919257D8865FF6B1C"
Last-Modified: Fri, 06 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11761
Expires: Sat, 07 Jan 2023 05:20:37 GMT
Date: Sat, 07 Jan 2023 02:04:36 GMT
Connection: keep-alive
z4a.net/images/2022/12/11/960x60.gif
104.21.234.234200 OK 169 kB URL HTTP/2 z4a.net/images/2022/12/11/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 169 kB (168777 bytes)
Hash 729a348b918f6435c5a38c8938a81587
f82b088813167cd5396bf74feedb4d8e35612dcf
cd580979947876de1d553e460e57bd4d7b432c682097f67c6249b667eb3c6726
GET /images/2022/12/11/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:36 GMT
content-type: image/gif
content-length: 168777
expires: Mon, 11 Dec 2023 13:56:31 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2290085
last-modified: Sun, 11 Dec 2022 13:56:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8u%2FzdppzyiCz8OowLTi7234Fy6j%2BWQtO7Bo2aXjRwdAtTd0vocdED80E3gMy9M1KZqwztDT%2F7p1rR4eDr9UGlnooUnnDUN0QVY%2F81NstMc2SgH71xok8eRbU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78591faa2a5371c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/11/960x603d5ab8438267da4d.gif
104.21.234.234200 OK 176 kB URL HTTP/2 z4a.net/images/2022/12/11/960x603d5ab8438267da4d.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 176 kB (176400 bytes)
Hash 790f7ce169b014489226f2bc54fcebdb
8c728b76de39bd04e942af210a6742a2727eedd5
111153d903587269530c51cc32126f82d51a9461b42be47237db3f289f6483c6
GET /images/2022/12/11/960x603d5ab8438267da4d.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:36 GMT
content-type: image/gif
content-length: 176400
expires: Sat, 16 Dec 2023 08:45:29 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1876747
last-modified: Fri, 16 Dec 2022 08:45:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAnerJUML691CyeyVCy4O8R4TTFlmokx%2BtVdUz%2BphHpt0ThnJFIFid8AxHf8vJzyCRQk7b5JcZ%2BgX4NJFNKatu0JhT%2FS9rnMrhhdkgGHjy3quL%2FrJOPc5uwk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78591faa3a6b71c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/11/960-60-0.gif
104.21.234.234200 OK 198 kB URL HTTP/2 z4a.net/images/2022/12/11/960-60-0.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 198 kB (198523 bytes)
Hash 785b488cd18db17252bbc6e2e90d15fb
733a0183c583aaac34ffd5b1019d4a6ca25434c6
01982c41cd3165a9490c613aee197531461568a26d6691509076dfcb7c5438a4
GET /images/2022/12/11/960-60-0.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:36 GMT
content-type: image/gif
content-length: 198523
expires: Mon, 11 Dec 2023 13:56:41 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2290075
last-modified: Sun, 11 Dec 2022 13:56:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awP5HHc84gNoHSz%2Bpn%2F4Wm2KQC%2FSREp8xq%2BP7EKE61%2Fzs547C6hTX5DhVA2JqO4xMUlCIUw7l4FtITHsrzZdhbYOL6V20YlIdXCJsSGjM99Ga0jfwxMLODj5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78591faa4a7871c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/10/960x60.gif
104.21.234.234200 OK 245 kB URL HTTP/2 z4a.net/images/2022/12/10/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245207 bytes)
Hash 0b25bc78e72da9cce4df6f8b35a75247
26e8c59347f9489d5922e92660d3fc2d44c44cbb
8ff60c94afa37237e7746c8095addb9476b20739a25163536a2cd89217089a88
GET /images/2022/12/10/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:36 GMT
content-type: image/gif
content-length: 245207
expires: Mon, 11 Dec 2023 14:52:57 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2286699
last-modified: Sun, 11 Dec 2022 14:52:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taLkdkJZp4TeBHi8sVDoKpwI8TBI974nxe8p2mElGpmoxDplawvhFCSE041QZ4UJYrUuD%2FPQ%2FCrRQfDtYLoEBHscQV5yVS95JR0fIQyH%2BznMABa0Tf%2F8wFxn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78591faa3a6571c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/21/960x60d39aac802c494f86.gif
104.21.234.234200 OK 528 kB URL HTTP/2 z4a.net/images/2022/12/21/960x60d39aac802c494f86.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 528 kB (527657 bytes)
Hash bc9315952b1de102c2097670f688e43d
2412c6e3aee17d6a271b6f69358ac96dec2afa24
b20477516ad5a2c0daef1e9f3037e32278a3740ca88be3614c1540b90675f396
GET /images/2022/12/21/960x60d39aac802c494f86.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:36 GMT
content-type: image/gif
content-length: 527657
expires: Thu, 21 Dec 2023 12:42:01 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1430555
last-modified: Wed, 21 Dec 2022 12:42:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhhEoMbMhx1aNyqX42CXiTDf4viHll9PlIsnz9yqGjPpem%2B8SaBeciJaXF%2FqEYYccQXokY7TLglv4O9ySgIYyhYvdiFBYtWS6b3f8vhJ1Sc%2FnNfpi45QAn5A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78591faa3a6871c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/11/20/960x60.gif
104.21.234.234200 OK 578 kB URL HTTP/2 z4a.net/images/2022/11/20/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 578 kB (577945 bytes)
Hash 6ae710163cd11c12a73a693024c46410
43041b87b2040371a052bf1f83d401c263a32178
42da405262416c9fbaa04b2718406d4ea93501bfb99774fae4956b6eab7c1831
GET /images/2022/11/20/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:36 GMT
content-type: image/gif
content-length: 577945
expires: Wed, 06 Dec 2023 00:21:24 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2770992
last-modified: Tue, 06 Dec 2022 00:21:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6kUOX%2FBw2CgmrXJ%2BDdDjp%2B2dZ75tvYmJQ%2BKKokG51OG13BV0MPmDbv5phGC0QAYE4yUOKmt0mqbaV4DMgmBgou9w9VCWuV69z6RK6qCeYuYLH5%2BLJ5C4fxR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78591faa2a5b71c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 8cbeaf04b3548e6b95f7db687eb42b6c
df1bd5aa35af201891a66f899632cb09f69c15aa
f9a1772e4dcc84234545c526d68b9443074d2a3973e8b3ef142be4cda7118b7f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 11 Jan 2023 00:03:18 GMT
ETag: "df1bd5aa35af201891a66f899632cb09f69c15aa"
Last-Modified: Sat, 07 Jan 2023 00:03:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78591fab2921b50c-OSL
img30.360buyimg.com/popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif
163.171.134.109200 OK 171 kB URL HTTP/2 img30.360buyimg.com/popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif
IP 163.171.134.109:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 960 x 100\012- data
Size 171 kB (171392 bytes)
Hash a13e5953b9b9868e6d79e79de68f86ae
7ce4811b6358d541d17d91521fbf2d18ce889e39
f2cce13596aab83e51968ad821abe6bf86704a9ed4bfe0d2a594f23b47cfb592
GET /popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif HTTP/1.1
Host: img30.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:37 GMT
content-type: image/gif
content-length: 171392
expires: Wed, 28 Jun 2023 13:59:02 GMT
server: nginx
cache-control: max-age=15552000
last-modified: Fri, 30 Dec 2022 13:38:38 GMT
via: http/1.1 ORI-CLOUD-ZJ-MIX-193 (jcs [cHs f ]), http/1.1 JN-UNI-2-MIX-14 (jcs [cMsSfW])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672407518600-0-0-1-10-10;200;200-1672407553481-0-0-0-10-10;200-1672407553489-0-0-0-22-22
age: 648335
x-via: 1.1 PSdgflkfFRA1ox201:3 (Cdn Cache Server V2.0), 1.1 PS-ARN-01C8L93:5 (Cdn Cache Server V2.0)
x-ws-request-id: 63b8d335_PSrdsdgemSTO1sw92_5006-57992
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e9cca88f6651cb4cae732b319a6c81e
9f116f3f8ca5d7eee69812cafb013619338e6e6f
402dde83ad219fd0c4fd43a9044d3155ce5561aa9a2ccd33f29f5aca659d1dcc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402DDE83AD219FD0C4FD43A9044D3155CE5561AA9A2CCD33F29F5ACA659D1DCC"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20531
Expires: Sat, 07 Jan 2023 07:46:48 GMT
Date: Sat, 07 Jan 2023 02:04:37 GMT
Connection: keep-alive
66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
103.170.15.98200 OK 149 kB URL HTTP/1.1 66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
IP 103.170.15.98:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 149 kB (149081 bytes)
Hash ca110f84ebcc10dd498b26dc6c90087b
cfaf975d43693cfc7c2e05305068b0d933748d98
04dff307dc6fdc4da149bad386613e102c1f0e6d2b26974c5666505c7d97ef2e
Analyzer Verdict Alert quad9 Sinkholed
GET /137dd6d87688482eb020c1c774325059.185.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f2795c-24659"
Date: Fri, 06 Jan 2023 14:18:44 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:12:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-28
Content-Length: 149081
66668aaa.com/03f4c91859e345fd8955d5640194ce6e.gif
103.170.15.98200 OK 161 kB URL HTTP/1.1 66668aaa.com/03f4c91859e345fd8955d5640194ce6e.gif
IP 103.170.15.98:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 161 kB (160599 bytes)
Hash 1e6146135f463f9dd5a91b6ec27e6dc6
b4871d778c720ce51a7c0e9fef07230b6ac0935a
ee63a02abc03ac35bb66a8010518568351f9215b346ffdc244f6b8926ff08519
Analyzer Verdict Alert quad9 Sinkholed
GET /03f4c91859e345fd8955d5640194ce6e.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63427f5e-27357"
Date: Thu, 05 Jan 2023 07:08:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 09 Oct 2022 07:59:26 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-28
Content-Length: 160599
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2ff8ac149a804642ea87d6dbe3e9a49d
7a7641109fed5a58235daa427145a3beaa19a2f1
96be42ab07cd681531d95c2649766a383c81f15bc9b6882f30cb6631d7a5e2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96BE42AB07CD681531D95C2649766A383C81F15BC9B6882F30CB6631D7A5E2DE"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9989
Expires: Sat, 07 Jan 2023 04:51:06 GMT
Date: Sat, 07 Jan 2023 02:04:37 GMT
Connection: keep-alive
jx.tongdoumaoyi.com/news/index.php
20.239.85.25200 OK 331 kB URL HTTP/2 jx.tongdoumaoyi.com/news/index.php
IP 20.239.85.25:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 331 kB (331375 bytes)
Hash c28d0c0d4d474c1037dc53febcc18ed8
7cf074a641525bb97dc656ca3f3df679269a6d30
6e1ed708a33759f15f6a4a931172047d3db998f596383fa8703cf0cbd31d8515
GET /news/index.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 07 Jan 2023 02:04:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2
66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
103.170.15.98200 OK 553 kB URL HTTP/1.1 66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
IP 103.170.15.98:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /73f23e1f7ead40baa32cf579a4bb735b.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f27ac4-86f72"
Date: Thu, 05 Jan 2023 07:08:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:18:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-28
Content-Length: 552818
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
13.227.254.5200 OK 400 kB URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 13.227.254.5:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 06 Jan 2023 08:44:01 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 8IX9CfHqe6F50gr7rhkGWIkkjcb67hOsq4sKAsr7XWmw1-1XgTabdg==
age: 78052
X-Firefox-Spdy: h2
3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif
103.170.15.87200 OK 748 kB URL HTTP/1.1 3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif
IP 103.170.15.87:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 748 kB (747714 bytes)
Hash 190c632a93b23820398e76a78dccf39b
f156cddcc3d508f21aabaa1c08391a976f84e172
602526a271c67646875cf62980d7c3c4a16360b747ebc2810908ca274a8ca1ad
Analyzer Verdict Alert quad9 Sinkholed
GET /31bae057f32c4263a5459428dcd9c2c0.gif HTTP/1.1
Host: 3366812ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b288d0-b68c2"
Date: Mon, 02 Jan 2023 12:28:17 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 02 Jan 2023 07:33:36 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 747714
kvezz.com/e953bbb6e97dc9683489c4b681b2deb0.gif
13.227.254.5200 OK 52 kB URL HTTP/2 kvezz.com/e953bbb6e97dc9683489c4b681b2deb0.gif
IP 13.227.254.5:0
File type GIF image data, version 89a, 300 x 150\012- data
Hash 15f013bc483418e6e94193fc49f169fc
c2a73adaf83f727a937dd73a986da8f5be0cb934
50e6a3bfefa0c78e03803c5093ce18527edbd6463ded9b4f704aead1ed627454
GET /e953bbb6e97dc9683489c4b681b2deb0.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 51573
last-modified: Mon, 19 Dec 2022 08:24:15 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 06 Jan 2023 02:50:17 GMT
etag: "15f013bc483418e6e94193fc49f169fc"
x-cache: Hit from cloudfront
via: 1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 41IZi7CntFJNAZ1Sp2DS-kzJweSZXSnq36tXkG2ezQPfjkjcZuiTaQ==
age: 83661
X-Firefox-Spdy: h2
99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif
103.170.15.103200 OK 1.1 MB URL HTTP/1.1 99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif
IP 103.170.15.103:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 980 x 80\012- data
Size 1.1 MB (1066629 bytes)
Hash 709be30700e74aafa715f685cba66b67
1d0ee25014c3d61849625bfc386d6ec370181a7d
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53
Analyzer Verdict Alert quad9 Sinkholed
GET /161f65b0d6174a0a94c6ba6b2e9c589b.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a43809-104685"
Date: Sat, 31 Dec 2022 15:15:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:57:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 1066629
kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif
172.83.155.45200 OK 250 kB URL HTTP/2 kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 250 kB (250112 bytes)
Hash 70726a2c83ff355a82c1438f1f8cd31d
f3f76125f9ba333f1a2f30b633a99baa8df781bd
a2553ce629178b3a4850cd032075da81a2e01313d524caeba5d57c9613f7afff
GET /67a0474849f4ee10ccbe3b0d2cebf337.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:37 GMT
content-type: image/gif
content-length: 250112
last-modified: Sun, 18 Dec 2022 07:33:19 GMT
etag: "639ec23f-3d100"
expires: Sat, 07 Jan 2023 14:04:37 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 43545
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ate7nT8CtBd9W30m57gY4%2F%2FFqffLWzf7LsHYD4fRVGX99AJZ0U1hcKiiVhDhdg%2BCoMKjloAYPB3j2oPMGAZiluys3H9cv5EMvVzCfuRpsjGD%2FxOxQ%2B0CUOoNtP4E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f48617fb5e8444-YVR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kvegg.com/32a5b957e230ebec42250e5a4a1cedde.gif
172.83.155.45200 OK 239 kB URL HTTP/2 kvegg.com/32a5b957e230ebec42250e5a4a1cedde.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 374 x 126\012- data
Size 239 kB (239313 bytes)
Hash 426267138e320e27a4b0cffc72c52b8f
88180e2539bae08f81a3bd95a67e21bb4b0f1b01
f2221414922c9bcc08485aba237fb88b36151583a6953d5a39483f208637b1a2
GET /32a5b957e230ebec42250e5a4a1cedde.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:37 GMT
content-type: image/gif
content-length: 239313
last-modified: Sun, 18 Dec 2022 07:33:00 GMT
etag: "639ec22c-3a6d1"
expires: Sat, 07 Jan 2023 14:04:37 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 167632
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPRsTSKTr9zsuk1yLwpjlNUXdONhaOiPL4zhgoxAPOVJQGM7YFs3yqPvjSAhUfiS4CgoSYEvg2Mpx4MnJhgmN6t4vyRenhoaxMPhY5fO5krV3T7ojH1h2gR0eENS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7815ed606ef261e9-YVR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tnmvgr.cn/oms.1511122.com/1672811127181-960x60.gif
47.246.44.206200 OK 109 kB URL HTTP/1.1 image.tnmvgr.cn/oms.1511122.com/1672811127181-960x60.gif
IP 47.246.44.206:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 109 kB (109246 bytes)
Hash e573c37ce1ba8b57e8dfb8fcd43368c9
f5da3a1479bfd18c820893899b5b478df5d02d3c
d9f97dfc186d336e8a5da72bffc7b70378bf87f68de9af20d59a8b88ff271d53
GET /oms.1511122.com/1672811127181-960x60.gif HTTP/1.1
Host: image.tnmvgr.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 109246
Connection: keep-alive
Date: Sat, 07 Jan 2023 01:10:35 GMT
x-oss-request-id: 63B8C68B5E8AFF32351119C9
Vary: Origin
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E573C37CE1BA8B57E8DFB8FCD43368C9"
Last-Modified: Wed, 04 Jan 2023 05:45:27 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5454499210466108819
x-oss-storage-class: Standard
Content-MD5: 5XPDfOG6i1fo37j81DNoyQ==
x-oss-server-time: 5
Ali-Swift-Global-Savetime: 1673053835
Via: cache4.l2de2[0,0,304-0,H], cache2.l2de2[0,0], cache5.se1[0,0,200-0,H], cache1.se1[2,0]
Age: 3242
X-Cache: HIT TCP_MEM_HIT dirn:11:240111674
X-Swift-SaveTime: Sat, 07 Jan 2023 02:01:13 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9516730570778486911e
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dcea7363308d77e9429fc5365754d11e
af0727048f91568bddb62f1fe213141bc2ca0389
9c419fffbf1e0fcc5cf6d26a2a8250f34bafad0da8c03f2699f73c30e7f0193b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C419FFFBF1E0FCC5CF6D26A2A8250F34BAFAD0DA8C03F2699F73C30E7F0193B"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Sat, 07 Jan 2023 08:04:31 GMT
Date: Sat, 07 Jan 2023 02:04:37 GMT
Connection: keep-alive
zhibo128x.xyz/128/318X216.gif
154.83.25.141200 OK 90 kB URL HTTP/1.1 zhibo128x.xyz/128/318X216.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 318 x 216\012- data
Hash fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d
GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 07 Jan 2023 02:02:44 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Sat, 31 Dec 2022 05:06:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 72450c2e5c85904be505a506ca1ab941
aa21c453d1f16e8cbcf0c92b9b10559894778f3e
c549f3743302d8abdd7ac271f8280085facb7673f78493687b3f5436981b36d3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 11:43:07 GMT
Expires: Thu, 12 Jan 2023 11:43:06 GMT
Etag: "aa21c453d1f16e8cbcf0c92b9b10559894778f3e"
Cache-Control: max-age=466108,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78591fb13da7b503-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bc101dbc6b6119ab0d65be29096efaaf
76510e86f1c30ed52ab05f2ec5dcd2dfa84a87a0
59ce7c6d8d657d16a747cd9aa878b6bbb2c0e40b8633157d8231a912b0b8bba9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 05:34:44 GMT
Expires: Thu, 12 Jan 2023 05:34:43 GMT
Etag: "76510e86f1c30ed52ab05f2ec5dcd2dfa84a87a0"
Cache-Control: max-age=444005,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78591fb14ad7fac0-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 72450c2e5c85904be505a506ca1ab941
aa21c453d1f16e8cbcf0c92b9b10559894778f3e
c549f3743302d8abdd7ac271f8280085facb7673f78493687b3f5436981b36d3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 11:43:07 GMT
Expires: Thu, 12 Jan 2023 11:43:06 GMT
Etag: "aa21c453d1f16e8cbcf0c92b9b10559894778f3e"
Cache-Control: max-age=466108,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78591fb14e2cb52d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c4c81e1bd346e6eb10182ad4c122a3a0
cbfe887d5e4d738fcdf8f7e34d820963655011c0
66f69e246cf786e13633bc4dcdbba03b6d569af37757c3b915fbceba64bd2434
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 16:50:04 GMT
Expires: Thu, 12 Jan 2023 16:50:03 GMT
Etag: "cbfe887d5e4d738fcdf8f7e34d820963655011c0"
Cache-Control: max-age=484525,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78591fb14d5cb505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d3f45ddaeaa2c1044d7b3582e1d11a64
85d43335dcc50cf8fc409230c61c5c8ca39239d9
5d9a421bde9c9a38fd258830a2934b9e1d25b24672ad0529ae3e3e01d63aed76
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 09:14:26 GMT
Expires: Thu, 12 Jan 2023 09:14:25 GMT
Etag: "85d43335dcc50cf8fc409230c61c5c8ca39239d9"
Cache-Control: max-age=457187,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78591fb14dccb518-OSL
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.13200 OK 864 kB URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 06 Jan 2023 15:30:44 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: moNXGC4je5YVbDQzexZOah_aJ_5QglXMrPyzFVXuNcW133Jsy5_sNw==
age: 70923
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c3f39302b08789c901803927879429ba
69d376e3183500a80d809e22200545f6bb663ee3
68a95e0b7db99dc56889c4468f990f2a88cadc810fa76bd57bc8b6a22d77c800
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68A95E0B7DB99DC56889C4468F990F2A88CADC810FA76BD57BC8B6A22D77C800"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7575
Expires: Sat, 07 Jan 2023 04:10:53 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
99887aaa.com/5bcd4bf0b8334404bd4ae2f523a4278a.gif
103.170.15.103200 OK 47 kB URL HTTP/1.1 99887aaa.com/5bcd4bf0b8334404bd4ae2f523a4278a.gif
IP 103.170.15.103:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Hash f7bc8826b4d1fb8058ba712134859f27
3904bda8ed2e2892d338fd0f31a715fafe2d226c
a986f5a6b2fe83b27c3f9bf6cafd6cdadd097eaeb61eb91ea8c782bbd565e259
Analyzer Verdict Alert quad9 Sinkholed
GET /5bcd4bf0b8334404bd4ae2f523a4278a.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a43822-b70e"
Date: Sat, 31 Dec 2022 15:15:24 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:57:38 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 46862
hlggimg.com/1228/960_160.gif
172.247.80.59200 OK 116 kB URL HTTP/2 hlggimg.com/1228/960_160.gif
IP 172.247.80.59:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 116 kB (116355 bytes)
Hash c80d5aea6b3455b84e22681f8795ed74
76e612bdb50784abb7e43e5f56f0955b25c9d7d4
408fc38a7c6120b647a92fab7aab5cfb7b1c035f1ef36accd99456b1456f16da
GET /1228/960_160.gif HTTP/1.1
Host: hlggimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:37 GMT
content-type: image/gif
content-length: 116355
last-modified: Wed, 28 Dec 2022 10:06:25 GMT
etag: "63ac1521-1c683"
expires: Sun, 05 Feb 2023 15:17:07 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b0b15b3e172b8bdbddbb07ca92b8721f
819678937f962bcf1b8202d05aa957f42bb7193c
212fc5f84d3f252631f3e68045eb41deed763432849ea628631359a223a06d34
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 11:33:07 GMT
Expires: Wed, 11 Jan 2023 11:33:06 GMT
Etag: "819678937f962bcf1b8202d05aa957f42bb7193c"
Cache-Control: max-age=379107,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78591fb18dcbb503-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c3f39302b08789c901803927879429ba
69d376e3183500a80d809e22200545f6bb663ee3
68a95e0b7db99dc56889c4468f990f2a88cadc810fa76bd57bc8b6a22d77c800
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68A95E0B7DB99DC56889C4468F990F2A88CADC810FA76BD57BC8B6A22D77C800"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7575
Expires: Sat, 07 Jan 2023 04:10:53 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
kzecc.com/e06a35bc848b301fd5c9802d162bdf30.gif
13.227.254.13200 OK 182 kB URL HTTP/2 kzecc.com/e06a35bc848b301fd5c9802d162bdf30.gif
IP 13.227.254.13:0
File type GIF image data, version 89a, 300 x 150\012- data
Size 182 kB (181696 bytes)
Hash ba9dcd35c39e60e245666e70f85fc335
38630969afd73016363a2f6f41bf36eb947405b2
624d0cce85aeb64c935d38705196c4ea696deaf4f5e1895e8557789b8b01380b
GET /e06a35bc848b301fd5c9802d162bdf30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 181696
last-modified: Mon, 19 Dec 2022 08:54:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 06 Jan 2023 13:59:40 GMT
etag: "ba9dcd35c39e60e245666e70f85fc335"
x-cache: Hit from cloudfront
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: IQ0W4PmD_jbK9waO-KbKsToqTfTqREz8DNc0UXLZCs7kYnW5Hh1LFw==
age: 43498
X-Firefox-Spdy: h2
ocsp.buypass.com/
95.101.11.123200 OK 1.7 kB IP 95.101.11.123:0
ASN #20940 Akamai International B.V.
Hash 1ad5e7db930a4718dbc43e8ffd34af6c
526c16d1f07b440791a778d09d289b1e8c703a80
8535c6654cdc604db34d27ab0fa7a98ba57b9744d1bc07c22b409336dc63dd96
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: e66a7fe7-f534-4242-ab8d-3339b5c8efbe
Content-Length: 1701
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8b2dd817a0de2a608089cea08e996998
04c8c36ff00a2d1ec19ec7b2aff096eec316f86d
ad024510b8039bbec3c0e461db51e8a3d96ca786fcddb025e8c00f3e9af7bbd7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 03:26:08 GMT
Expires: Fri, 13 Jan 2023 03:26:07 GMT
Etag: "04c8c36ff00a2d1ec19ec7b2aff096eec316f86d"
Cache-Control: max-age=522688,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78591fb149c7fab8-OSL
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 5b80ca410de0363925be80cd09e4856d
45c652061919d1e125e1dce9be5bb08a8e639408
5e35919254d93df8b3b13d366696ddb46b4ed6683772fa8ed853b1eee0afb6f2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=851
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
X-N: S
xinchacha2dv.ocsp-certum.com/
95.101.10.107200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 6253b35a90953102edb845743e4a72a6
6ab95edf32fdaaeec3f16d0c347cf24e5d53265c
a80606974705fafab5349ee889d898c2d0c701dd506a040543aeaa83c9b9b0aa
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=865
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
X-N: S
ocsp.buypass.com/
95.101.11.123200 OK 1.7 kB IP 95.101.11.123:0
ASN #20940 Akamai International B.V.
Hash f8582bdb4dfd17d8a0999e1114f4e5c3
6876f717c03b8633d2a231326d3a3b6fb267c338
17994265f06689e4044b4e7b263d5872a1228370c3fae0b35231943302573c9a
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: cfc1ae70-a927-4c1b-84c0-382995f25ff5
Content-Length: 1701
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
ocsp.buypass.com/
95.101.11.123200 OK 1.7 kB IP 95.101.11.123:0
ASN #20940 Akamai International B.V.
Hash f8582bdb4dfd17d8a0999e1114f4e5c3
6876f717c03b8633d2a231326d3a3b6fb267c338
17994265f06689e4044b4e7b263d5872a1228370c3fae0b35231943302573c9a
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 82826299-9c15-42a5-b205-544f6f8c7aaa
Content-Length: 1701
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
ocsp.buypass.com/
95.101.11.123200 OK 1.7 kB IP 95.101.11.123:0
ASN #20940 Akamai International B.V.
Hash f8582bdb4dfd17d8a0999e1114f4e5c3
6876f717c03b8633d2a231326d3a3b6fb267c338
17994265f06689e4044b4e7b263d5872a1228370c3fae0b35231943302573c9a
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 4a59aa00-5641-47c6-ac5f-3ab135ce73f5
Content-Length: 1701
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d8938981dd5081b97b356e3cf7df91ce
b2fadfe1a9414d2bbb5593ab97b48bf77380c5e0
9bac93ef0dab0e5f9dbab37de54ff13fb667906ccb38a6fa8a0e715879a01144
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BAC93EF0DAB0E5F9DBAB37DE54FF13FB667906CCB38A6FA8A0E715879A01144"
Last-Modified: Fri, 06 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18278
Expires: Sat, 07 Jan 2023 07:09:16 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
zhibo128x.xyz/128/960x120.gif
154.83.25.141200 OK 417 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 417 kB (417166 bytes)
Hash 13c9b946edcde7ff1343201a30e2fd46
c58983acbb24dfd174e7e033c3054b9e5036cb7b
8e817dd37cc60ddd6de4dab6f55edf1132b6793ed7d391de2dd9200cd215a926
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 07 Jan 2023 02:02:44 GMT
Content-Type: image/gif
Content-Length: 417166
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 21:11:51 GMT
ETag: "63b5eb97-65d8e"
Expires: Fri, 03 Feb 2023 21:14:05 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d8938981dd5081b97b356e3cf7df91ce
b2fadfe1a9414d2bbb5593ab97b48bf77380c5e0
9bac93ef0dab0e5f9dbab37de54ff13fb667906ccb38a6fa8a0e715879a01144
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BAC93EF0DAB0E5F9DBAB37DE54FF13FB667906CCB38A6FA8A0E715879A01144"
Last-Modified: Fri, 06 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18275
Expires: Sat, 07 Jan 2023 07:09:13 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6adfe345f51f4414c4dd3534bcdea96b
6fa990138e49368eb3043e02d4bf4a3177ec5b0b
b04140c921103759e3a9dcba4537341998c710214a401554858af575c391148c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 07 Jan 2023 02:04:38 GMT
Last-Modified: Fri, 06 Jan 2023 21:25:01 GMT
ETag: "63b891ad-1d7"
Expires: Sun, 08 Jan 2023 21:25:01 GMT
Cache-Control: max-age=156023
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673057078
Via: cache9.l2de2[278,277,200-0,M], cache9.l2de2[279,0], cache3.se1[301,300,200-0,M], cache3.se1[302,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 07 Jan 2023 02:04:38 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716730570780035575e
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b17c660bd13b838703546825c00722bb
53662ce28a0d99afe9c79d2ac4b0f2ad7a2ffcef
586f6d5e89c9fb1dc4f8e16625870572484a69153f3f58ec1cbb1bb8590e80e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "586F6D5E89C9FB1DC4F8E16625870572484A69153F3F58EC1CBB1BB8590E80E2"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13503
Expires: Sat, 07 Jan 2023 05:49:41 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b17c660bd13b838703546825c00722bb
53662ce28a0d99afe9c79d2ac4b0f2ad7a2ffcef
586f6d5e89c9fb1dc4f8e16625870572484a69153f3f58ec1cbb1bb8590e80e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "586F6D5E89C9FB1DC4F8E16625870572484A69153F3F58EC1CBB1BB8590E80E2"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13398
Expires: Sat, 07 Jan 2023 05:47:56 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b17c660bd13b838703546825c00722bb
53662ce28a0d99afe9c79d2ac4b0f2ad7a2ffcef
586f6d5e89c9fb1dc4f8e16625870572484a69153f3f58ec1cbb1bb8590e80e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "586F6D5E89C9FB1DC4F8E16625870572484A69153F3F58EC1CBB1BB8590E80E2"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16249
Expires: Sat, 07 Jan 2023 06:35:27 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 521ca50d200092bf5e8039f9dea7ce16
c621fcc25c021122e29b64e190cd1bafd003b563
54cbec7dbde98b16d6604c4c6192489a4dade8920f64fe379cd6f96adcfa6316
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "54CBEC7DBDE98B16D6604C4C6192489A4DADE8920F64FE379CD6F96ADCFA6316"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16204
Expires: Sat, 07 Jan 2023 06:34:42 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
120.52.95.237200 OK 1.1 MB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
IP 120.52.95.237:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 02:04:36 GMT
Content-Type: image/gif
Content-Length: 1082384
Connection: keep-alive
Server: openresty
Age: 1452285
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "a2513b4510f6797c4cbe4012fc79c64c"
Last-Modified: Wed, 21 Dec 2022 06:06:41 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE49[4],CHN-HElangfang-AREACUCC1-CACHE30[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE54[16],CHN-TJ-GLOBAL1-CACHE30[0,TCP_HIT,13]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFhv2Sr1BDL3xCdwQqA6DE4Gw8YvJHp
x-amz-request-id: 00000185334A8E1F900DAF7A4A1D6950
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
lbfm.lbpictupian.com/upload/vod/2023/01/j1ouxtcsblf.jpg
104.22.12.214200 OK 2.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/j1ouxtcsblf.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f076b7c0ed9c30ca3231147703a508e6
5b5688814aa2b5a7a21c35a1bbcea6f38c6c461e
0d34961a91e0817c59f2a66273048bf2c17b5553995f0c6c82d8924b34b6f7ca
GET /upload/vod/2023/01/j1ouxtcsblf.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/webp
content-length: 2920
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5141
content-disposition: inline; filename="j1ouxtcsblf.webp"
etag: "63b698c7-1415"
last-modified: Thu, 05 Jan 2023 09:30:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78591fb40f62b4ed-OSL
X-Firefox-Spdy: h2
s2.loli.net/2022/12/18/5Z19HedNFCSBiQP.gif
104.26.0.190200 OK 373 kB URL HTTP/2 s2.loli.net/2022/12/18/5Z19HedNFCSBiQP.gif
IP 104.26.0.190:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 373 kB (372996 bytes)
Hash 8c9ac15f0b50d53ccbffec36af3a9607
11ff6593819530ecef60355648530649c41359f9
38c6fa07b3f8bc3b22124dc98fee75989e520816532202ba426bd204a8b242bb
GET /2022/12/18/5Z19HedNFCSBiQP.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:37 GMT
content-type: image/gif
content-length: 372996
last-modified: Sun, 18 Dec 2022 09:59:37 GMT
etag: "639ee489-5b104"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kgj41JdRTQ6yhthBBtmuO2UeUTblOson3rFqsDvK%2Bq4Nh49IGD6w5uEg0YMCUwp1ryS%2Fwb3XQzC3aTJJr6HYN%2BN1ETKGhP3cCNNhK09TSmzJg8auM3p2QAv6Zkbo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78591fab8c21fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ughmczaw1nv.jpg
104.22.12.214200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ughmczaw1nv.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9d7a6141a512235303e05be8bd9204e
b345439926190fc0e264b6bb419ee11cb011f918
806d8216e1bb6b0f98c742ca7a0c2d2470d7521b26c27c9c22445e32a9ecc04d
GET /upload/vod/2023/01/ughmczaw1nv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/webp
content-length: 6260
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7222
content-disposition: inline; filename="ughmczaw1nv.webp"
etag: "63b698d0-1c36"
last-modified: Thu, 05 Jan 2023 09:30:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3827
accept-ranges: bytes
server: cloudflare
cf-ray: 78591fb40f64b4ed-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/xuuictby3lo.jpg
104.22.12.214200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/xuuictby3lo.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c3f5f3133f8ab065a49b51b22701d753
1cf13203d5103d4ccc6a526cc8ced5f27015d942
6fb32c2ec8a8001569086f8bce8cc71dae871ecc6e2f98bd6d1d022cca988b91
GET /upload/vod/2023/01/xuuictby3lo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/webp
content-length: 7976
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9061
content-disposition: inline; filename="xuuictby3lo.webp"
etag: "63b698b2-2365"
last-modified: Thu, 05 Jan 2023 09:30:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78591fb40f5db4ed-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/vjtgzx2rzve.jpg
104.22.12.214200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/vjtgzx2rzve.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f0fd5adc65a225cf6d02ce25f288fea
c72ac0e8c6b42590b1a80f03aa6c83da6f41a1b8
b30a37e132194c6f064a563a648e1064b3ed8aba380068ffc6f0c0f98453c835
GET /upload/vod/2023/01/vjtgzx2rzve.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/webp
content-length: 8566
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10168
content-disposition: inline; filename="vjtgzx2rzve.webp"
etag: "63b698ba-27b8"
last-modified: Thu, 05 Jan 2023 09:30:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78591fb40f5fb4ed-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b17c660bd13b838703546825c00722bb
53662ce28a0d99afe9c79d2ac4b0f2ad7a2ffcef
586f6d5e89c9fb1dc4f8e16625870572484a69153f3f58ec1cbb1bb8590e80e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "586F6D5E89C9FB1DC4F8E16625870572484A69153F3F58EC1CBB1BB8590E80E2"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4464
Expires: Sat, 07 Jan 2023 03:19:02 GMT
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/01/3xdhbzq2xz4.jpg
104.22.12.214200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/3xdhbzq2xz4.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccb39cce500716ca5131b937008b3c75
d5bfbff335f5d3b075b2668d89e07c645ffc2d98
a4be5fdfc069af093a31034b62e386ec967c65683dccfed582248a90b26db459
GET /upload/vod/2023/01/3xdhbzq2xz4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/webp
content-length: 8026
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9492
content-disposition: inline; filename="3xdhbzq2xz4.webp"
etag: "63b698b5-2514"
last-modified: Thu, 05 Jan 2023 09:30:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78591fb40f5eb4ed-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/xfygcvk5d0w.jpg
104.22.12.214200 OK 2.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/xfygcvk5d0w.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d399bebde18f0e1be9331f46725ea9c7
99ca6c2300b9db583bc92ef43b3b94ede695b0b7
f522e0af89c313626466c1de3f856447d787125cf77e88b43cf4b4ee089c48dd
GET /upload/vod/2023/01/xfygcvk5d0w.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/webp
content-length: 2300
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=4939
content-disposition: inline; filename="xfygcvk5d0w.webp"
etag: "63b698c3-134b"
last-modified: Thu, 05 Jan 2023 09:30:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78591fb40f61b4ed-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/1urivqoqvvt.jpg
104.22.12.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/1urivqoqvvt.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14a947d3810b3629dd027891c8cbfe6e
e51f56f5dc3c284d3eeac8631a2dec7ff39ed79c
0a4ff40a7bc77ccf79393d2724e47196203355e81dc7e9ccb9fc362d365513f2
GET /upload/vod/2023/01/1urivqoqvvt.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/webp
content-length: 11064
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11839
content-disposition: inline; filename="1urivqoqvvt.webp"
etag: "63b698d6-2e3f"
last-modified: Thu, 05 Jan 2023 09:31:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3827
accept-ranges: bytes
server: cloudflare
cf-ray: 78591fb40f66b4ed-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/haxucuizveg.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/haxucuizveg.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c44fa67d7b4148e1ba1c8b9388e801aa
c9537ac870da83c77837b7605a8d2be4facd94cb
8315c36056466e29bebbd7fdc7e83b4aa53caa74a143b97673eedad2d54d6519
GET /upload/vod/2023/01/haxucuizveg.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/jpeg
content-length: 10064
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10654, status=webp_bigger
etag: "63b698cc-299e"
last-modified: Thu, 05 Jan 2023 09:30:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78591fb40f63b4ed-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/54241wxqd1j.jpg
104.22.12.214200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/54241wxqd1j.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 7fc86138fbae2ac96a639bfd5aae8b60
6b21f850d2ba95d85784bbe962058ab1efdd79da
2de9af6327c5c16066aeed66ef9d75e021e421fe9e3276e4498c97e7a87fe492
GET /upload/vod/2023/01/54241wxqd1j.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/jpeg
content-length: 9078
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9551, status=webp_bigger
etag: "63b698be-254f"
last-modified: Thu, 05 Jan 2023 09:30:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78591fb40f60b4ed-OSL
X-Firefox-Spdy: h2
ocsp.buypass.com/
95.101.11.123200 OK 1.7 kB IP 95.101.11.123:0
ASN #20940 Akamai International B.V.
Hash af9a17add2be50fb31246417083e3d17
c04f1a7270a6f9c310e6fba42472cdd952b18bd6
3dd3a238d36e5f92321b231bd6c5743dc3e7906d387210ab65be2965b0f0f8f3
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 107b3ab4-fbba-480a-ba6f-b5065a395039
Content-Length: 1701
Date: Sat, 07 Jan 2023 02:04:38 GMT
Connection: keep-alive
66669aaa.com/2d7b4166a63c4e48bb523d07d45069fb.gif
103.170.15.83200 OK 0 B URL HTTP/1.1 66669aaa.com/2d7b4166a63c4e48bb523d07d45069fb.gif
IP 103.170.15.83:0
ASN #7483 Skycloud Computing co., Ltd.
Analyzer Verdict Alert quad9 Sinkholed
GET /2d7b4166a63c4e48bb523d07d45069fb.gif HTTP/1.1
Host: 66669aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6399cb60-3e19b"
Date: Tue, 27 Dec 2022 12:59:22 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 14 Dec 2022 13:10:56 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-13
Content-Length: 254363
img.9376x.com/images/6399c27b56eec67c33ea8921.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.9376x.com/images/6399c27b56eec67c33ea8921.gif
IP 38.54.81.125:0
GET /images/6399c27b56eec67c33ea8921.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
X-Firefox-Spdy: h2
help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif
49.51.190.27200 OK 0 B URL HTTP/1.1 help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif
IP 49.51.190.27:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /datas/feedback/20221217/639d86e9b6b6d.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty
date: Sat, 07 Jan 2023 02:04:37 GMT
content-type: image/gif
content-length: 166673
last-modified: Sat, 17 Dec 2022 09:07:53 GMT
etag: "639d86e9-28b11"
expires: Sun, 22 Jan 2023 02:04:37 GMT
cache-control: max-age=1296000
accept-ranges: bytes
www.jxys16.xyz/template/m1938pc/static/css/mm-content.css
173.231.38.6200 OK 0 B URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/css/mm-content.css
IP 173.231.38.6:0
GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:34 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Sat, 07 Jan 2023 14:04:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
3p8801.co/11-960x60.gif
107.148.202.17200 OK 0 B IP 107.148.202.17:0
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Mon, 06 Feb 2023 02:04:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
jx.tongdoumaoyi.com/news/data.php
20.239.85.25200 OK 0 B URL HTTP/2 jx.tongdoumaoyi.com/news/data.php
IP 20.239.85.25:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /news/data.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 07 Jan 2023 02:04:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2
kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
172.83.155.45200 OK 0 B URL HTTP/2 kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sat, 07 Jan 2023 14:04:38 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1420381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwipRCov4sczHTcdIWkv%2FaUrYkMXIXYgzLjnYGeXGYrNTWiFyZ4kN%2FbAl29k5zhUJwdz4MPvR6gOiEVX0jKqomGgljR2%2BFim4H7cs%2FsgE0OBbp%2BdOSiFv8UW13GA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f29af56ca4c5f5-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys16.xyz/template/m1938pc/static/css/bootstrap.min.css
173.231.38.6200 OK 0 B URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/css/bootstrap.min.css
IP 173.231.38.6:0
GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:34 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Sat, 07 Jan 2023 14:04:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
jx.tongdoumaoyi.com/news/list.php
20.239.85.25200 OK 0 B URL HTTP/2 jx.tongdoumaoyi.com/news/list.php
IP 20.239.85.25:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /news/list.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 07 Jan 2023 02:04:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2
img.9367x.com/images/6399c32956eec67c33ea8925.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.9367x.com/images/6399c32956eec67c33ea8925.gif
IP 38.54.81.125:0
GET /images/6399c32956eec67c33ea8925.gif HTTP/1.1
Host: img.9367x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
X-Firefox-Spdy: h2
help.ifeng.com/datas/feedback/20221230/63aeea646e4a1.gif
49.51.190.27200 OK 0 B URL HTTP/1.1 help.ifeng.com/datas/feedback/20221230/63aeea646e4a1.gif
IP 49.51.190.27:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /datas/feedback/20221230/63aeea646e4a1.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty
date: Sat, 07 Jan 2023 02:04:37 GMT
content-type: image/gif
content-length: 115583
last-modified: Fri, 30 Dec 2022 13:40:52 GMT
etag: "63aeea64-1c37f"
expires: Sun, 22 Jan 2023 02:04:37 GMT
cache-control: max-age=1296000
accept-ranges: bytes
static.qwahk.com/960x100.gif
210.65.162.54200 OK 0 B URL HTTP/1.1 static.qwahk.com/960x100.gif
IP 210.65.162.54:0
ASN #3462 Data Communication Business Group
GET /960x100.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 763448
Content-Type: image/gif;charset=UTF-8
Date: Tue, 20 Dec 2022 17:36:54 GMT
ETag: "1673055017"
Last-Modified: Sat, 07 Jan 2023 01:30:17 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PStwtbTPE1rg71:3 (W)
X-Cache: HIT, server, memory
X-Px: ms PStwtbTPE1rg71TPE(origin)
X-Reqid: 201921416722818020221221013654ypkm0zzIsampled
X-Ws-Request-Id: 63a1f2b6_PStwtbTPE1rg71_19026-8036
www.jxys16.xyz/template/m1938pc/static/css/style.css
173.231.38.6200 OK 0 B URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/css/style.css
IP 173.231.38.6:0
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:34 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Sat, 07 Jan 2023 14:04:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js
173.231.38.6200 OK 0 B URL HTTP/2 www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js
IP 173.231.38.6:0
GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:34 GMT
content-type: application/javascript
last-modified: Mon, 02 Jan 2023 08:55:15 GMT
vary: Accept-Encoding
etag: W/"63b29bf3-6ee"
expires: Sat, 07 Jan 2023 14:04:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/gqbogicyhif.jpg
104.22.12.214200 OK 0 B URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/gqbogicyhif.jpg
IP 104.22.12.214:0
GET /upload/vod/2023/01/gqbogicyhif.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 02:04:38 GMT
content-type: image/webp
content-length: 7234
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8411
content-disposition: inline; filename="gqbogicyhif.webp"
etag: "63b698da-20db"
last-modified: Thu, 05 Jan 2023 09:31:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3827
accept-ranges: bytes
server: cloudflare
cf-ray: 78591fb40f67b4ed-OSL
X-Firefox-Spdy: h2
99885aaa.com/2571b5232e904522b532216679441c82.gif
103.170.15.73200 OK 0 B URL HTTP/1.1 99885aaa.com/2571b5232e904522b532216679441c82.gif
IP 103.170.15.73:0
ASN #7483 Skycloud Computing co., Ltd.
GET /2571b5232e904522b532216679441c82.gif HTTP/1.1
Host: 99885aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a44177-88c8b"
Date: Fri, 23 Dec 2022 04:58:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 11:37:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-03
Content-Length: 560267
www.jxys16.xyz/template/m1938pc/static/css/swiper.min.css
173.231.38.6200 OK 0 B URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/css/swiper.min.css
IP 173.231.38.6:0
GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 02:04:34 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Sat, 07 Jan 2023 14:04:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2