Report - nils-holgerson.com/

Report Overview

Submitted URL
nils-holgerson.com/
IP
172.121.89.17
ASN
#18779 EGIHOSTING
Submitted
2022-11-29 04:05:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img.1129555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	182 B	185.239.226.23
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	292 B	750 B	112.34.113.148
ob699.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	262 B	20 kB	45.153.131.58
339282bdb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	666 kB	45.61.212.118
nvhbbb.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	1.6 MB	104.21.55.74
539397377.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	462 B	47.75.19.145
8499225.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	255 B	162.209.128.164
img.9712x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	11 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
www.jxys16.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	452 kB	173.231.38.5
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	8.5 kB	104.18.32.68
www.yssydh.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	48 kB	104.21.23.48
img.9197x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
max002.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	367 kB	104.21.233.254
imagedelivery.net	255311	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	878 B	334 kB	104.18.2.36
u1022.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	383 kB	103.170.15.60
si1.go2yd.com	325918	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	421 kB	163.171.140.79
zhibo128x.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	768 B	738 kB	154.83.25.141
kvhxxx.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	1.2 MB	104.21.235.31
fmlb.netlbtu.com	187701	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	29 kB	172.247.77.90
img.9623x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	23.36.76.226
kvemm.com	222018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	45.154.214.206
p3.douyinpic.com	23536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	2.7 MB	47.246.44.226
362728tdg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	423 kB	103.170.15.90
sszhan.oss-cn-shenzhen.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	615 kB	120.77.166.119
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	555 B	47.56.33.49
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.1 kB	14 kB	104.18.32.68
ocsp.digicert.cn	37572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.2 kB	47.246.44.205
acoozzh.top	439448	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	740 kB	172.67.189.203
dimg04.c-ctrip.com	139731	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	151 kB	104.110.17.24
3p8801.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	330 kB	107.148.202.17
i.ibb.co	13485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	1.2 kB	162.19.58.160
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	5.6 kB	23.36.79.10
img.2559u.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
nils-holgerson.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	203 B	172.121.89.17
223969ufy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	359 kB	103.170.15.95
taiwtp1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	345 B	220.128.218.220
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.4 kB	20 kB	23.36.76.226
www.nils-holgerson.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.0 kB	172.121.89.17
sz88.oss-cn-shenzhen.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	113 kB	120.77.166.72
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	3.8 kB	104.18.20.226
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	9.6 kB	104.18.20.226
6937555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	264 B	426 kB	104.149.145.170
kvhiii.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	502 kB	104.21.234.203
img.9219x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.236.46
p.qlogo.cn	48578	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	917 B	892 B	43.129.255.47
www.jxys88.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	66 kB	173.231.12.68
5593qq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	748 kB	103.170.15.115
kvezz.com	237784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	423 B	64.32.13.142
api.79zxcv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	6.4 kB	18.141.190.97
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	1.4 kB	142.250.74.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
kveff.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	422 B	64.32.13.142
img.2557u.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.23
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	37 kB	103.235.46.191
200.benbenys.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	303 B	58 kB	23.224.61.222
sysupload.csiteadmin.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.7 kB	3.5 MB	52.184.85.118
628536nyv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	670 kB	103.170.15.105
yzf.qq.com	627844	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	926 B	452 B	113.96.208.98
n0566.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	39 kB	20.222.119.28
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
kvevv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	45.150.164.88
ocsp.buypass.com	157566	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	8.7 kB	23.36.76.129
kvkhhh.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	865 kB	104.21.57.36
pic.picnewsss.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	27 kB	23.225.139.251
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	114 B	182.61.240.101
kzecc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	422 B	45.154.215.92
lbfm.lbpictupian.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	229 kB	104.22.12.214
tt.1468tu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	166 kB	43.153.174.204
592773xgg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	581 kB	103.170.15.95
kvmaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	170.178.176.170
5199qq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	177 kB	45.61.212.47
585227ybn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	283 B	103.170.15.105
static.qwahk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	477 B	154.39.104.60

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	223969ufy.com	Sinkholed
2022-11-29	medium	339282bdb.com	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	339282bdb.com	Sinkholed
2022-11-29	medium	79zxcv.com	Sinkholed
2022-11-29	medium	79zxcv.com	Sinkholed
2022-11-29	medium	362728tdg.com	Sinkholed
2022-11-29	medium	79zxcv.com	Sinkholed
2022-11-29	medium	628536nyv.com	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	585227ybn.com	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed
2022-11-29	medium	jxys16.xyz	Sinkholed

JavaScript (17)

	URL	Size	First Seen	Last Seen
	www.nils-holgerson.com/index.php	404 B	2023-03-07	2024-04-26
Pretty URL www.nils-holgerson.com/index.php IP 172.121.89.17 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 05:42:02 Times Seen2979 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.nils-holgerson.com/common.js	1.5 kB	2023-03-07	2023-03-17
Pretty URL www.nils-holgerson.com/common.js IP 172.121.89.17 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:14 Last Seen2023-03-17 10:41:04 Times Seen1 Hash 2d67599d1e21388fb35a4f6ae7c75a34 d659e4906bd306b2056c78675375c10c520f0435 4f619b09ee009853db7003ec09d8562208b4fd9a643d4706084159df5804b84d Loading...

	hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:13:51 Last Seen2023-03-11 22:13:51 Times Seen1 Hash f30bfe72f2449fac58259df9fb1389c5 a9513200f226faa553236e61ea35cab3f1e64794 85ef1d1c278dd7475220f4c548ec3ad3c4018744498cc2952266b52996b26dfb Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-26
Pretty URL push.zhanzhang.baidu.com/push.js IP 112.34.113.148 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 05:42:04 Times Seen19006 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	www.jxys16.xyz/	254 B	2023-03-07	2023-07-10
Pretty URL www.jxys16.xyz/ IP 173.231.38.5 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-07-10 02:29:30 Times Seen148 Hash 2b060c01c124335c89db809e88d801f5 4226dea14013c0d2b6a391cebcfafc02e00d9305 46b48e8582d3035db685d90fd6ef29a676ae4f59721521c4025568c81fc43621 Loading...

	hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:13:51 Last Seen2023-03-11 22:13:51 Times Seen1 Hash 7df1ba94eb7bae91bbee633760bfcbf2 edba927099a4212a32c60ce63356b003606e62b2 5d242b616cb2281ca54c2273d77ebaa4fd48c91dfa9a164105784fc58c8e1a99 Loading...

	www.nils-holgerson.com/tj.js	520 B	2023-03-07	2023-03-17
Pretty URL www.nils-holgerson.com/tj.js IP 172.121.89.17 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-03-17 09:44:57 Times Seen1 Hash c641843bbee2dbe645c9de13d8f953ed 1a93b5d7b8540d5acbaae9c8bc00c16926a23588 4604c89ab81e21b0a8e7e762b60c0190dd44643056504ae5c28ebd2b4e739ed7 Loading...

	www.jxys88.net/news/index.php	166 B	2023-03-07	2023-04-05
Pretty URL www.jxys88.net/news/index.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-04-05 02:05:15 Times Seen271 Hash 148c395b30fc62c19c4e96a387ce5080 aaad892b0553b427438079c39c45c04a4bd26683 3abae3dd940fa31948ccf4348d0b3dd0528808c33a99915e9ea06c6c9faf097c Loading...

	hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:13:51 Last Seen2023-03-11 22:13:51 Times Seen1 Hash a081211a387b157d300be475737796ec b315164f1e8c2f2c1c5f851061598cfc60ba7fbc 6e93160694598cbdfb854bc6f586b1f5faef8b8d60084a2c168121c75a5f337a Loading...

	www.jxys88.net/news/data.php	469 B	2023-03-08	2023-03-11
Pretty URL www.jxys88.net/news/data.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 7f56be0ca5a97f81ac641229e5c24b4c 692a4379baa5daf6b4e173fb012a87641bde14d1 032baef139f9557423b7d7536a112f7bfb6b12b1a17210dec23ed069d5f2d005 Loading...

	www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js	1.3 kB	2023-03-11	2023-03-11
Pretty URL www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js IP 173.231.38.5 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:47:04 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 50d197db81ae1c50a03a76a7fefdcbff e82140142939f85261b7ce48f05ecbd91d36ae1e 7b737973f693b23e00cc94582d29ff06a056421a9883865b62dde20a34b733e5 Loading...

	api.79zxcv.com/sh/317.js	463 B	2023-03-08	2023-03-11
Pretty URL api.79zxcv.com/sh/317.js IP 18.141.190.97 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:05 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 4ada6e293a75c07ce69d0e9aa7cabe73 a17400b9941f0fa71105caac6ce7e18eea16b7c9 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 12a91f1f4b46ee9b7bbddd6c20c00869	474 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:17:15 Last Seen2023-03-17 09:44:58 Times Seen1 Hash 12a91f1f4b46ee9b7bbddd6c20c00869 991f05d59bdd8de225e0f26fe8d5a5980d902b02 9535900244363e49fe3037b56b5794492da85e58a5af5a6e45074409015ac946 Loading...

		Size	First Seen	Last Seen
	#1 Write - e146e7a387312f43c903aac4ca7b4738	455 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:17:15 Last Seen2023-03-17 09:44:58 Times Seen1 Hash e146e7a387312f43c903aac4ca7b4738 cb37d62d1f4ea06090b09edebb4e4ef3ba380116 64e30e5b66ab752a8b3e31c0a921933b63a84c10d17af1ce6011c1d502462672 Loading...

	#2 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-25 20:37:27 Times Seen3762 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#3 Write - 9e58bc71ba979d178641dc7a36580d52	328 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 9e58bc71ba979d178641dc7a36580d52 1e38142c09934e54bb33e6bdc2eda1a28da6c7c7 380ed21bcde40c675ea4aa1b4208659bcfec7172b3b42ba8c71961b354c91c28 Loading...

	#4 Write - c11358efdc00df229107889ddf732785	351 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 10:06:29 Last Seen2023-03-11 22:51:19 Times Seen1 Hash c11358efdc00df229107889ddf732785 ccabccf8ce36e492ade01bdf53571773c24a82dc bc6eefa90005a569493948d8ae97575bf163beae520323be99102d7d8fb217a1 Loading...

HTTP Transactions (247)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Tue, 29 Nov 2022 05:52:03 GMT
Date: Tue, 29 Nov 2022 04:05:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4108
Expires: Tue, 29 Nov 2022 05:14:05 GMT
Date: Tue, 29 Nov 2022 04:05:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6568
Cache-Control: max-age=116112
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:37 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:20:49 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: v7Wq+KlF0cJ8sPlgPupBf7N4Cc5lGS/ILGsiN7bxYZ9VDU9iLgHCKKEZh3Lfd0aIZCOuMKyO1a6+nyN/3xb94w==
x-amz-request-id: KXXE7W40NBKFTSCV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 03:45:17 GMT
age: 1220
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 03:19:35 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2762
alt-svc: clear
X-Firefox-Spdy: h2

nils-holgerson.com/

172.121.89.17

301 Moved Permanently

0 B

URL HTTP/1.1
nils-holgerson.com/
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 29 Nov 2022 04:05:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.nils-holgerson.com/index.php

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 03:08:56 GMT
cache-control: public,max-age=3600
age: 3402
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5060
Cache-Control: max-age=109537
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:38 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:31:15 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.nils-holgerson.com/index.php

172.121.89.17

200 OK

785 B

URL HTTP/1.1
www.nils-holgerson.com/index.php
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
785 B (785 bytes)
Hash
449979d226b4709e707902a1275adecd
bc5083da744f7892a81e1a630855e6250b5f3959
235f81865fe0e97383deb1b88df3ba218d51bfc6cedb0ecbf0ad24f7029f1c0c

HTTP Headers

GET /index.php HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:05:37 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive

push.services.mozilla.com/

34.214.236.46

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.236.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zf1xzy8UIeS4S3AFbnBWPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pFKbY2w+XH5qKTehVsqyuMhsoXE=

www.nils-holgerson.com/tj.js

172.121.89.17

200 OK

520 B

URL HTTP/1.1
www.nils-holgerson.com/tj.js
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
c641843bbee2dbe645c9de13d8f953ed
1a93b5d7b8540d5acbaae9c8bc00c16926a23588
4604c89ab81e21b0a8e7e762b60c0190dd44643056504ae5c28ebd2b4e739ed7

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:05:37 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

www.nils-holgerson.com/common.js

172.121.89.17

200 OK

738 B

URL HTTP/1.1
www.nils-holgerson.com/common.js
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
738 B (738 bytes)
Hash
70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6

HTTP Headers

GET /common.js HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:05:38 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.nils-holgerson.com/favicon.ico

172.121.89.17

200 OK

1.2 kB

URL HTTP/1.1
www.nils-holgerson.com/favicon.ico
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:05:38 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 04 Dec 2022 04:05:38 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
939b39d5a9102979f7bbe5f4b313bf6e
3f809386331164701f9a721ea95a92efe446b1eb
d80fa2c6b1557f7b0f5248b22f446ded80574518a0c28ddaf3a2d5318e37c652

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D80FA2C6B1557F7B0F5248B22F446DED80574518A0C28DDAF3A2D5318E37C652"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Tue, 29 Nov 2022 10:05:12 GMT
Date: Tue, 29 Nov 2022 04:05:39 GMT
Connection: keep-alive

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
c60e4318a49ff8976f2f06944b2a81de
c450389711c5206d2afa7a2760d18f9658f6a36c
99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 03 Dec 2022 00:30:27 GMT
ETag: "c450389711c5206d2afa7a2760d18f9658f6a36c"
Last-Modified: Tue, 29 Nov 2022 00:30:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1202
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718775b49c81c0a-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
c60e4318a49ff8976f2f06944b2a81de
c450389711c5206d2afa7a2760d18f9658f6a36c
99bcda1da3bb5added3a2d01acb8cc20c754ce86607bb3a6efe7f0722b6ac10f

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 03 Dec 2022 00:30:27 GMT
ETag: "c450389711c5206d2afa7a2760d18f9658f6a36c"
Last-Modified: Tue, 29 Nov 2022 00:30:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1202
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718775b59cd1c0a-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4651
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:05:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4651
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:05:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4651
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:05:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4651
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:05:40 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5049b423-1bbd-4caa-891e-b46234fc1a6a.jpeg

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5049b423-1bbd-4caa-891e-b46234fc1a6a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14856 bytes)
Hash
df665be3ae1347cb9bb1443a6a1a33e6
e0617845684a8f7586b37e8be8976bbe6a93563e
15155df8643daa0408633922e15691a3b00b393ee433e1162cf031024e84d0a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5049b423-1bbd-4caa-891e-b46234fc1a6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: 22ec3d7a-91f5-4b67-9621-a93b1e5d09e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYejFKxoAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-34ffa40356825a715a7eb5cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dVt3gUrJDvRWXxbs32sGuoyZI0Qo3-Dlut29Sref8Qjy2NXrJkhvNg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:34:53 GMT
age: 1847
etag: "e0617845684a8f7586b37e8be8976bbe6a93563e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 22003
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3004 bytes)
Hash
22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rb-NFzuOBQEOMHfs7L68ZBeBH_JMqKYfJhxWs4eNYq35L8duYylQdg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:07:34 GMT
age: 7086
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10445 bytes)
Hash
c76e3c4cc159bda9b9e887fcd449ba51
12d90c36bd455b3b859fdb761b6ed49ea9f98f80
fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10445
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvuDGHaIAMFn_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:02:53 GMT
age: 50567
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 3863
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 73532
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (616)
Size
11 kB (11254 bytes)
Hash
7c479d65643e438564773e9191ab525a
c743db581dd95fd4d750efa6fd90b13df89201f7
dedac9deceec5d977c41f2f3d3e41967e1c30b26af9d70471133ce6c1683d4e5

HTTP Headers

GET /hm.js?fec0eaa8fc52795617f18f518d42aaab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 04:05:40 GMT
Etag: dbd0d637d4245ebcb14fdc4b5b4e40ec
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=802786CCF1F3F892; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
1c9d0ae4878529ae5829b42c71389224
9a5cdca3198ed7d1389db73ad92c8e1fc75d5e1c
5ddbc6ac2eb7e2eb0d93c62921e82210ef53b1d2c5a912b8de69a57f39a7115c

HTTP Headers

GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 04:05:40 GMT
Etag: 1681464ed6e6c240fc2c77a9e39eab08
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8AA2654D8FAE1B27; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

push.zhanzhang.baidu.com/push.js

112.34.113.148

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
112.34.113.148:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 29 Nov 2022 04:05:41 GMT
Etag: "4078521116"
Expires: Wed, 29 Nov 2023 04:05:41 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F55F40F4A912719F3F8C761249FCFA68:FG=1; max-age=31536000; expires=Wed, 29-Nov-23 04:05:41 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=372047443&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=59545&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=372047443&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=59545&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=372047443&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=59545&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 04:05:41 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A8CA89E4583F1777; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1751672479&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=59545&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1751672479&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=59545&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1751672479&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=59545&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 04:05:41 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6306DE8221253103; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.jxys88.net/news/data.php

173.231.12.68

200 OK

712 B

URL HTTP/2
www.jxys88.net/news/data.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
712 B (712 bytes)
Hash
5717ae9af07624d360ff0b9ed8ec5fa6
e89aa309df4566192872c1d7ee4d915b3f722d4d
723cb142e7399e95c0c0e5c1a1bb3d0bab41c4490111912958deb8219028632c

HTTP Headers

GET /news/data.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/html9/ads/1.gif

173.231.38.5

200 OK

254 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/html9/ads/1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Thu, 29 Dec 2022 04:05:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/html9/ads/ob1.gif

173.231.38.5

200 OK

193 kB

URL HTTP/2
www.jxys16.xyz/template/m1938pc/html9/ads/ob1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 960 x 90\012- data
Size
193 kB (193193 bytes)
Hash
a0f25aca4ee2af38f3d3f5cbfde1bdf8
252b04cdfaa6918b897fc8ef8ae759469ca831eb
89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: image/gif
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Thu, 29 Dec 2022 04:05:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/static/images/pic.png

173.231.38.5

200 OK

90 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/images/pic.png
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
HTML document, ASCII text
Size
90 B (90 bytes)
Hash
5341dd3aa19c0eb3bc809f9150e3e833
7beaba24a698410e4ffc93357d82c6f683cbaba1
f4ea9875d59d8391034d2c230808d5812fd183e2c83751288cea542747f5ef53

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/images/pic.png HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: image/png
content-length: 90
last-modified: Fri, 14 Jan 2022 04:46:48 GMT
etag: "61e10038-5a"
expires: Thu, 29 Dec 2022 04:05:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff

173.231.38.5

200 OK

13 kB

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size
13 kB (13408 bytes)
Hash
99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys16.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

api.share.baidu.com/s.gif?l=http://www.nils-holgerson.com/index.php

182.61.240.101

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.nils-holgerson.com/index.php
IP
182.61.240.101:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.nils-holgerson.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 29 Nov 2022 04:05:42 GMT

hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
e702f9692327f7ac7e6d1a07c9213f40
f2afad5e4d820835ffe66b8feed186d48f79de2e
1552c652f8d8866145d658146dfaaa85ebb5e3643b65c6dd2a738a5323a37768

HTTP Headers

GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 04:05:42 GMT
Etag: bb8e8f74560dafe53217534ceb5e2abe
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=68131265B7AB7089; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
34ebb4233594cd8491eeacc5fa7314ec
1a720e00c78b016f1046a2e62610078af600efe2
976170bbfc62ba9a86f6ed104b8cc175fdf38a38d730d631e2bb1917c152cdab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5632
Cache-Control: max-age=164849
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:43 GMT
Etag: "63855008-118"
Expires: Thu, 01 Dec 2022 01:53:12 GMT
Last-Modified: Tue, 29 Nov 2022 00:19:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
34ebb4233594cd8491eeacc5fa7314ec
1a720e00c78b016f1046a2e62610078af600efe2
976170bbfc62ba9a86f6ed104b8cc175fdf38a38d730d631e2bb1917c152cdab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5632
Cache-Control: max-age=164849
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:43 GMT
Etag: "63855008-118"
Expires: Thu, 01 Dec 2022 01:53:12 GMT
Last-Modified: Tue, 29 Nov 2022 00:19:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public

104.18.2.36

200 OK

24 kB

URL HTTP/2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
IP
104.18.2.36:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
24 kB (24176 bytes)
Hash
2ca0538b0b77324a38cf2b74f16cb6fe
0ef6374accaaedf856fe2532b8001519894e7fbf
2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4

HTTP Headers

GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:43 GMT
content-type: image/webp
content-length: 24176
cf-ray: 771877722ef7b500-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfECSi5uQ1bVzCSelFGwcyrA"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=855 c=1+45 v=2022.10.4 l=24176
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public

104.18.2.36

200 OK

309 kB

URL HTTP/2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
IP
104.18.2.36:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
309 kB (308789 bytes)
Hash
799d622d8489838225bdf632d1ae4095
4f6c51fcc2b138919eaffddb4e0552eccd639540
ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8

HTTP Headers

GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:43 GMT
content-type: image/gif
content-length: 308789
cf-ray: 771877723efdb500-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf7jj0DExcr4Eulp_4fW43VFQZ8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
cf-images: internal=ok/- q=0 n=515 c=29+582 v=2022.11.4 l=308789
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
warning: cf-images 299 "original is 182253B smaller"
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tt.1468tu.com/58tu/405x204.gif

43.153.174.204

301 Moved Permanently

166 B

URL HTTP/1.1
tt.1468tu.com/58tu/405x204.gif
IP
43.153.174.204:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /58tu/405x204.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 04:05:43 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://tt.1468tu.com:1382/58tu/405x204.gif
Server: X-Y

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2141015825&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=59547&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2141015825&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=59547&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2141015825&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=59547&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 04:05:43 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=43B2C0E014EDB32F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2b8d04d2e508d34f9ad71e4a7d0f7804
91c4a589f9f97467a9eb00a0b7a78b6afcf17d9b
06739a41044dc193fba2184dee6f3e0c2a3fe39c13ed57b80847cd03026aaf7a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06739A41044DC193FBA2184DEE6F3E0C2A3FE39C13ED57B80847CD03026AAF7A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4418
Expires: Tue, 29 Nov 2022 05:19:22 GMT
Date: Tue, 29 Nov 2022 04:05:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
05a0f2361d59025f990151a11544fac7
aacd1da65ef5f20449147ab2111a0ed0e589a86c
fccfa19f97dab4686510892b89165f2391ff1cec9c6a16ec597fe4fcfd74165d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCCFA19F97DAB4686510892B89165F2391FF1CEC9C6A16EC597FE4FCFD74165D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1
Expires: Tue, 29 Nov 2022 04:05:45 GMT
Date: Tue, 29 Nov 2022 04:05:44 GMT
Connection: keep-alive

ob699.cc/xxx12345.gif

45.153.131.58

200 OK

20 kB

URL HTTP/1.1
ob699.cc/xxx12345.gif
IP
45.153.131.58:0
ASN
#55933 Cloudie Limited

File type
GIF image data, version 89a, 225 x 135\012- data
Size
20 kB (19781 bytes)
Hash
74f156899d26c1a1ef9108ee4023052d
3d2f15dc81ee27a7832947bbb59a7836ccc7f027
b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0

HTTP Headers

GET /xxx12345.gif HTTP/1.1
Host: ob699.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: image/gif
Content-Length: 19781
Last-Modified: Sat, 01 Oct 2022 06:45:45 GMT
Connection: keep-alive
ETag: "6337e219-4d45"
Expires: Thu, 29 Dec 2022 04:05:44 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif

45.150.164.88

301 Moved Permanently

162 B

URL HTTP/2
kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
IP
45.150.164.88:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:44 GMT
content-type: text/html
content-length: 162
location: https://kvhxxx.top/7546c860e55fa3bf22e5cd95994dd097.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif

45.150.164.88

301 Moved Permanently

162 B

URL HTTP/2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP
45.150.164.88:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:44 GMT
content-type: text/html
content-length: 162
location: https://kvhxxx.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:44 GMT
content-type: text/html
content-length: 162
location: https://kvkhhh.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
d70f0571f110d61e72a3961505950fa1
90476448b25e8e5fed72d8b497f1d24fbe54dff4
b2633dd1aa0357ada5bbb652b83bf1aa806f8abfd470ae44f1cd3de9e8c0130f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 16:32:08 GMT
Expires: Fri, 02 Dec 2022 16:32:07 GMT
Etag: "90476448b25e8e5fed72d8b497f1d24fbe54dff4"
Cache-Control: max-age=303382,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777a7afeb511-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1fbb7f61e76866ea359f7919c12bef99
e60b44b493885b9e3bfcd727a512d8fded812887
87e51cc1ada762613fa8ddea12a61e0bfc1056f679cc8f7e4a464e4a6e77861a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 03:39:04 GMT
Expires: Sun, 04 Dec 2022 03:39:03 GMT
Etag: "e60b44b493885b9e3bfcd727a512d8fded812887"
Cache-Control: max-age=429798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777a7ebd1bfe-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
9fc1b99a217ae7a16971181fd27b3144
f35a3271078f2eb3fa9c6e5ab5ab4d757ee2a457
784a6816aadadfc7a34ecdae2c86dfd0b971314f7db79e22906bf4fa368925fb

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 00:01:01 GMT
Expires: Tue, 06 Dec 2022 00:01:00 GMT
Etag: "f35a3271078f2eb3fa9c6e5ab5ab4d757ee2a457"
Cache-Control: max-age=589515,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777a7e790b45-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8c860f6cc16cec53769d4433e6f0ddf2
2bf2252d9f68bdb1504969d1216a0e9f1873a865
7107d5b0e028993ce463eb29eebae9f15bcd8ff4403a0d15f909861ef9e676c5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 10:05:42 GMT
Expires: Sat, 03 Dec 2022 10:05:41 GMT
Etag: "2bf2252d9f68bdb1504969d1216a0e9f1873a865"
Cache-Control: max-age=366596,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777a7a8bb51b-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8c860f6cc16cec53769d4433e6f0ddf2
2bf2252d9f68bdb1504969d1216a0e9f1873a865
7107d5b0e028993ce463eb29eebae9f15bcd8ff4403a0d15f909861ef9e676c5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 10:05:42 GMT
Expires: Sat, 03 Dec 2022 10:05:41 GMT
Etag: "2bf2252d9f68bdb1504969d1216a0e9f1873a865"
Cache-Control: max-age=366596,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777a7eadfac4-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b407444fc65f86948d0f257a7a63c73c
2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1
300712a9df82ffbb5fd337feddd86f3b23bc602b78969fee87fda5d6de9b05f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:19:39 GMT
Expires: Sat, 03 Dec 2022 15:19:38 GMT
Etag: "2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1"
Cache-Control: max-age=385433,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777a7fc81c02-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2db77de8cd9f561c89e82c3cc121f657
3cfdf7e959e288d04fa8eecee461533178db4db2
c92ed85f05902ddb2b113d13fae24d9e9982b9439aeb0b182352fe78c6ffb3a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 16:16:55 GMT
Expires: Sun, 04 Dec 2022 16:16:54 GMT
Etag: "3cfdf7e959e288d04fa8eecee461533178db4db2"
Cache-Control: max-age=475269,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777a78d2b4e8-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
07c74bc5bc7715dce2255efb5629d795
0d7779f9c077f597635e4809fe17c91899b06f48
3e6ce9d1ae689d6cd819ec0d9c17080ca7189931238c729090da3f9c5af8d181

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:09:56 GMT
Expires: Mon, 05 Dec 2022 19:09:55 GMT
Etag: "0d7779f9c077f597635e4809fe17c91899b06f48"
Cache-Control: max-age=572050,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777a7d09b50c-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b4bc4d091d314a559fc8d4b2dbbb5f5
62f9d886b9e85e64462f75988e0d0b349c569c0d
87050cc8e0e155a6fe7fd11ae7270d58f539f9a022be944778cad0a17ebef22f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87050CC8E0E155A6FE7FD11AE7270D58F539F9A022BE944778CAD0A17EBEF22F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5772
Expires: Tue, 29 Nov 2022 05:41:56 GMT
Date: Tue, 29 Nov 2022 04:05:44 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2dcd02f5e606a5de0774b49602d0b822
7745b6c7971f36e45d31df200626183f63b8db3f
9a386f7a255fc7ce125c07918a313d8877cdc084d5f5874eccfe116d7dfb2dbd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 20:52:34 GMT
Expires: Fri, 02 Dec 2022 20:52:33 GMT
Etag: "7745b6c7971f36e45d31df200626183f63b8db3f"
Cache-Control: max-age=319008,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777abb17b511-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
07c74bc5bc7715dce2255efb5629d795
0d7779f9c077f597635e4809fe17c91899b06f48
3e6ce9d1ae689d6cd819ec0d9c17080ca7189931238c729090da3f9c5af8d181

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:09:56 GMT
Expires: Mon, 05 Dec 2022 19:09:55 GMT
Etag: "0d7779f9c077f597635e4809fe17c91899b06f48"
Cache-Control: max-age=572050,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777aee8d0b45-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0262bdb2a5c0432d40d36cd9e3f133b1
0ffef801a05eb8a92497aae04daeb6c2748de482
771ecb84a2bc4aceb92524a4e44718a439eee03aa761f88a1e739378f1dbf330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:31:14 GMT
Expires: Sun, 04 Dec 2022 15:31:13 GMT
Etag: "0ffef801a05eb8a92497aae04daeb6c2748de482"
Cache-Control: max-age=472528,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777aceca1bfe-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
0a5d3c4e22af4baafefcb8a9fc1e9e35
fd98fdc9d46f65215757de37895b786623784d56
b807ce9d5ae1adfaaeb18d7c35e1f7bf235c9755f422f2efd1a1324644788c22

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 00:45:19 GMT
ETag: "fd98fdc9d46f65215757de37895b786623784d56"
Last-Modified: Tue, 29 Nov 2022 00:45:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2941
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718777c4f1f0b65-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03155dd0188bbb26580d8aa9b9a128ea
f51e0dd8ab1a0c0a260b866525acd296d4e7f105
c8ae8c1d1166b7a0d166fe89aa95c74c00fcd8edc94aa95b5aef8a2b33d87999

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8AE8C1D1166B7A0D166FE89AA95C74C00FCD8EDC94AA95B5AEF8A2B33D87999"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18690
Expires: Tue, 29 Nov 2022 09:17:15 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

u1022.com/da5dfac32ac34ba592b6f45c5de4a88c.gif

103.170.15.60

200 OK

383 kB

URL HTTP/2
u1022.com/da5dfac32ac34ba592b6f45c5de4a88c.gif
IP
103.170.15.60:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 100\012- data
Size
383 kB (382842 bytes)
Hash
3ee8c68d9bcee9dba9e18883f7a79dd7
ca6173103323ab2685f5c50c81c2e80d50583ab9
150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9

HTTP Headers

GET /da5dfac32ac34ba592b6f45c5de4a88c.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "63849d60-5d77a"
server: nginx
date: Mon, 28 Nov 2022 15:34:49 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 11:37:04 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-50
content-length: 382842
X-Firefox-Spdy: h2

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
72e1b8e8311fd91dcbbb48eed0fb0fdf
d514b4cd65213600b793c05f717cd9d197d8b071
b07c61ee5d6149db7e9754cdcf8e07731bd0a90586cad186630e33bdb60db4fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: be39c122-ccd6-45e3-8661-331b1c7d6c60
Content-Length: 1700
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
411658a4ab6d7ab96f9908b9229eb87a
6bbe9d3fac3f7ee42dd02d6d9582a1e95c477aad
2de852bc9fec6187e95871146f30d6149aef31263efb11536f9050a618829cf1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 0fd4017d-9a7f-4af6-a24a-69adaad78e38
Content-Length: 1700
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
9d7318bd0a78f7216a49d1cd2948ca4f
f2e634461918c36bf7811fdf0cdeba6779ee7e5b
8e85a8c88f1ed917da810e4716c5eec7ba2e1c3100ef4f6cb70b1a01ab7768e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 9d1cca09-c8d4-4187-8b4e-5a4da9017363
Content-Length: 1700
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif

103.170.15.95

200 OK

359 kB

URL HTTP/1.1
223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
IP
103.170.15.95:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
359 kB (358672 bytes)
Hash
668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ddc7ee998e5442059a05a76f45a279b8.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63665362-57910"
Date: Thu, 24 Nov 2022 04:59:13 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 05 Nov 2022 12:13:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-25
Content-Length: 358672

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
fd3bbe00836de0a245ebb6d07b124292
29f057aa00d55971d86985201ac953bcf098ecbc
7c8141e1a582b5d0076e6f7a1be7c687bdb12d8f5a8f3bf247ac8908e7f7fb6a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 5ccfb261-98d8-4091-8673-1579d20b03aa
Content-Length: 1700
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

339282bdb.com/e20f57018fba490b9af887342222147f.gif

45.61.212.118

200 OK

553 kB

URL HTTP/1.1
339282bdb.com/e20f57018fba490b9af887342222147f.gif
IP
45.61.212.118:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
553 kB (552818 bytes)
Hash
097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e20f57018fba490b9af887342222147f.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b939b-86f72"
Date: Mon, 28 Nov 2022 04:42:54 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 552818

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
183c367aae2a8003d7f94a3156f4005d
f8898757a11b765f26949f0b3befd0eca4c959e6
b247e947fa68e49afa29de5ca8cbe564af78df2457511695830345500b356838

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 29 Nov 2022 04:05:45 GMT
Last-Modified: Tue, 29 Nov 2022 00:18:51 GMT
ETag: "63854feb-1d7"
Expires: Thu, 01 Dec 2022 00:18:51 GMT
Cache-Control: max-age=159186
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669694745
Via: cache9.l2de2[4,3,200-0,M], cache9.l2de2[5,0], cache4.se1[25,24,200-0,M], cache4.se1[27,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 29 Nov 2022 04:05:45 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816696947452653789e

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
183c367aae2a8003d7f94a3156f4005d
f8898757a11b765f26949f0b3befd0eca4c959e6
b247e947fa68e49afa29de5ca8cbe564af78df2457511695830345500b356838

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 04:05:45 GMT
Ali-Swift-Global-Savetime: 1669694745
Via: cache25.l2de2[3,3,200-0,M], cache25.l2de2[4,0], cache5.se1[27,26,200-0,M], cache5.se1[28,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 29 Nov 2022 04:05:45 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916696947452643740e

592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif

103.170.15.95

200 OK

580 kB

URL HTTP/1.1
592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
IP
103.170.15.95:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
580 kB (580315 bytes)
Hash
1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

HTTP Headers

GET /ec0e8c2b5d2a4082a1acaceabcfca983.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba261-8dadb"
Date: Fri, 25 Nov 2022 13:18:03 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:35:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-25
Content-Length: 580315

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
224a592d7da2d456bca5fbe48af25c66
7811bd881e4fffb0d713b2495a4468b4ed4f289c
f91b7d1ccd13d6c7965fb93977776e019b7c3755bd40b7e76cbd4dab47c607c8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F91B7D1CCD13D6C7965FB93977776E019B7C3755BD40B7E76CBD4DAB47C607C8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4346
Expires: Tue, 29 Nov 2022 05:18:11 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

6937555.com/111/x11.gif

104.149.145.170

200 OK

426 kB

URL HTTP/1.1
6937555.com/111/x11.gif
IP
104.149.145.170:0
ASN
#40676 AS40676

File type
GIF image data, version 89a, 393 x 262\012- data
Size
426 kB (425627 bytes)
Hash
8bae222affa48844776828e91737c9ea
3c24ae989fed8a463e723b513634d6c96416a8ca
203d9927c0f470cc1b9e2116f2ffc23d3ede6acbdd657fe66aa7874526f2b5a3

HTTP Headers

GET /111/x11.gif HTTP/1.1
Host: 6937555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: image/gif
Content-Length: 425627
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 11:21:10 GMT
ETag: "6332dca6-67e9b"
Cache-Control: max-age=2592000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdd23460571e06be2b5384a4362b213
16016e9ac93fc8ee63645863d0e6a0536e99de26
9b348e405da997965bbfb5a714755ebe7b05744f6e83e4c635e42d5fa9e282d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B348E405DA997965BBFB5A714755EBE7B05744F6E83E4C635E42D5FA9E282D1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=526
Expires: Tue, 29 Nov 2022 04:14:31 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif

103.170.15.115

200 OK

748 kB

URL HTTP/1.1
5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP
103.170.15.115:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 750 x 120\012- data
Size
748 kB (748166 bytes)
Hash
dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608

HTTP Headers

GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 5593qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63032a8a-b6a86"
Date: Fri, 25 Nov 2022 07:56:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 22 Aug 2022 07:04:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-45
Content-Length: 748166

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdd23460571e06be2b5384a4362b213
16016e9ac93fc8ee63645863d0e6a0536e99de26
9b348e405da997965bbfb5a714755ebe7b05744f6e83e4c635e42d5fa9e282d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B348E405DA997965BBFB5A714755EBE7B05744F6E83E4C635E42D5FA9E282D1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=526
Expires: Tue, 29 Nov 2022 04:14:31 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
07c74bc5bc7715dce2255efb5629d795
0d7779f9c077f597635e4809fe17c91899b06f48
3e6ce9d1ae689d6cd819ec0d9c17080ca7189931238c729090da3f9c5af8d181

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:09:56 GMT
Expires: Mon, 05 Dec 2022 19:09:55 GMT
Etag: "0d7779f9c077f597635e4809fe17c91899b06f48"
Cache-Control: max-age=572049,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718777bcd6fb50c-OSL

200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg

23.224.61.222

200 OK

57 kB

URL HTTP/1.1
200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
IP
23.224.61.222:0
ASN
#40065 CNSERVERS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data
Size
57 kB (57375 bytes)
Hash
61b977b3527d7c0e27e2af877b5a5c59
4a1f0beee6c8215da2bfda76b5f1c87d62925bfc
945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff

HTTP Headers

GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1
Host: 200.benbenys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Server: Apache
Expires: Thu, 29 Dec 2022 04:05:44 GMT
Pragma: cache
Cache-Control: max-age=2592000
Upgrade: h2
Connection: Upgrade, close
Content-Length: 57375
Content-Type: image/jpeg

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2407bce7f479414a44ac764a4b56fbb3
d41cfcd80b63de62dc36c6a127ef4f9d6399c020
6b1ec32a3ce6d986ba2693569191df148e5b9eff019a18336a98a955b0dfbe3d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B1EC32A3CE6D986BA2693569191DF148E5B9EFF019A18336A98A955B0DFBE3D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11304
Expires: Tue, 29 Nov 2022 07:14:09 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d27e0525e331a4c3ae096be1a00433af
764b36118b987432e13dd88b9b446a8ec0dc13e9
0929458f0ff0dceccb96bfc844263380c5424939c2e03a59bc4d71d764c4271c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0929458F0FF0DCECCB96BFC844263380C5424939C2E03A59BC4D71D764C4271C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21146
Expires: Tue, 29 Nov 2022 09:58:11 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
fc796901ab3b12631015f01cd27c8d23
d04e98b67b1455b1a6fb826506eef6f72297c187
481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "481C32F7F67F95E55A1FACFDDE3CDB7917E686D1BA1979F96089CB9D3B4F834A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 29 Nov 2022 10:05:45 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d27e0525e331a4c3ae096be1a00433af
764b36118b987432e13dd88b9b446a8ec0dc13e9
0929458f0ff0dceccb96bfc844263380c5424939c2e03a59bc4d71d764c4271c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0929458F0FF0DCECCB96BFC844263380C5424939C2E03A59BC4D71D764C4271C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21146
Expires: Tue, 29 Nov 2022 09:58:11 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
224a592d7da2d456bca5fbe48af25c66
7811bd881e4fffb0d713b2495a4468b4ed4f289c
f91b7d1ccd13d6c7965fb93977776e019b7c3755bd40b7e76cbd4dab47c607c8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F91B7D1CCD13D6C7965FB93977776E019B7C3755BD40B7E76CBD4DAB47C607C8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Tue, 29 Nov 2022 07:07:59 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif

104.21.23.48

200 OK

48 kB

URL HTTP/2
www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif
IP
104.21.23.48:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 150 x 150\012- data
Size
48 kB (47538 bytes)
Hash
238e06fae36a60963dd217adc895c9e4
feb1b8c405b5e162fb23a7727aedb83eae0a9e9f
321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce

HTTP Headers

GET /upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif HTTP/1.1
Host: www.yssydh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/gif
content-length: 47538
last-modified: Wed, 27 Jul 2022 08:34:24 GMT
etag: "62e0f890-b9b2"
expires: Sat, 03 Dec 2022 16:45:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2200810
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rshe3iay7kGwBUr61iNlh9k45FL7pEXCmyVkw5IbSpP%2FFsv54tC1OmRhTfiu51PaS%2B4ioYbrbykrRCDVAeO5FJhrjNREVrIC6tw%2FmYeuY9Kb1m%2Bf3br6V4YWmWlW8seCZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718777f1918b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.jxys16.xyz/

173.231.38.5

200 OK

174 kB

URL HTTP/2
www.jxys16.xyz/
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
174 kB (173814 bytes)
Hash
f437b64daa2b03ee3be01ee8ed894355
f115511f38467e33b93bb9d67b8e39b582e43a74
b9bff556eded4f0bafb0771ddc41c89f7f2cf201e3c96199774ae0c799715a8f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

si1.go2yd.com/get-image/0yFQ28gLGhP

163.171.140.79

200 OK

280 kB

URL HTTP/2
si1.go2yd.com/get-image/0yFQ28gLGhP
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 600 x 350\012- data
Size
280 kB (279676 bytes)
Hash
b25d41aed5450abed3b57ce91edeb1ef
32246d3032e682f04be554c60fa343835bf7a1c9
3198df78ef5491bd63c4dbd8fea3604f34dad6baa285ea8629ec250954f405ba

HTTP Headers

GET /get-image/0yFQ28gLGhP HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/gif
content-length: 279676
server: Tengine
x-application-context: application
x-kss-request-id: 7619a86ae5664556a23b9964f031b63f
etag: "b25d41aed5450abed3b57ce91edeb1ef"
content-md5: sl1BrtVFCr7TtXzpHt6x7w==
last-modified: Mon, 28 Feb 2022 06:31:20 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjzwdx5aa31:0 (Cdn Cache Server V2.0), 1.1 jszjsx22:12 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:6 (Cdn Cache Server V2.0)
x-ws-request-id: 63858519_PShlamstdAMS1vj92_8449-59657
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2

si1.go2yd.com/get-image/0yFVWR9AM6k

163.171.140.79

200 OK

140 kB

URL HTTP/2
si1.go2yd.com/get-image/0yFVWR9AM6k
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 750 x 376\012- data
Size
140 kB (140259 bytes)
Hash
4125d9bf66b1a755f42abaea805ee9af
17232f64827beb19e2a717d1bdbf384b3e938249
d3c1b29a4d2c0fa6fc41d308d6c110eeb868276c2a74697766283838ebe1f732

HTTP Headers

GET /get-image/0yFVWR9AM6k HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/gif
content-length: 140259
x-application-context: application
x-kss-request-id: 42be03856f37421d8d1834ac0d22900d
etag: "4125d9bf66b1a755f42abaea805ee9af"
content-md5: QSXZv2axp1X0KrrqgF7prw==
last-modified: Mon, 28 Feb 2022 07:48:08 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:9 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:10 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:17 (Cdn Cache Server V2.0)
x-ws-request-id: 63858519_PShlamstdAMS1vj92_8449-59658
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2

339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif

45.61.212.118

200 OK

113 kB

URL HTTP/1.1
339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif
IP
45.61.212.118:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 320 x 185\012- data
Size
113 kB (113076 bytes)
Hash
293a0887f1ab0b9517c19b77d51626dd
74adbd76d248f6cfc5cffdfaaaaaf942b69b080b
e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /47a7724b974a47a0a7ff9b1c9af7a26c.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b942d-1b9b4"
Date: Tue, 22 Nov 2022 18:11:26 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:34:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 113076

e1.o.lencr.org/

23.36.76.226

200 OK

343 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
343 B (343 bytes)
Hash
9347e1cd2af04f5ca48a31f0bc3da7ae
22beae35c318731eaa78a824f051831c85b508ef
6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "6276E91FB8F11D447C6EB8E1EF977B69DB6934FCC8793A479D195DB13DF23F0C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11850
Expires: Tue, 29 Nov 2022 07:23:15 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

343 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
343 B (343 bytes)
Hash
9347e1cd2af04f5ca48a31f0bc3da7ae
22beae35c318731eaa78a824f051831c85b508ef
6276e91fb8f11d447c6eb8e1ef977b69db6934fcc8793a479d195db13df23f0c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "6276E91FB8F11D447C6EB8E1EF977B69DB6934FCC8793A479D195DB13DF23F0C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11850
Expires: Tue, 29 Nov 2022 07:23:15 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d27e0525e331a4c3ae096be1a00433af
764b36118b987432e13dd88b9b446a8ec0dc13e9
0929458f0ff0dceccb96bfc844263380c5424939c2e03a59bc4d71d764c4271c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0929458F0FF0DCECCB96BFC844263380C5424939C2E03A59BC4D71D764C4271C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7446
Expires: Tue, 29 Nov 2022 06:09:51 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

zhibo128x.xyz/128/318X216.gif

154.83.25.141

200 OK

90 kB

URL HTTP/1.1
zhibo128x.xyz/128/318X216.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 318 x 216\012- data
Size
90 kB (89870 bytes)
Hash
fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d

HTTP Headers

GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 29 Nov 2022 04:05:07 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Wed, 30 Nov 2022 00:43:29 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif

45.154.214.206

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
45.154.214.206:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: text/html
content-length: 162
location: https://kvhiii.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/800a83efcf662b60b2ec0c6bb37ce110.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

api.79zxcv.com/sh/317.js

18.141.190.97

200 OK

463 B

URL HTTP/1.1
api.79zxcv.com/sh/317.js
IP
18.141.190.97:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (463), with no line terminators
Size
463 B (463 bytes)
Hash
4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sh/317.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
313a4af0587cf0130df762583804464b
2e81dd41e78c4b094f32575b1727a1c9207a1af1
77c2410d58d53811ae7b701ff4c501b6a21c9af6d27189170e725573ce07db2f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77C2410D58D53811AE7B701FF4C501B6A21C9AF6D27189170E725573CE07DB2F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=749
Expires: Tue, 29 Nov 2022 04:18:14 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

api.79zxcv.com/sh/328.js

18.141.190.97

200 OK

463 B

URL HTTP/1.1
api.79zxcv.com/sh/328.js
IP
18.141.190.97:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (463), with no line terminators
Size
463 B (463 bytes)
Hash
4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sh/328.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS

acoozzh.top/800a83efcf662b60b2ec0c6bb37ce110.gif

172.67.189.203

200 OK

740 kB

URL HTTP/2
acoozzh.top/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
172.67.189.203:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
740 kB (739561 bytes)
Hash
5318e42d25e6b9b53726d8166248cc33
762b03c16562865a9a58a02dba471f78608376db
b632e7a04d032c4853a8460e9d636ac032f697db8f50cfee6a6016587ed8f62c

HTTP Headers

GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/gif
content-length: 739561
last-modified: Mon, 02 May 2022 19:20:49 GMT
etag: "62702f11-b48e9"
expires: Thu, 22 Dec 2022 17:58:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 554858
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJ0Pd%2BRyZhmB6iP2n4bne1XmuVpqy2qzPiHNMSSnur6HuPa5JMB7Wm0dq39kidm7ldNtBGBK155%2FhiLffTrA7Uq2EJ%2FdwuC2RefOISg9Q4ChzMB2XgXUpjAAcEBeoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771877800840b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient

104.110.17.24

200 OK

151 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 120\012- data
Size
151 kB (151061 bytes)
Hash
89c820a186cb325d9979cdae663875eb
e9dbc77e9d46e03ebec28aaca2bf5e302767064f
9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade

HTTP Headers

GET /images/0102y120009tf26vrA1E9.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 151061
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7726464
expires: Sun, 26 Feb 2023 14:20:09 GMT
date: Tue, 29 Nov 2022 04:05:45 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

3p8801.co/a-960x60.gif

107.148.202.17

200 OK

49 kB

URL HTTP/2
3p8801.co/a-960x60.gif
IP
107.148.202.17:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
49 kB (49174 bytes)
Hash
bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db

HTTP Headers

GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Thu, 29 Dec 2022 04:05:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif

45.154.214.206

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
IP
45.154.214.206:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: text/html
content-length: 162
location: https://kvhiii.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

i.ibb.co/tL26d3m/240x140.gif

162.19.58.160

404 Not Found

1.0 kB

URL HTTP/2
i.ibb.co/tL26d3m/240x140.gif
IP
162.19.58.160:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size
1.0 kB (1031 bytes)
Hash
7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

HTTP Headers

GET /tL26d3m/240x140.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
2cc706a5f9e09fc0e8a1a52b930d00e7
83c6c19040243f9557381da2ea23151318e77b09
48f4753c03d844e325ad70adee36435463931ef82e1137dbe5f82a5fd9f335f7

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 01:49:05 GMT
ETag: "83c6c19040243f9557381da2ea23151318e77b09"
Last-Modified: Tue, 29 Nov 2022 01:49:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718777f0f8f0b65-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7e5a6e2829f4d2b20b0062d9930aa711
ebb93b1d6ee2f9009e2d1753aab77b2b6de0f56c
81b0cc31edbd181e23d043f69d3487e0ad57a893665af3cc9ebb1fcdd97d89a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170358
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:45 GMT
Etag: "63857b8f-1d7"
Expires: Thu, 01 Dec 2022 03:25:03 GMT
Last-Modified: Tue, 29 Nov 2022 03:25:03 GMT
Server: nginx
Content-Length: 471

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d3b307de2bf339f4b96d2c1223e0f585
6dbb2e1f1ffc56576314ef14da30c4d46b6a868f
62ca2ed602e780aa5ea90ceba1819c231af058ae47a631a88925fd369977b71f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:45:21 GMT
Expires: Sun, 04 Dec 2022 01:45:20 GMT
Etag: "6dbb2e1f1ffc56576314ef14da30c4d46b6a868f"
Cache-Control: max-age=422974,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771877800cd2b51b-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
2cc706a5f9e09fc0e8a1a52b930d00e7
83c6c19040243f9557381da2ea23151318e77b09
48f4753c03d844e325ad70adee36435463931ef82e1137dbe5f82a5fd9f335f7

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 01:49:05 GMT
ETag: "83c6c19040243f9557381da2ea23151318e77b09"
Last-Modified: Tue, 29 Nov 2022 01:49:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771877806947b523-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
62ab0caeab837e52beb85fc332e51d01
e53946379c035bd3532b3cdaef22d122b894b3a1
38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5799
Cache-Control: max-age=156356
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:45 GMT
Etag: "63852e36-2d7"
Expires: Wed, 30 Nov 2022 23:31:41 GMT
Last-Modified: Mon, 28 Nov 2022 21:55:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 727

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
62ab0caeab837e52beb85fc332e51d01
e53946379c035bd3532b3cdaef22d122b894b3a1
38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5799
Cache-Control: max-age=156356
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:45 GMT
Etag: "63852e36-2d7"
Expires: Wed, 30 Nov 2022 23:31:41 GMT
Last-Modified: Mon, 28 Nov 2022 21:55:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 727

p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42

47.246.44.226

200 OK

420 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
420 kB (420442 bytes)
Hash
7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb

HTTP Headers

GET /obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Thu, 17 Nov 2022 08:05:12 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 08:04:55 GMT
nw-session-id: 20221117160455010175088205489D283Edffxv02dy
nw-session-trace: 2022-11-17T16:04:55.135790407+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 16:04:55 GMT
x-tt-logid: 20221117160455010175088205489D283E
via: n150-056-038, cache1.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[2,0]
x-request-ip: fdbd:dc02:22:591::147
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01307a3fb6122614a2cf2861b66f794cde44fb789caf024a9d7b2c6561afdf19f775a092f1c68726af9bc843af9d0ac960e24a539cf77cbcdda5d0e4291dcc3344458d0ed78fd87e483c6a160aeb1e5530716a4a1a22319dfa833dc91d61d824ef
x-response-lb: image
ali-swift-global-savetime: 1668672312
age: 1022433
x-cache: HIT TCP_MEM_HIT dirn:11:275132548
x-swift-savetime: Thu, 17 Nov 2022 08:34:25 GMT
x-swift-cachetime: 31534247
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716696947456918476e
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb

47.246.44.226

200 OK

440 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
440 kB (439790 bytes)
Hash
07ad6948d174b603a75e166a521bbb04
d08af2d0fc9693ce636e66cbb89277875d7954f4
40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b

HTTP Headers

GET /obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 439790
date: Sat, 26 Nov 2022 13:16:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 11:30:39 GMT
nw-session-id: 2022112619303901015013207634B66C26h2vnt03dy
nw-session-trace: 2022-11-26T19:30:39.564101929+08:00 31
x-bdcdn-cache-status: TCP_HIT
x-length: 439790
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 19:30:39 GMT
x-tt-logid: 2022112619303901015013207634B66C26
via: n150-059-155, cache1.l2de2[0,0,206-0,H], cache14.l2de2[1,0], cache14.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017a400951cb8b1f6f99182a8c8a87682f36a7bc8c9d51c44eea0062d5621a593cf11ecf59e1d039d14eacf478f79a4f6c371b82af94314a1c2da27ab8970cef0e421d48454c58e7340acddc4faf3a396fa65def9cb218d02bc5986a2c25b010d8
x-response-lb: image
ali-swift-global-savetime: 1669468593
age: 226152
x-cache: HIT TCP_MEM_HIT dirn:11:451236523
x-swift-savetime: Sat, 26 Nov 2022 13:38:46 GMT
x-swift-cachetime: 31534667
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716696947456978477e
X-Firefox-Spdy: h2

3p8801.co/yy-960x60.gif

107.148.202.17

200 OK

37 kB

URL HTTP/2
3p8801.co/yy-960x60.gif
IP
107.148.202.17:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
37 kB (37300 bytes)
Hash
95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644

HTTP Headers

GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Thu, 29 Dec 2022 04:05:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
9ea269db298de3bfcd60ba6b0cc90e62
d961b1e242f0945fd9e02e727878b7d047876742
7800a0af0354b76325c75d858222cfc781f6ad7d1e8391bcb452a415eb6d63ab

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 17:36:51 GMT
Expires: Fri, 02 Dec 2022 17:36:50 GMT
Etag: "d961b1e242f0945fd9e02e727878b7d047876742"
Cache-Control: max-age=307264,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187780cfb10b45-OSL

p3.douyinpic.com/obj/tos-cn-i-dy/5cd35a27ffb84b129a891385b65cc0a7

47.246.44.226

200 OK

258 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/5cd35a27ffb84b129a891385b65cc0a7
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
258 kB (257486 bytes)
Hash
55d735ced9e7e36a0041464bf44ba65f
aa4662f343a0d5a8151441554993aad71103637c
4c2cb0687f63d736e4557cbe65bdeb10f836ba8ac7503a322c40ebb2187fb851

HTTP Headers

GET /obj/tos-cn-i-dy/5cd35a27ffb84b129a891385b65cc0a7 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 257486
date: Mon, 28 Nov 2022 09:44:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 28 Nov 2022 06:31:24 GMT
nw-session-id: 202211281431240101580372093E7C1EEEws92b03dy
nw-session-trace: 2022-11-28T14:31:24.068007357+08:00 32
x-bdcdn-cache-status: TCP_HIT
x-length: 257486
x-powered-by: ImageX
x-response-date: Mon, 28 Nov 2022 14:31:24 GMT
x-tt-logid: 202211281431240101580372093E7C1EEE
via: n150-057-105, cache16.l2de2[0,0,206-0,H], cache16.l2de2[32,0], cache16.l2de2[32,0], cache1.se1[0,0,200-0,H], cache3.se1[16,0]
x-request-ip: fdbd:dc02:22:591::147
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=16
x-tt-trace-host: 01df2d809375c40a2a727e6f3d348595ad4efd188921b8289a00259bc1a6de28cc8c96700253cff3538aeb893e37af7b1e1a652e35d62cc17aaf0fb48f84f7eaad75c3ed5f26eb9322352d59f34ac551eac65e94d52270da61aac91b838e681de4
x-response-lb: image
ali-swift-global-savetime: 1669628666
age: 66079
x-cache: HIT TCP_MEM_HIT dirn:4:235007224
x-swift-savetime: Mon, 28 Nov 2022 10:01:12 GMT
x-swift-cachetime: 31534994
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716696947457058478e
X-Firefox-Spdy: h2

3p8801.co/11-960x60.gif

107.148.202.17

200 OK

242 kB

URL HTTP/2
3p8801.co/11-960x60.gif
IP
107.148.202.17:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
242 kB (242091 bytes)
Hash
b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2

HTTP Headers

GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Thu, 29 Dec 2022 04:05:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif

103.170.15.90

200 OK

423 kB

URL HTTP/1.1
362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
IP
103.170.15.90:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
423 kB (422791 bytes)
Hash
bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /33f557d8ed124da9b6a2642dac638bcd..gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9147-67387"
Date: Tue, 22 Nov 2022 14:39:52 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:22:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-20
Content-Length: 422791

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
9ab45e9920220fcf9443b2bf81ba6a7d
703ba61cb928fc585c0cc2e870ce9e53dab82401
e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 01:55:04 GMT
ETag: "703ba61cb928fc585c0cc2e870ce9e53dab82401"
Last-Modified: Tue, 29 Nov 2022 01:55:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771877807fde0b65-OSL

lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg

104.22.12.214

200 OK

5.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5568 bytes)
Hash
187a056e67fd5cb46bc7c783f9a9fdac
4ee4e1bf29186fa2c4d5373fe121a6a6031a8737
a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171

HTTP Headers

GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 5568
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6690
content-disposition: inline; filename="2omtifvgwvo16482omtifvgwvo282149.webp"
etag: "6349225c-1a22"
last-modified: Fri, 14 Oct 2022 08:48:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafcb1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg

104.22.12.214

200 OK

8.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.2 kB (8224 bytes)
Hash
81267f0dd2a21a97169d2dff3bb67578
ec4b5545c42d0a756a2c5304979385195727d80f
d2ccc3a3f54595284db2b42186999635433f6d4beab91a1ca15d54a8bbc51de2

HTTP Headers

GET /upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 8224
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9431
content-disposition: inline; filename="5uhe5rvsnvm10155uhe5rvsnvm1724067.webp"
etag: "5dc4cfb5-24d7"
last-modified: Fri, 08 Nov 2019 02:15:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafc71bfe-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/dFBzDyqgPsM

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/dFBzDyqgPsM
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d6df8a11dbe77c32c1fb32bf69e1b3d8
840b8701a0542d3e30eaffe3920f285151afdac1
6729aeb5b790eb173f4287cf98b6490a3a15805a919c09022e224b174d231162

HTTP Headers

POST /s/gts1p5/dFBzDyqgPsM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
9ab45e9920220fcf9443b2bf81ba6a7d
703ba61cb928fc585c0cc2e870ce9e53dab82401
e67172f708804662828bae9333bd568ddbe7d135e8f0a946dd070f5a3195ea55

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Dec 2022 01:55:04 GMT
ETag: "703ba61cb928fc585c0cc2e870ce9e53dab82401"
Last-Modified: Tue, 29 Nov 2022 01:55:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771877809959b523-OSL

lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg

104.22.12.214

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
11 kB (11122 bytes)
Hash
b022836144761d53fd172695cd436216
71dd9ccacd6072c9aeab040b290e151ff01e8d02
6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918

HTTP Headers

GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/jpeg
content-length: 11122
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11646, status=webp_bigger
etag: "5dc4d015-2d7e"
last-modified: Fri, 08 Nov 2019 02:16:53 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718777fafc81bfe-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
62ab0caeab837e52beb85fc332e51d01
e53946379c035bd3532b3cdaef22d122b894b3a1
38dd7043bc9bdbdaab70a6f809fc2d7512394483f64affd3030ce4c4f5219469

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:45 GMT
Etag: "63852e36-2d7"
Server: ECS (amb/6BB1)
Content-Length: 727

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/jjy5x0xieib1335jjy5x0xieib276308.jpg

104.22.12.214

200 OK

9.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/jjy5x0xieib1335jjy5x0xieib276308.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.1 kB (9100 bytes)
Hash
0df8730f164c8ca030cae7a5f232d7d2
ddae230735be58dfa9e3c427bea78ea92aaa5bf7
682b5c4dd6447da8fdad3f93958c77f94479b0e747cebeec1bdf08d7a44123ce

HTTP Headers

GET /upload/vod/2022/11-28/13/jjy5x0xieib1335jjy5x0xieib276308.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 9100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10082
content-disposition: inline; filename="jjy5x0xieib1335jjy5x0xieib276308.webp"
etag: "6384489f-2762"
last-modified: Mon, 28 Nov 2022 05:35:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd61bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/3cktbr5e43s13353cktbr5e43s286310.jpg

104.22.12.214

200 OK

8.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/3cktbr5e43s13353cktbr5e43s286310.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.6 kB (8564 bytes)
Hash
846fc2e5c7fde4844189c7c5352c0e86
e00eca00bf7599eccaa69465e5ce3f61f1521440
d26603230ebb610c61e8ac8209446feb6ec0e57a7eba6c0b05329982bbf3fa84

HTTP Headers

GET /upload/vod/2022/11-28/13/3cktbr5e43s13353cktbr5e43s286310.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 8564
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9688
content-disposition: inline; filename="3cktbr5e43s13353cktbr5e43s286310.webp"
etag: "638448a0-25d8"
last-modified: Mon, 28 Nov 2022 05:35:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd71bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/03s1agsxfpo133503s1agsxfpo226296.jpg

104.22.12.214

200 OK

8.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/03s1agsxfpo133503s1agsxfpo226296.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.4 kB (8412 bytes)
Hash
b30c3f4ead010cee92fd4085c44ac5f0
2345edc988822d873e0075ef48ecf3f40eeb4929
ec9fbc7391e5d8993bb6ee6331975e87ce5acdd5a94de10fa0f4f22087198f88

HTTP Headers

GET /upload/vod/2022/11-28/13/03s1agsxfpo133503s1agsxfpo226296.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 8412
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9533
content-disposition: inline; filename="03s1agsxfpo133503s1agsxfpo226296.webp"
etag: "6384489a-253d"
last-modified: Mon, 28 Nov 2022 05:35:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd01bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/w5advwm3stk1335w5advwm3stk296312.jpg

104.22.12.214

200 OK

5.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/w5advwm3stk1335w5advwm3stk296312.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.9 kB (5886 bytes)
Hash
d30e29788a351c0d9f5692b683d2f8cd
2765e1f06f47d3cbb8ceaadc46467c038146f960
c5d878d180374a8d47665158142a664c93d72b459ca2abadbf016d552e818906

HTTP Headers

GET /upload/vod/2022/11-28/13/w5advwm3stk1335w5advwm3stk296312.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 5886
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7261
content-disposition: inline; filename="w5advwm3stk1335w5advwm3stk296312.webp"
etag: "638448a1-1c5d"
last-modified: Mon, 28 Nov 2022 05:35:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd91bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg

104.22.12.214

200 OK

13 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
13 kB (12826 bytes)
Hash
64e5d30e2c9ff8d2beacad9f64a97e7a
7fa9fc846cd7c6695ca6bdb2bd46e21a76f9f1ae
fef9d085f8ed814c53c48d162379bf86971f29ec4a7b7e3d2a962a006fca5de7

HTTP Headers

GET /upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/jpeg
content-length: 12826
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13483, status=webp_bigger
etag: "638449cb-34ab"
last-modified: Mon, 28 Nov 2022 05:40:27 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718777fafc51bfe-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
233e57f60023d3cdf4dfa75d53a03eb3
9dac5203260858b4de4682f9f610618454b5bb01
7f1b74086414ff31f9ab16fd18a8dadb7d7b77023e6bde0b9bbd5aa749a53d93

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F1B74086414FF31F9AB16FD18A8DADB7D7B77023E6BDE0B9BBD5AA749A53D93"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18492
Expires: Tue, 29 Nov 2022 09:13:57 GMT
Date: Tue, 29 Nov 2022 04:05:45 GMT
Connection: keep-alive

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif

52.184.85.118

200 OK

261 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
261 kB (261015 bytes)
Hash
68ca80e6c19384277e66f07f304b6ed7
680dea475bf73401cd981b5d64f81a23c5536fed
cdbf4e9a6e9fd6b14415c2039f70aef83ec4067c4d82510246096432cd8b93a8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894189710457.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

zhibo128x.xyz/128/960x120.gif

154.83.25.141

200 OK

647 kB

URL HTTP/1.1
zhibo128x.xyz/128/960x120.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 120\012- data
Size
647 kB (647290 bytes)
Hash
4fd1179d632274467f2d161456d79264
7e14d27cde6b11c437d17d7abf8ea273a5e63798
4a24512ccf73527d8996dc5a02acc63fe7fcb7c9f9ae22cac178345c6d46361c

HTTP Headers

GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 29 Nov 2022 04:05:07 GMT
Content-Type: image/gif
Content-Length: 647290
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:08:16 GMT
ETag: "634113d0-9e07a"
Expires: Wed, 30 Nov 2022 00:43:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/n4ypwectl5m1335n4ypwectl5m226298.jpg

104.22.12.214

200 OK

5.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/n4ypwectl5m1335n4ypwectl5m226298.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5556 bytes)
Hash
9de4c86aeb08d6f8a6fc164e722de4ca
a5d895d894361b7390f10956e1a57844986f1cd5
ee0adc9a7959caadc003e437c15302cbcd598d8d51d98528685cfd1377455264

HTTP Headers

GET /upload/vod/2022/11-28/13/n4ypwectl5m1335n4ypwectl5m226298.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 5556
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6655
content-disposition: inline; filename="n4ypwectl5m1335n4ypwectl5m226298.webp"
etag: "6384489b-19ff"
last-modified: Mon, 28 Nov 2022 05:35:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd11bfe-OSL
X-Firefox-Spdy: h2

kvkhhh.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif

104.21.57.36

200 OK

864 kB

URL HTTP/2
kvkhhh.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
104.21.57.36:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
864 kB (864004 bytes)
Hash
d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvkhhh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Sat, 10 Dec 2022 11:57:43 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1613282
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzQI9TiaolpY%2FDPpDIkTQHBUO%2By5q%2FZ3tANrSAji1lfmhFRpqfRwHf0wLu5EBW0qzYJdzZMkbqXVkeO5n%2F5%2FRBbIa3yq1WjyryRJVv0CCB9wwZioNCw6SuXI1Qwi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187782085cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.79zxcv.com/js/dom.js

18.141.190.97

200 OK

4.8 kB

URL HTTP/1.1
api.79zxcv.com/js/dom.js
IP
18.141.190.97:0
ASN
#16509 AMAZON-02

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1791)
Size
4.8 kB (4779 bytes)
Hash
271c3e5f6f883bf1187eb95946d8246e
4b32995d1e5dce4ba696e0aaf57794db6884d2b6
a5451841cb1edffb1130d0e4c564cfeb352d7f2283665a4d01221f84dc72c1fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/dom.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1d8c96ac8343425"
Last-Modified: Fri, 16 Sep 2022 01:22:27 GMT
Server: Tengine
X-Cache-Status: MISS
Content-Encoding: gzip

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif

52.184.85.118

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (212163 bytes)
Hash
14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif

52.184.85.118

200 OK

245 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
245 kB (245365 bytes)
Hash
15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

pic.picnewsss.com/tu-2022290039/se-1.jpg

23.225.139.251

200 OK

27 kB

URL HTTP/2
pic.picnewsss.com/tu-2022290039/se-1.jpg
IP
23.225.139.251:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Size
27 kB (26754 bytes)
Hash
d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e

HTTP Headers

GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Mon, 28 Nov 2022 20:19:02 GMT
etag: "1669694397"
expires: Wed, 28 Dec 2022 20:19:02 GMT
last-modified: Tue, 29 Nov 2022 03:59:57 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/swlyhvxsn3k1335swlyhvxsn3k316316.jpg

104.22.12.214

200 OK

4.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/swlyhvxsn3k1335swlyhvxsn3k316316.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4492 bytes)
Hash
69be43384dd099d503d6425448adee34
1d182a9da3cd8d670f7ed053cf10cfe0e2851433
1b55f9a42d7b3cc95511e9aa34a3954f359bfe192c0b69064050860dd73ead79

HTTP Headers

GET /upload/vod/2022/11-28/13/swlyhvxsn3k1335swlyhvxsn3k316316.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 4492
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6912
content-disposition: inline; filename="swlyhvxsn3k1335swlyhvxsn3k316316.webp"
etag: "638448a3-1b00"
last-modified: Mon, 28 Nov 2022 05:35:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafdb1bfe-OSL
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246

47.246.44.226

200 OK

312 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
312 kB (311995 bytes)
Hash
a78b1d3c4c374bd5a68ee79cd6a32092
78846daf14c2d75e5a82906ac98bdc199928344f
851a82f9cd3832f933509975a4f7a414a5ce9333af9865f8b383bd1851d7b816

HTTP Headers

GET /obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 311995
date: Sat, 26 Nov 2022 13:16:33 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 11:30:39 GMT
nw-session-id: 2022112619303901020908713822A266142qftk03dy
nw-session-trace: 2022-11-26T19:30:39.707647645+08:00 48
x-bdcdn-cache-status: TCP_HIT
x-length: 311995
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 19:30:39 GMT
x-tt-logid: 2022112619303901020908713822A26614
via: n131-120-073, cache1.l2de2[0,0,206-0,H], cache17.l2de2[0,0], cache17.l2de2[1,0], cache3.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc03:4:481::52
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017a400951cb8b1f6f99182a8c8a87682ff0a3cf0eab6da2f3c1f2d4643076e0781d8448ce5629cbfc4f7ae85a35f0343fa4bbbf262be9039644130e292f8ff5ba13be69171c546bd0c61898a92f6ce9b807474e824c6b6f56a295f19bf9a95b59
x-response-lb: image
ali-swift-global-savetime: 1669468593
age: 226152
x-cache: HIT TCP_MEM_HIT dirn:11:276680554
x-swift-savetime: Sat, 26 Nov 2022 13:38:50 GMT
x-swift-cachetime: 31534663
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716696947459118552e
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8ee14b35b8ec6377d463be24af91bbea
64b5ef391aec745b8371614b5919a6111c588df0
37f75e412f3287c2941825dea84761c3d0c5b30773879a3a6b150c3bf9e0c04b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125704
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:45 GMT
Etag: "6384cd21-117"
Expires: Wed, 30 Nov 2022 15:00:50 GMT
Last-Modified: Mon, 28 Nov 2022 15:00:49 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
fe9e74c1bc4c0387895fe6590f479322
de9ee91959920002353b1f6052a77ac41287b5fe
50eabf2239e98618ee1558ce0c20c68b4a1d6c3ff5dfc0662b15abf2cda26e83

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 29 Nov 2022 04:05:45 GMT
Last-Modified: Mon, 28 Nov 2022 08:54:37 GMT
ETag: "6384774d-1d7"
Expires: Wed, 30 Nov 2022 08:54:37 GMT
Cache-Control: max-age=103732
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669694745
Via: cache5.l2de2[45,45,200-0,M], cache5.l2de2[52,0], cache4.se1[73,73,200-0,M], cache4.se1[75,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 29 Nov 2022 04:05:45 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816696947459074023e

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/sd3uwlnfcm31335sd3uwlnfcm3306314.jpg

104.22.12.214

200 OK

6.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/sd3uwlnfcm31335sd3uwlnfcm3306314.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.3 kB (6284 bytes)
Hash
d522d094063825c17236698af6785ee9
f2cec336d561fd3c26455600a9c14234014ae039
a85b635533bec4280e011c155eac4f33d0fecd56dd42a096cf00a1d4532cbc4c

HTTP Headers

GET /upload/vod/2022/11-28/13/sd3uwlnfcm31335sd3uwlnfcm3306314.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 6284
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8471
content-disposition: inline; filename="sd3uwlnfcm31335sd3uwlnfcm3306314.webp"
etag: "638448a2-2117"
last-modified: Mon, 28 Nov 2022 05:35:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafda1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rwe3egzutrh1335rwe3egzutrh206292.jpg

104.22.12.214

200 OK

9.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rwe3egzutrh1335rwe3egzutrh206292.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.8 kB (9796 bytes)
Hash
7a73f0cfbab7791e5f97b92fbcc0af57
5169d28cc09dff8a5e2499881032302ddaf068ee
8c2a920257bc6b41db99fadce0ac011f8a1d8a3117c600105dae0c55b6eb0de5

HTTP Headers

GET /upload/vod/2022/11-28/13/rwe3egzutrh1335rwe3egzutrh206292.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 9796
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10754
content-disposition: inline; filename="rwe3egzutrh1335rwe3egzutrh206292.webp"
etag: "63844898-2a02"
last-modified: Mon, 28 Nov 2022 05:35:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafce1bfe-OSL
X-Firefox-Spdy: h2

tt.1468tu.com/58tu/960x100.gif

43.153.174.204

200 OK

166 kB

URL HTTP/1.1
tt.1468tu.com/58tu/960x100.gif
IP
43.153.174.204:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 100\012- data
Size
166 kB (165870 bytes)
Hash
ac63ac5a8f69ce5bd9f5c6dbcbe5e449
ea0e3a5a67615ba236262770bfbf9aacaaf59ef8
c509935cc565a4e97603bb9ae7ed879b22b0ac048e825cd771be70b69ce0842d

HTTP Headers

GET /58tu/960x100.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:44 GMT
Content-Type: image/gif
Content-Length: 165870
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 08:09:12 GMT
ETag: "b6ce236cffd6d81:0"
X-Powered-By: ASP.NET
Server: X-Y
X-Cache-Status: HIT
Accept-Ranges: bytes

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/edxyu2zpif01335edxyu2zpif0196290.jpg

104.22.12.214

200 OK

7.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/edxyu2zpif01335edxyu2zpif0196290.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.8 kB (7776 bytes)
Hash
94b7098d95208d480e4bf14236c99990
f13f76c4adba5ee150d568d268ea9c83e49f3d28
684ef985c8f535d753f3704d0b96467a3e89b80397f0ac1220cf1e63df29cb28

HTTP Headers

GET /upload/vod/2022/11-28/13/edxyu2zpif01335edxyu2zpif0196290.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 7776
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8667
content-disposition: inline; filename="edxyu2zpif01335edxyu2zpif0196290.webp"
etag: "63844897-21db"
last-modified: Mon, 28 Nov 2022 05:35:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafcd1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/tst0suxpwqn1335tst0suxpwqn216294.jpg

104.22.12.214

200 OK

7.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/tst0suxpwqn1335tst0suxpwqn216294.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.3 kB (7300 bytes)
Hash
78ca33bcc515e6651b3f86b563f4adde
1aa9831fe487e9f92b377acf7a59fb25d255a4dd
5f0ea2152c6e4237394d893b6a43154c7db9cea516ca4b2d1d18fcbbf3c4c3d0

HTTP Headers

GET /upload/vod/2022/11-28/13/tst0suxpwqn1335tst0suxpwqn216294.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 7300
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8447
content-disposition: inline; filename="tst0suxpwqn1335tst0suxpwqn216294.webp"
etag: "63844899-20ff"
last-modified: Mon, 28 Nov 2022 05:35:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafcf1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg

104.22.12.214

200 OK

5.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.7 kB (5660 bytes)
Hash
faf004bc3a9c3aeedccee94f15c2c8f1
024c98c2cc5fd5abbe46d5376bdf741e0171c231
eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d

HTTP Headers

GET /upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 5660
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6650
content-disposition: inline; filename="v5mpxydlmyj1112v5mpxydlmyj341679.webp"
etag: "6371b223-19fa"
last-modified: Mon, 14 Nov 2022 03:12:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafc61bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/11wp2qvcp4m133511wp2qvcp4m186288.jpg

104.22.12.214

200 OK

6.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/11wp2qvcp4m133511wp2qvcp4m186288.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.1 kB (6114 bytes)
Hash
cb289b33537c94f5b0fb6a57cb4d43fa
14710b0bb96871ad62a7da07beaba4ca1d46511f
9bbc038d5a4ae97b6f70f932dac3a777ebc61ce2b989486f732c47e01aa8c2bb

HTTP Headers

GET /upload/vod/2022/11-28/13/11wp2qvcp4m133511wp2qvcp4m186288.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 6114
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7211
content-disposition: inline; filename="11wp2qvcp4m133511wp2qvcp4m186288.webp"
etag: "63844896-1c2b"
last-modified: Mon, 28 Nov 2022 05:35:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafcc1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/35fspfucs0p133535fspfucs0p236300.jpg

104.22.12.214

200 OK

6.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/35fspfucs0p133535fspfucs0p236300.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.4 kB (6404 bytes)
Hash
6057bab6390dfa52acfb7c909daa3780
76c4fd581b003e0d6dc81feeb18040b959035552
2f28132755bf27845851354e7bf15ee6e139562ed411152c1a4938e7b4b8ba6f

HTTP Headers

GET /upload/vod/2022/11-28/13/35fspfucs0p133535fspfucs0p236300.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 6404
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7392
content-disposition: inline; filename="35fspfucs0p133535fspfucs0p236300.webp"
etag: "6384489b-1ce0"
last-modified: Mon, 28 Nov 2022 05:35:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd21bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg

104.22.12.214

200 OK

4.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4468 bytes)
Hash
174c271fbd41b05e66270e9f781e8dc1
6f7b0f3b4e5527db1c55921da243ce6318be9e85
20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf

HTTP Headers

GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 4468
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6775
content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp"
etag: "5dc4c133-1a77"
last-modified: Fri, 08 Nov 2019 01:13:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafc91bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg

104.22.12.214

200 OK

9.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.5 kB (9504 bytes)
Hash
8fe9c506b4edb32a653396705f3120a6
d2eff7b1c1bfac9c1cd04ffece89fde07b0dd470
4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0

HTTP Headers

GET /upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 9504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10345
content-disposition: inline; filename="voxkidqmc5v1447voxkidqmc5v04679.webp"
etag: "6350eee8-2869"
last-modified: Thu, 20 Oct 2022 06:47:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafca1bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/fhu3hkfy5ra1335fhu3hkfy5ra266306.jpg

104.22.12.214

200 OK

6.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/fhu3hkfy5ra1335fhu3hkfy5ra266306.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.9 kB (6944 bytes)
Hash
8d2915b6936e3f5b26b4dfc66d932d36
14a650c1b096feea8c40b628cf47b22329c58a63
82da90108f2dd0f3b987609c7bc2f7e3504f52b3c8b5963e38175c2c5d634316

HTTP Headers

GET /upload/vod/2022/11-28/13/fhu3hkfy5ra1335fhu3hkfy5ra266306.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 6944
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7964
content-disposition: inline; filename="fhu3hkfy5ra1335fhu3hkfy5ra266306.webp"
etag: "6384489e-1f1c"
last-modified: Mon, 28 Nov 2022 05:35:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd51bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/yypa41uo1f41335yypa41uo1f4246302.jpg

104.22.12.214

200 OK

10 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/yypa41uo1f41335yypa41uo1f4246302.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10056 bytes)
Hash
c3f05d63b499d1426f8e4ce2a4e384a4
1f27bb24557fd99d1e0fadb074a2343400c3b2f7
5ad2b70134f43bdb67b842b9312b5dc062b744e4b01c2712ef770ed3a4795969

HTTP Headers

GET /upload/vod/2022/11-28/13/yypa41uo1f41335yypa41uo1f4246302.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 10056
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10846
content-disposition: inline; filename="yypa41uo1f41335yypa41uo1f4246302.webp"
etag: "6384489c-2a5e"
last-modified: Mon, 28 Nov 2022 05:35:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd31bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-28/13/5ge3qzto32513355ge3qzto325256304.jpg

104.22.12.214

200 OK

9.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/5ge3qzto32513355ge3qzto325256304.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.7 kB (9728 bytes)
Hash
f97716c9cf6a28b9090b0de5143221d5
5da983d9171a6a0fc219873012d9d91108fcc125
6a79eecdb7f0a7b652505c86e121fe6b6f7898c5fcf56695a6b9cccc25b61f6e

HTTP Headers

GET /upload/vod/2022/11-28/13/5ge3qzto32513355ge3qzto325256304.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:45 GMT
content-type: image/webp
content-length: 9728
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10573
content-disposition: inline; filename="5ge3qzto32513355ge3qzto325256304.webp"
etag: "6384489d-294d"
last-modified: Mon, 28 Nov 2022 05:35:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7718777fafd41bfe-OSL
X-Firefox-Spdy: h2

628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif

103.170.15.105

200 OK

670 kB

URL HTTP/1.1
628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
IP
103.170.15.105:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 750 x 150\012- data
Size
670 kB (669569 bytes)
Hash
fb77824f7c4e9baba62da5b690a5c7b3
ab57e7f711d25f95c55d7d29aa282af565b4c428
e465f0dc2491c84d9be51ac6638bfcb16d43fd3c1b257bc64e0553f2fefe7528

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fef6570cf2754141af2117d4ae96f801.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6379dc97-a3781"
Date: Tue, 22 Nov 2022 04:24:59 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 20 Nov 2022 07:51:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-35
Content-Length: 669569

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
fe9e74c1bc4c0387895fe6590f479322
de9ee91959920002353b1f6052a77ac41287b5fe
50eabf2239e98618ee1558ce0c20c68b4a1d6c3ff5dfc0662b15abf2cda26e83

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 29 Nov 2022 04:05:46 GMT
Last-Modified: Mon, 28 Nov 2022 08:54:37 GMT
ETag: "6384774d-1d7"
Expires: Wed, 30 Nov 2022 08:54:37 GMT
Cache-Control: max-age=103731
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669694746
Via: cache21.l2de2[46,46,200-0,M], cache21.l2de2[48,0], cache5.se1[70,69,200-0,M], cache5.se1[71,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 29 Nov 2022 04:05:46 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916696947460404047e

lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg

104.22.12.214

200 OK

14 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
14 kB (14387 bytes)
Hash
c814bbc877c9b41935908734d76b7778
7ba4a76ea6941ff9b06fff0ecadfd0abb64d719d
df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5

HTTP Headers

GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/jpeg
content-length: 14387
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15124, status=webp_bigger
etag: "5e11cf7d-3b14"
last-modified: Sun, 05 Jan 2020 11:58:53 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187780c8141bfe-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8ee14b35b8ec6377d463be24af91bbea
64b5ef391aec745b8371614b5919a6111c588df0
37f75e412f3287c2941825dea84761c3d0c5b30773879a3a6b150c3bf9e0c04b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125703
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:46 GMT
Etag: "6384cd21-117"
Expires: Wed, 30 Nov 2022 15:00:49 GMT
Last-Modified: Mon, 28 Nov 2022 15:00:49 GMT
Server: nginx
Content-Length: 279

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif

52.184.85.118

200 OK

258 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
258 kB (257993 bytes)
Hash
038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494405"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:25 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

lbfm.lbpictupian.com/upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg

104.22.12.214

200 OK

7.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.2 kB (7212 bytes)
Hash
6a2aff2dcfb0664ccc2282c5719dca38
b71513f6cf6d3021faaaed9e42c3a61fa416a835
c473cf8ebaaecfc9cbd017fde1f7bf5db01a56615f5b0ee4b90f130855091492

HTTP Headers

GET /upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/webp
content-length: 7212
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9321
content-disposition: inline; filename="l1ptmarpcmz1453l1ptmarpcmz476122.webp"
etag: "6383097b-2469"
last-modified: Sun, 27 Nov 2022 06:53:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77187780c8171bfe-OSL
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
8bfc2b394cac51ed4982754fd4bcab31
fafe1c7812c96a04198d39cbe138d5a48c19cb01
d2c36b0e8d31ab5bf10eaee541e81b47bfa7d17822b67749f5b4cb8166048b13

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=595
Date: Tue, 29 Nov 2022 04:05:46 GMT
Connection: keep-alive
X-N: S

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg

104.22.12.214

200 OK

7.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.2 kB (7200 bytes)
Hash
4858cbdc894b0a591319a947ff5d5db3
e01e4efdccc57ae3baf8f24a10dd9a726904f766
da1e76bdee447c2fc67b2da81b4067947f4cee2798ecf0903f16d9fb10b64c81

HTTP Headers

GET /upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/webp
content-length: 7200
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8578
content-disposition: inline; filename="q2aftvnkn2q1356q2aftvnkn2q145240.webp"
etag: "638058fe-2182"
last-modified: Fri, 25 Nov 2022 05:56:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77187780c8161bfe-OSL
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
5dcd74d32e0597d2f5109fa4d4204c71
fca51498f24acf9cf869624908b0bb91b7660d85
be79f422421ec695d30c36ad7cc3f9602cea6a76e2a7ff6a182ce1142ba94a1b

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=147
Date: Tue, 29 Nov 2022 04:05:46 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
8bfc2b394cac51ed4982754fd4bcab31
fafe1c7812c96a04198d39cbe138d5a48c19cb01
d2c36b0e8d31ab5bf10eaee541e81b47bfa7d17822b67749f5b4cb8166048b13

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=647
Date: Tue, 29 Nov 2022 04:05:46 GMT
Connection: keep-alive
X-N: S

lbfm.lbpictupian.com/upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg

104.22.12.214

200 OK

8.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.7 kB (8736 bytes)
Hash
7bfbd10c68b3b32f40128c92669b07cb
43b9f512dcf14d6e601fe2957013878d3776bc90
415c375b82e01d275b8f617318c7251c31d5fb14bd92366e0ca3ec9d711492dd

HTTP Headers

GET /upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/webp
content-length: 8736
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10968
content-disposition: inline; filename="2akielas4ot14532akielas4ot386104.webp"
etag: "63830972-2ad8"
last-modified: Sun, 27 Nov 2022 06:53:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77187780c8131bfe-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg

104.22.12.214

200 OK

8.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.5 kB (8502 bytes)
Hash
470fbc0b663330b5a2fd1c629f26c7a1
8e259d89553d796f1c8fe0d0592a390242787384
b7169cb05b7a76be7d7151047de2f729af659bb75e5bd953edc027b18eebd78d

HTTP Headers

GET /upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/webp
content-length: 8502
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9636
content-disposition: inline; filename="bv24ubfd0w11334bv24ubfd0w1463373.webp"
etag: "6379bc76-25a4"
last-modified: Sun, 20 Nov 2022 05:34:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77187780c8151bfe-OSL
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif

52.184.85.118

200 OK

133 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
133 kB (133073 bytes)
Hash
f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

kveff.com/68a7807de3933bf7079116fa9df99e6f.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: text/html
content-length: 162
location: https://max002.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7c0a255a9839d323de72a8e074ab3f64
9dca00b5ae547deaa3df7e1258632703382134ed
7c0f48c436f578eeafe11d5d5d480b3995297ebd7e83efbf9e70d0435979130f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 18:12:20 GMT
Expires: Sun, 04 Dec 2022 18:12:19 GMT
Etag: "9dca00b5ae547deaa3df7e1258632703382134ed"
Cache-Control: max-age=482192,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187783a880fac4-OSL

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif

52.184.85.118

200 OK

132 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
132 kB (131724 bytes)
Hash
6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

kvhxxx.top/4bf88adf466b90cef3686374a27fc0e2.gif

104.21.235.31

200 OK

507 kB

URL HTTP/2
kvhxxx.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP
104.21.235.31:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
507 kB (506851 bytes)
Hash
720e80d2a7ff4cf1bbf0b1608c2f35de
bf0a987ac8d4c7728171fe41e5c45b61b45a2f73
e177aeb64efe8103f8af0afc0a768394d970bbe60edcf103a083d56b915c18b1

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvhxxx.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 506851
last-modified: Sat, 26 Nov 2022 07:23:09 GMT
etag: "6381bedd-7bbe3"
expires: Mon, 26 Dec 2022 07:44:29 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 246077
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OTF8nKa%2FHyAhWxnMrOrGnWMVvt%2B6T8OlMdpH%2FMNxZ8AhMSpsDan%2FTX%2BQ6jHRiEdTwdKmmzyPCs41CfC2i9YwLLl8cIEg88dhItu4F6OHtoJfDafC9JQt1Cjkpxh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771877833e1e888b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b90107aa3c563acdc194853c5704d99a
e5053c180140bdb839e6bb32de7188e248506a94
cd5447d7005115a79566f447d08cc879fcaa366ab9abd0f3d99084f6a6a8c949

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 13:44:20 GMT
Expires: Mon, 05 Dec 2022 13:44:19 GMT
Etag: "e5053c180140bdb839e6bb32de7188e248506a94"
Cache-Control: max-age=552512,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187783fdbfb4e8-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
7d22f279fb06e2257a10f1f343db46da
713e6f6e7fb101801cdb788aad5545d1e4003459
6d18eb37fdf20cb0811f10b9b038b5d240f3037e0562f7a785658b03871314c1

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 04:39:31 GMT
Expires: Sat, 03 Dec 2022 04:39:30 GMT
Etag: "713e6f6e7fb101801cdb788aad5545d1e4003459"
Cache-Control: max-age=347023,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187783f8d9b50c-OSL

kvhxxx.top/7546c860e55fa3bf22e5cd95994dd097.gif

104.21.235.31

200 OK

685 kB

URL HTTP/2
kvhxxx.top/7546c860e55fa3bf22e5cd95994dd097.gif
IP
104.21.235.31:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 384 x 216\012- data
Size
685 kB (684992 bytes)
Hash
6f531c957ea61da41ab38ccc064ac606
e2c1ccf65b2c8e2dadee1bd61ecf5539a2100825
e1094802df1cac8e84815e0d8807bbb5e73e161994c773d3a58d201f918d64b3

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvhxxx.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 684992
last-modified: Tue, 22 Nov 2022 11:00:48 GMT
etag: "637cabe0-a73c0"
expires: Mon, 26 Dec 2022 10:45:40 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 235206
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9MlICZrtkp012mnvLQGQ6CVjlL7vX983RcFrvH8G6Cjk0bQ8JYpH1icAqHHdyCaaZDpRgj%2FQxxvq%2F%2BzIQQvuZuFZCTzYCJ0iKspiIMWAU%2FM4wAvT45ovUgtlquC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187783be7b888b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif

120.77.166.72

200 OK

112 kB

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 640 x 350\012- data
Size
112 kB (112297 bytes)
Hash
8bb96c4387fdae545693ec79e18c0278
e0428e9c4e3f04c38ef89e236c37e523151329c6
0222f1b7240cf95fca28796002c45ea1b6cd976750e3223f25d2aaeeb1b6c106

HTTP Headers

GET /1212/af640x350.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: image/gif
Content-Length: 112297
Connection: keep-alive
x-oss-request-id: 63858519511B14363345C2FA
Accept-Ranges: bytes
ETag: "8BB96C4387FDAE545693EC79E18C0278"
Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9438539724646848523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i7lsQ4f9rlRWk+x54YwCeA==
x-oss-server-time: 1

www.jxys16.xyz/template/m1938pc/static/css/1.css

173.231.38.5

200 OK

68 kB

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/css/1.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
68 kB (67992 bytes)
Hash
3c7cf0d8325ff2759f5c948a7b857ccd
fb0440341dfc062b527452deedfab9a93bbe3c74
fc2e44188f4741a84de57a899c55a02d6d477dc4af72a50be23499b3d6f19b17

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Tue, 29 Nov 2022 16:05:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
c89fd394fcc2c1afd2d557ac08e53187
3e61c69da6e84992641895fd1e1f0792839a445c
502724033466614fee67407f17aa8d65dd13413b92a5537c124401b2944db30b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 13:11:48 GMT
Expires: Mon, 05 Dec 2022 13:11:47 GMT
Etag: "3e61c69da6e84992641895fd1e1f0792839a445c"
Cache-Control: max-age=550560,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771877843e58b51b-OSL

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
fc796901ab3b12631015f01cd27c8d23
d04e98b67b1455b1a6fb826506eef6f72297c187
481c32f7f67f95e55a1facfdde3cdb7917e686d1ba1979f96089cb9d3b4f834a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "481C32F7F67F95E55A1FACFDDE3CDB7917E686D1BA1979F96089CB9D3B4F834A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Tue, 29 Nov 2022 10:05:45 GMT
Date: Tue, 29 Nov 2022 04:05:46 GMT
Connection: keep-alive

5199qq.com/db431bafa2474156b9fddc3d9c277b4d.gif

45.61.212.47

200 OK

177 kB

URL HTTP/1.1
5199qq.com/db431bafa2474156b9fddc3d9c277b4d.gif
IP
45.61.212.47:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 240 x 140\012- data
Size
177 kB (176976 bytes)
Hash
5c383b781891f009bfe7545eb03e78d9
75d4973454dc1243aeb3e10c8f58033b904f55a0
3fcb048f35db216dd311386f685b6dd7ed68384951f09cc018287cdb49d1d35b

HTTP Headers

GET /db431bafa2474156b9fddc3d9c277b4d.gif HTTP/1.1
Host: 5199qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62da66b6-2b350"
Date: Fri, 25 Nov 2022 07:56:05 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 22 Jul 2022 08:58:30 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 176976

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif

52.184.85.118

200 OK

143 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
143 kB (142810 bytes)
Hash
e7fa5fab9c6f638bf6e867ab976713a1
0e04672bf56def9eb8eef15e9aedc4b6ead6dd05
1145d5d9f499e6f3e2818a598b72cf02ff750ba41752bc94ff06513a522ee23e

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958053685368.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg

172.247.77.90

200 OK

5.1 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.1 kB (5133 bytes)
Hash
b4fe691a1e1838c9f1478958a1755ecc
342f266ceede5184e9cc944325d5644aad9373cd
e16caff401e9c45407df43293ca846a805d8a8fa2893df39b000d5e76bdb4969

HTTP Headers

GET /upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 29 Nov 2022 04:07:33 GMT
Content-Type: image/jpeg
Content-Length: 5133
Last-Modified: Wed, 09 Nov 2022 08:20:59 GMT
Connection: keep-alive
ETag: "636b62eb-140d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg

113.96.208.98

403 Forbidden

0 B

URL HTTP/2
yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg
IP
113.96.208.98:0
ASN
#4134 Chinanet

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fsna/kf-file/kf_pic/20221107/KFPIC_7db66d4b4375cdda5_WXIMAGE_11e1663475c041228fe7a73c0e715a19.jpg HTTP/1.1
Host: yzf.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Tue, 29 Nov 2022 04:05:46 GMT
content-length: 0
set-cookie: tgw_l7_route=f690564c543fe1be3bf9ecd86f047974; Expires=Tue, 29-Nov-2022 04:10:46 GMT; Path=/
server: nginx/1.12.2
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8e0789bb2bc9a874851ab94715e0c4ea
67e2f77f911af0a02645225112019e52578093ce
0a4da1783e783d1776fcb5060c21062e3dd058845322cf7629c2eb04a419f81c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A4DA1783E783D1776FCB5060C21062E3DD058845322CF7629C2EB04A419F81C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 29 Nov 2022 10:05:46 GMT
Date: Tue, 29 Nov 2022 04:05:46 GMT
Connection: keep-alive

fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg

172.247.77.90

200 OK

8.0 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.0 kB (8028 bytes)
Hash
94cce198be510e7dad60f740fbecec8c
8314c91f10f5ec38742b3780681e6cec16190d2e
59267bae18e01a3c0744581e1376c17fd507651854a3122056d887b4d9e66f0a

HTTP Headers

GET /upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 29 Nov 2022 04:07:33 GMT
Content-Type: image/jpeg
Content-Length: 8028
Last-Modified: Wed, 09 Nov 2022 08:20:55 GMT
Connection: keep-alive
ETag: "636b62e7-1f5c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif

52.184.85.118

200 OK

138 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
138 kB (137556 bytes)
Hash
bd3f6c291cab93e830a11147c254ba40
84e34f4b6d924250b792926a4000b057496a171c
f83c49320f5c7ebedeeb3c449113fc15dd505bcc55a074c6c4cbebc3fb3a209f

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958002923244.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif

52.184.85.118

200 OK

252 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
252 kB (251962 bytes)
Hash
feb5419ef22c0a10470f6cfe2b0f1517
412e6b8e6f4244071851549b9d5ba5fdf9a5b631
d889e702650ec0543cef9a6d281f576366872f31463f3b707498aac5cef2ae07

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg

172.247.77.90

200 OK

14 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
14 kB (14304 bytes)
Hash
8943af77fc234d1e4a935f8ff3007471
5316de2c0e183897735ae3f64ddc21172c9427bf
0bd345fe3484025bd9e72a45f52e661e91f606531c48f60f97a39f598187acad

HTTP Headers

GET /upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 29 Nov 2022 04:07:33 GMT
Content-Type: image/jpeg
Content-Length: 14304
Last-Modified: Wed, 09 Nov 2022 08:21:51 GMT
Connection: keep-alive
ETag: "636b631f-37e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_46dfb3e9274e23e0d_WXIMAGE_627304b737364e258e066967a8a60033.jpg

113.96.208.98

403 Forbidden

0 B

URL HTTP/2
yzf.qq.com/fsna/kf-file/kf_pic/20221107/KFPIC_46dfb3e9274e23e0d_WXIMAGE_627304b737364e258e066967a8a60033.jpg
IP
113.96.208.98:0
ASN
#4134 Chinanet

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fsna/kf-file/kf_pic/20221107/KFPIC_46dfb3e9274e23e0d_WXIMAGE_627304b737364e258e066967a8a60033.jpg HTTP/1.1
Host: yzf.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Tue, 29 Nov 2022 04:05:46 GMT
content-length: 0
set-cookie: tgw_l7_route=f269fee9b6566b9c6f92d3317870bb0e; Expires=Tue, 29-Nov-2022 04:10:46 GMT; Path=/
server: nginx/1.12.2
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif

52.184.85.118

200 OK

279 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
279 kB (278909 bytes)
Hash
cbbb3d8ff70b59b11fd1182f7e5d77e9
06af5df2b2aeaa07b578979ee331b52e1f298323
f62a633b62c1dea5bca396206d4956bf14db30141e6e524bf3a00e3588c1c893

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894518194257.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:11:44 GMT
ETag: "1667491904"
Expires: Sat, 03 Dec 2022 16:11:44 GMT
Last-Modified: Thu, 03 Nov 2022 16:11:44 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif

52.184.85.118

200 OK

157 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
157 kB (157109 bytes)
Hash
b2ab67245d12303f5bbafd7d9b5f0114
44e3a620562fb6e6542b21d4ff534057d7dbe116
44748a35ac18f29a7fb6aa261701604648c5a5c2edf8b6a4d7789ef52b992afe

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958086287321.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b

47.246.44.226

200 OK

671 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 640 x 480\012- data
Size
671 kB (670683 bytes)
Hash
61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732

HTTP Headers

GET /obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Sun, 27 Nov 2022 03:26:09 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 10:44:10 GMT
nw-session-id: 202211261844100101501381450DA82CF8k59t601dy
nw-session-trace: 2022-11-26T18:44:10.583169317+08:00 91
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 18:44:10 GMT
x-tt-logid: 202211261844100101501381450DA82CF8
via: n150-112-092, cache19.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache5.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce1081cd61dd4259176fc7f86da45d743ce8532946c5a051118493d5da77ae87a547e180e5da93c00104f9d2e0ea2a855fafc0ca649815bfa37ddcded05b5ba755539d0cf24e7ccff40da43c5dffb94cd97733
x-response-lb: image
ali-swift-global-savetime: 1669519569
age: 175177
x-cache: HIT TCP_MEM_HIT dirn:4:230329289 mlen:0
x-swift-savetime: Sun, 27 Nov 2022 23:45:44 GMT
x-swift-cachetime: 31462825
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716696947464338761e
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif

52.184.85.118

200 OK

259 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
259 kB (258804 bytes)
Hash
70649fd49138ca6897fe0c9365470117
f0cbcec39497ab084adb72c03a6225c2144c6866
48f51d425b1ad9363336bc2edf9009cbfd17d0c24f817fe60fec9e6ed258e5b0

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894256451036.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:12:36 GMT
ETag: "1667491956"
Expires: Sat, 03 Dec 2022 16:12:36 GMT
Last-Modified: Thu, 03 Nov 2022 16:12:36 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
b6607f0428ad18c923ac202d3c27d52a
29edc43ed06f535c1e03e413cb626143c1f5365f
4bf1dbe3570119b51bf65d5af3c0064dff22156de04e2357ffac24ec6fa6f55d

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 11:06:55 GMT
Expires: Sat, 03 Dec 2022 11:06:54 GMT
Etag: "29edc43ed06f535c1e03e413cb626143c1f5365f"
Cache-Control: max-age=370267,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718778408540b45-OSL

p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0

47.246.44.226

200 OK

358 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 440 x 240\012- data
Size
358 kB (358276 bytes)
Hash
40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43

HTTP Headers

GET /obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Fri, 21 Oct 2022 06:41:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:37:28 GMT
nw-session-id: 20221021143728010175136074453D5CBFz8wd402dy
nw-session-trace: 2022-10-21T14:37:28.551011358+08:00 71
x-bdcdn-cache-status: TCP_HIT
x-length: 358276
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:37:28 GMT
x-tt-logid: 20221021143728010175136074453D5CBF
via: n204-098-037, cache6.l2de2[0,0,206-0,H], cache14.l2de2[4,0], cache14.l2de2[5,0], cache1.se1[0,0,200-0,H], cache3.se1[2,0]
x-request-ip: fdbd:dc01:25:80::214
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 0117853d8cc79e5d77738cab4f594f364156c824771e29f615804f746fdb99e074612b530aaff0431fb3c2f771771ecafad581836a17d7ab7f11b242956cf29bfa52e7a0c525a19a5811d03d87a864a9c15e73d6d056b582e53a7965d856d36e13
x-response-lb: image
ali-swift-global-savetime: 1666334511
age: 3360235
x-cache: HIT TCP_MEM_HIT dirn:2:268256394
x-swift-savetime: Fri, 21 Oct 2022 08:23:11 GMT
x-swift-cachetime: 31529920
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716696947464358763e
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
db2d862fefbb78e2f23ac757eeae8a20
ba181287c29d26ff046159841d8eb2f78e555328
1088c17ed2d396e1ff9393147e7090de6ac68daf777ccac080323a455537f224

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 13:28:31 GMT
Expires: Sat, 03 Dec 2022 13:28:30 GMT
Etag: "ba181287c29d26ff046159841d8eb2f78e555328"
Cache-Control: max-age=378763,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187784a8cefac4-OSL

p3.douyinpic.com/obj/tos-cn-i-dy/4ff1a513aa73420d92efe66a30521499

47.246.44.226

200 OK

259 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/4ff1a513aa73420d92efe66a30521499
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 360 x 200\012- data
Size
259 kB (259076 bytes)
Hash
ad8804ad8d49acffd23bef3ef0efa8ba
1f6122fb71f9b79e5b1722b64daec32148782471
8f6ef9996b2b5cd29454246e746671d329fbe7dbeecd832a1b09dfbcfd15b6d4

HTTP Headers

GET /obj/tos-cn-i-dy/4ff1a513aa73420d92efe66a30521499 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 259076
date: Mon, 28 Nov 2022 09:44:34 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 28 Nov 2022 06:27:50 GMT
nw-session-id: 202211281427500101420440184B7D58EFlh2rg02dy
nw-session-trace: 2022-11-28T14:27:50.875609873+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 259076
x-powered-by: ImageX
x-response-date: Mon, 28 Nov 2022 14:27:50 GMT
x-tt-logid: 202211281427500101420440184B7D58EF
via: n204-098-222, cache12.l2de2[0,0,206-0,H], cache19.l2de2[1,0], cache19.l2de2[1,0], cache2.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc01:25:582::100
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01df2d809375c40a2a727e6f3d348595ad9fa3940e5b7c1893f284b4ddfd65a0131d7c1e86b736b94f6525f1191a308ec01b0949c8726d64b2867ece2a0b4aa23272388e728edd473931079e032ea4f331d3856f99b6b580fa84b1ae1e9fce94a3
x-response-lb: image
ali-swift-global-savetime: 1669628674
age: 66072
x-cache: HIT TCP_MEM_HIT dirn:6:7807171
x-swift-savetime: Mon, 28 Nov 2022 10:01:17 GMT
x-swift-cachetime: 31534997
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716696947464528769e
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
9c05d374f5f2676fdc07246d7dac6a09
8ab143f32b5ae4ebc9ce407ff3b30cb5a374f844
2cc72e675b1903a739bf9c00bb6121020015c2f44c77433926a9e8d564715752

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 12:43:08 GMT
Expires: Sun, 04 Dec 2022 12:43:07 GMT
Etag: "8ab143f32b5ae4ebc9ce407ff3b30cb5a374f844"
Cache-Control: max-age=462440,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187784be16b4e8-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
db2d862fefbb78e2f23ac757eeae8a20
ba181287c29d26ff046159841d8eb2f78e555328
1088c17ed2d396e1ff9393147e7090de6ac68daf777ccac080323a455537f224

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 13:28:31 GMT
Expires: Sat, 03 Dec 2022 13:28:30 GMT
Etag: "ba181287c29d26ff046159841d8eb2f78e555328"
Cache-Control: max-age=378763,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187784eeaab51b-OSL

sysupload.csiteadmin.com/static/uploads/image/x22/20221011/1665488736300773.gif

52.184.85.118

200 OK

144 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221011/1665488736300773.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
144 kB (143652 bytes)
Hash
8daacd0fa11caf19d79c021488006888
a8f6cf9ab8a92ac90a0a43b89bccf574cfe1b7ce
78538e6491052878c6d573ac5fa7deab612a7dfc3b8916147c8bfd81ae7ceb59

HTTP Headers

GET /static/uploads/image/x22/20221011/1665488736300773.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 10 Nov 2022 11:45:43 GMT
ETag: "1668080743"
Expires: Sat, 10 Dec 2022 11:45:43 GMT
Last-Modified: Thu, 10 Nov 2022 11:45:43 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
861fe3fb01d4882f88674de4af400667
064709f591d008556d07dcdd0d110e8fda18b647
f34a0cb433fd538da42e2437e3d82f3adb7d289fb7cc2d900bfba91bc1346bdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124616
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:46 GMT
Etag: "6384c8e2-117"
Expires: Wed, 30 Nov 2022 14:42:42 GMT
Last-Modified: Mon, 28 Nov 2022 14:42:42 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
21bea8096491718af984cf073dccf0e7
b3202e7248e96e8582a67a9aac234c85487e5952
3135a4a10ad79856c895b20fecefbe9e180fa79623e70e5258ee5cb35f902a9f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125702
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:46 GMT
Etag: "6384cd20-118"
Expires: Wed, 30 Nov 2022 15:00:48 GMT
Last-Modified: Mon, 28 Nov 2022 15:00:48 GMT
Server: nginx
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8ee14b35b8ec6377d463be24af91bbea
64b5ef391aec745b8371614b5919a6111c588df0
37f75e412f3287c2941825dea84761c3d0c5b30773879a3a6b150c3bf9e0c04b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=125704
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:46 GMT
Etag: "6384cd21-117"
Expires: Wed, 30 Nov 2022 15:00:50 GMT
Last-Modified: Mon, 28 Nov 2022 15:00:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
21bea8096491718af984cf073dccf0e7
b3202e7248e96e8582a67a9aac234c85487e5952
3135a4a10ad79856c895b20fecefbe9e180fa79623e70e5258ee5cb35f902a9f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125702
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:46 GMT
Etag: "6384cd20-118"
Expires: Wed, 30 Nov 2022 15:00:48 GMT
Last-Modified: Mon, 28 Nov 2022 15:00:48 GMT
Server: nginx
Content-Length: 280

nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif

104.21.55.74

200 OK

1.1 MB

URL HTTP/2
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
1.1 MB (1082384 bytes)
Hash
a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1254712
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Bt5oIZ%2BpcArfPWNGnTeS6hI%2BtZgTRwrS6hoTyTPb4v%2BJTN3m52e1H%2FZsdp8Vz%2BXUHssx%2FxKDoeJ6zHEks5Sy%2BY7vPq12JKuoYQu8Xgc08pGjO%2BKQ1vTT1NrUN1G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771877864b250afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif

120.77.166.119

200 OK

614 kB

URL HTTP/1.1
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP
120.77.166.119:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
614 kB (614471 bytes)
Hash
b5d129edaaaec2db9b9fbdbb13e162ff
65f3ce758707891ffd332f10aa834db951797eff
5d05e4e57c27de7a91acd77be5e011b27d207edf3125163ab66dc23af7dd2952

HTTP Headers

GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: image/gif
Content-Length: 614471
Connection: keep-alive
x-oss-request-id: 63858519D17D343639C371ED
Accept-Ranges: bytes
ETag: "B5D129EDAAAEC2DB9B9FBDBB13E162FF"
Last-Modified: Sun, 20 Nov 2022 08:15:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1485979328286445117
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: tdEp7aquwtubn727E+Fi/w==
x-oss-server-time: 1

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958351815456.gif

52.184.85.118

200 OK

122 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958351815456.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
122 kB (122077 bytes)
Hash
37114d23edd40ed9e0901b4a9719e67b
203de7186613dabd8a3468c1869544447c99edaa
3c27d4f44ba0e325468830935351ed317f9db77d46ff0d07154900e5f41ec4de

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958351815456.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

www.jxys88.net/news/list.php

173.231.12.68

200 OK

65 kB

URL HTTP/2
www.jxys88.net/news/list.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
65 kB (64825 bytes)
Hash
967d5ff4eeb327642bbdc4a4f3826796
d3aee481205658aa7b18466443a626adf7740922
939f8c66bf493887a8ce9dd53abb91b4f617a206cad67b17376fa06cf599f933

HTTP Headers

GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/dFBzDyqgPsM

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/dFBzDyqgPsM
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d6df8a11dbe77c32c1fb32bf69e1b3d8
840b8701a0542d3e30eaffe3920f285151afdac1
6729aeb5b790eb173f4287cf98b6490a3a15805a919c09022e224b174d231162

HTTP Headers

POST /s/gts1p5/dFBzDyqgPsM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664957978608725.gif

52.184.85.118

200 OK

108 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664957978608725.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
108 kB (108092 bytes)
Hash
44f342e4357af0d5256493db6e7fc924
2f62b8f1d1c167566367105d5cae6dc52dc73133
156f4985af424639dd35a2ec1f77217a45781e148a4504f4109b48c2d71a0cfa

HTTP Headers

GET /static/uploads/image/x26/20221005/1664957978608725.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:19:47 GMT
ETag: "1667549987"
Expires: Sun, 04 Dec 2022 08:19:47 GMT
Last-Modified: Fri, 04 Nov 2022 08:19:47 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958058465466.gif

52.184.85.118

200 OK

119 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958058465466.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
119 kB (118706 bytes)
Hash
3af8a82b93e6db570c683b4c6e5f0450
937c3dd1c9fffec78b039ec5973008e928e279bf
ea57b0fdaf3bb2d726e9677a4b7ac267b8ca18b7e8e4abcb6b8e02fa6e89b383

HTTP Headers

GET /static/uploads/image/x26/20221005/1664958058465466.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:21:04 GMT
ETag: "1667550064"
Expires: Sun, 04 Dec 2022 08:21:04 GMT
Last-Modified: Fri, 04 Nov 2022 08:21:04 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
861fe3fb01d4882f88674de4af400667
064709f591d008556d07dcdd0d110e8fda18b647
f34a0cb433fd538da42e2437e3d82f3adb7d289fb7cc2d900bfba91bc1346bdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124616
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:46 GMT
Etag: "6384c8e2-117"
Expires: Wed, 30 Nov 2022 14:42:42 GMT
Last-Modified: Mon, 28 Nov 2022 14:42:42 GMT
Server: nginx
Content-Length: 279

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958243131147.gif

52.184.85.118

200 OK

133 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958243131147.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
133 kB (132742 bytes)
Hash
917f961ed729bc558e9962fd1484dbe2
f0962f3292c4097bb4f6a4ae63ca765714c7262d
51fd38511ac427eaad10ac504a836bb4ad732c51176e3cf8a6eca65df60302eb

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958243131147.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

kvhiii.top/0eddc09b941df608c7dbb65fd7344c05.gif

104.21.234.203

200 OK

501 kB

URL HTTP/2
kvhiii.top/0eddc09b941df608c7dbb65fd7344c05.gif
IP
104.21.234.203:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 384 x 216\012- data
Size
501 kB (500709 bytes)
Hash
034336a5237349a60154dea96de80b58
3542d0bbdf703508930fc994eabce17681c818fa
602d2dfc2f528acbe33ca7ff13c163f8ea4f908fc7aed58c4d3a50a5931ccc0d

HTTP Headers

GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 500709
last-modified: Sun, 26 Jun 2022 12:08:26 GMT
etag: "62b84c3a-7a3e5"
expires: Mon, 26 Dec 2022 01:23:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 268908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmwNwltl9eOqocXj5veSRmmybS5z%2BhvSqvgLuFsOvSny%2BPan98gZkkLVUUh6bEMH6%2FnqICN8h%2FOaBRiyc5M5VLb%2BzQTeb0r03kuQI2IKdfGbp5jfIshlNSE6qeuz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771877865ed9731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664957962898269.gif

52.184.85.118

200 OK

136 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664957962898269.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
136 kB (135617 bytes)
Hash
e2b3f17c74651d10d199dc95cb7bdf21
173e21137df4427a1bb417a60162e604fa43fe36
590d8375f2b0dd21dc6eecc7a14f3e939b3f4838784f0e1da463aa29a36e3a61

HTTP Headers

GET /static/uploads/image/x22/20221005/1664957962898269.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
861fe3fb01d4882f88674de4af400667
064709f591d008556d07dcdd0d110e8fda18b647
f34a0cb433fd538da42e2437e3d82f3adb7d289fb7cc2d900bfba91bc1346bdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=124616
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:05:46 GMT
Etag: "6384c8e2-117"
Expires: Wed, 30 Nov 2022 14:42:42 GMT
Last-Modified: Mon, 28 Nov 2022 14:42:42 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

max002.top/68a7807de3933bf7079116fa9df99e6f.gif

104.21.233.254

200 OK

366 kB

URL HTTP/2
max002.top/68a7807de3933bf7079116fa9df99e6f.gif
IP
104.21.233.254:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
366 kB (366444 bytes)
Hash
86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: max002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sun, 25 Dec 2022 12:12:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 316398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2q%2BX6FlIO2GcWGH7xEDK%2FHKitjj2ShUzSQ%2BB3j6P%2BVwl02dLRhMcbqm5hQMaLvhprUssQrtM%2FyrorjTiikmKMcDkMKkeGImobQaL%2BhAUIMiwyYZcyhWFBgvgNqEj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187786686271b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif

104.21.55.74

200 OK

524 kB

URL HTTP/2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 325 x 143\012- data
Size
524 kB (523775 bytes)
Hash
2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Fri, 16 Dec 2022 18:59:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1069592
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIeg13IbE1rSyEZ5QLM3tuZKqTAh12e71Q5cYyCWhl4l1dnNwosiu6LcpUtx%2Fct9wQ8eOAu3bdnHmJbuNzFDxJMzrSbwyLfYaAbz3VGdwSPEuSUXclOKOZK8g6IJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771877879b740afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

n0566.com/930e01d640b64ec088f2b1425d5bf100.gif

20.222.119.28

200 OK

39 kB

URL HTTP/1.1
n0566.com/930e01d640b64ec088f2b1425d5bf100.gif
IP
20.222.119.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 300 x 174\012- data
Size
39 kB (38658 bytes)
Hash
cd246f11bfaa71b1104355cd399cfe1a
cb176b03649f6bfc9b14be7171f71af26a591750
abbdeeed18db78c21f10aaa3059fdb6e11f7a30ace6ee9c59a144dd0aaf383e1

HTTP Headers

GET /930e01d640b64ec088f2b1425d5bf100.gif HTTP/1.1
Host: n0566.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 28 Nov 2022 11:38:23 GMT
ETag: W/"63849daf-b343"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958027512691.gif

52.184.85.118

200 OK

271 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221005/1664958027512691.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
271 kB (270639 bytes)
Hash
8a598123a6c21612760ffc08cd6ddd05
b6bc973f2e717c2077eae5f43163fde18981eb30
349c245fb89068bc9236b8960f553a1bca367b07e75b988f67383ca21ff68908

HTTP Headers

GET /static/uploads/image/x26/20221005/1664958027512691.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:20:33 GMT
ETag: "1667550034"
Expires: Sun, 04 Dec 2022 08:20:33 GMT
Last-Modified: Fri, 04 Nov 2022 08:20:34 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

www.jxys16.xyz/template/m1938pc/static/css/style.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/css/style.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Tue, 29 Nov 2022 16:05:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.2557u.com/images/638454d8b5eb6667f536d127.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.2557u.com/images/638454d8b5eb6667f536d127.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638454d8b5eb6667f536d127.gif HTTP/1.1
Host: img.2557u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5cd35a27ffb84b129a891385b65cc0a7
X-Firefox-Spdy: h2

539397377.com/db431bafa2474156b9fddc3d9c277b4d.gif

47.75.19.145

200 OK

0 B

URL HTTP/1.1
539397377.com/db431bafa2474156b9fddc3d9c277b4d.gif
IP
47.75.19.145:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /db431bafa2474156b9fddc3d9c277b4d.gif HTTP/1.1
Host: 539397377.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:05:46 GMT
Content-Type: image/gif
Content-Length: 176976
Connection: keep-alive
x-oss-request-id: 6385851ADD75B735351589BE
Accept-Ranges: bytes
ETag: "5C383B781891F009BFE7545EB03E78D9"
Last-Modified: Fri, 23 Sep 2022 09:18:01 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8278321731206139918
x-oss-storage-class: Standard
Content-MD5: XDg7eBiR8Am/51ResD542Q==
x-oss-server-time: 2

img.9197x.com/images/638454e5b5eb6667f536d129.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.9197x.com/images/638454e5b5eb6667f536d129.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638454e5b5eb6667f536d129.gif HTTP/1.1
Host: img.9197x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4ff1a513aa73420d92efe66a30521499
X-Firefox-Spdy: h2

aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif

47.56.33.49

200 OK

0 B

URL HTTP/1.1
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
IP
47.56.33.49:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif HTTP/1.1
Host: aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: image/gif
Content-Length: 294418
Connection: keep-alive
x-oss-request-id: 638585197E084E3233ED7CB1
Vary: Origin
Accept-Ranges: bytes
ETag: "B5F554E2887180883376A154C0D49550"
Last-Modified: Tue, 25 Jan 2022 08:46:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7927258656666560621
x-oss-storage-class: Standard
Content-Disposition: inline;filename=899E8306-3565-4974-AD46-916F3A0C3E17.gif
Content-MD5: tfVU4ohxgIgzdqFUwNSVUA==
x-oss-server-time: 2

www.jxys88.net/news/index.php

173.231.12.68

200 OK

0 B

URL HTTP/2
www.jxys88.net/news/index.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

8499225.com/8499/s/960x60.gif

162.209.128.164

200 OK

0 B

URL HTTP/2
8499225.com/8499/s/960x60.gif
IP
162.209.128.164:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /8499/s/960x60.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "50d23-5ed03b0c9c3d8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

img.9623x.com/images/6381f76ffbdac46b425ad663.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.9623x.com/images/6381f76ffbdac46b425ad663.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6381f76ffbdac46b425ad663.gif HTTP/1.1
Host: img.9623x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb
X-Firefox-Spdy: h2

p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0

43.129.255.47

200 OK

0 B

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
IP
43.129.255.47:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 208040
vary: Accept,Origin
last-modified: Fri, 25 Nov 2022 04:38:13 GMT
cache-control: max-age=2592000
x-delay: 37272 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 208040
chid: 0
fid: 0
x-nws-log-uuid: 1d7fd159-abed-4374-b7dd-a020bbe322d0
X-Firefox-Spdy: h2

img.9712x.com/images/63523e235fe50f0585d3ef83.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.9712x.com/images/63523e235fe50f0585d3ef83.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/63523e235fe50f0585d3ef83.gif HTTP/1.1
Host: img.9712x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
X-Firefox-Spdy: h2

sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif

120.77.166.72

200 OK

0 B

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /af/q960x120-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 29 Nov 2022 04:05:45 GMT
Content-Type: image/gif
Content-Length: 478685
Connection: keep-alive
x-oss-request-id: 638585191911E9343376C79E
Accept-Ranges: bytes
ETag: "5BF732E915BAF1D960C69A7DFEB3EF7C"
Last-Modified: Tue, 27 Sep 2022 07:43:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8402549840524505905
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: W/cy6RW68dlgxpp9/rPvfA==
x-oss-server-time: 4

p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0

43.129.255.47

200 OK

0 B

URL HTTP/2
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
IP
43.129.255.47:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:56:24 GMT
cache-control: max-age=2592000
x-delay: 45092 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 0a4b97c6-956e-4596-af3e-174d21917c22
X-Firefox-Spdy: h2

taiwtp1.com/img/960240.gif

220.128.218.220

200 OK

0 B

URL HTTP/2
taiwtp1.com/img/960240.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:03:19 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Thu, 29 Dec 2022 04:03:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

kvhiii.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif

104.21.234.203

200 OK

0 B

URL HTTP/2
kvhiii.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
104.21.234.203:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys16.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:05:46 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sun, 26 Jun 2022 12:04:30 GMT
etag: "62b84b4e-1844d9"
expires: Fri, 16 Dec 2022 05:09:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1119367
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dli1EsU16NS0dVFvYf1QFu7aXx7x0vi7Z%2FV3Gas5UFmQNnvq1v2%2BJo4s6pTNmeJ0ivuK%2Bu7Tki3VFBu0kvNtkA7mnBRn9qF39DoenOEW0F79IQLkymmOAT815WGs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771877871f43731a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif

52.184.85.118

200 OK

0 B

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:33:51 GMT
ETag: "1668166431"
Expires: Sun, 11 Dec 2022 11:33:51 GMT
Last-Modified: Fri, 11 Nov 2022 11:33:51 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif

103.170.15.105

200 OK

0 B

URL HTTP/1.1
585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
IP
103.170.15.105:0
ASN
#7483 Skycloud Computing co., Ltd.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /41b638d808b64a4db1c3e57fb5622e78.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9085-27357"
Date: Fri, 25 Nov 2022 12:02:32 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:19:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-35
Content-Length: 160599

img.9219x.com/images/6381f7d0fbdac46b425ad664.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.9219x.com/images/6381f7d0fbdac46b425ad664.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6381f7d0fbdac46b425ad664.gif HTTP/1.1
Host: img.9219x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246
X-Firefox-Spdy: h2

img.2559u.com/images/636ce31fc474e9c06ec29f98.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/636ce31fc474e9c06ec29f98.gif HTTP/1.1
Host: img.2559u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
X-Firefox-Spdy: h2

img.1129555.com/images/6375e9e9e718d3da5a918058.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.1129555.com/images/6375e9e9e718d3da5a918058.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6375e9e9e718d3da5a918058.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/static/css/swiper.min.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/css/swiper.min.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Tue, 29 Nov 2022 16:05:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 13:22:18 GMT
vary: Accept-Encoding
etag: W/"6382130a-517"
expires: Tue, 29 Nov 2022 16:05:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

static.qwahk.com/960x60.gif

154.39.104.60

200 OK

0 B

URL HTTP/1.1
static.qwahk.com/960x60.gif
IP
154.39.104.60:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 477289
Content-Type: image/gif;charset=UTF-8
Date: Sun, 20 Nov 2022 00:49:41 GMT
ETag: "1668905382"
Last-Modified: Sun, 20 Nov 2022 00:49:42 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 anxun31:15 (W)
X-Cache: HIT, server, disk
X-Px: ms anxun31000(origin)
X-Reqid: 2019214167228180202211200849416LvsX43Qsampled
X-Ws-Request-Id: 637979a5_anxun31_27787-61124

www.jxys16.xyz/template/m1938pc/static/css/bootstrap.min.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/css/bootstrap.min.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:05:42 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Tue, 29 Nov 2022 16:05:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations