Report - qgkyiu.com/

Report Overview

Submitted URL
qgkyiu.com/
IP
104.148.98.104
ASN
#46573 LAYER-HOST
Submitted
2022-11-25 09:31:50
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.tupku.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	1.6 MB	172.67.200.40
kzeaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	798 B	844 B	98.126.214.50
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	6.1 kB	104.18.32.68
u1022.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	528 kB	45.61.212.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.3
www.bbnjd.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	130 kB	156.251.184.244
js.users.51.la	53024	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	277 B	2.7 kB	103.143.19.103
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
2588qq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	102 kB	103.170.15.91
986338dsd.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	359 kB	103.170.15.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	1.1 MB	151.101.85.229
kvezz.com	237784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	422 B	45.154.215.92
kvkggg.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	401 kB	172.67.154.165
www.qgkyiu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	894 B	2.0 kB	104.148.98.104
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.6 kB	93.184.220.29
2599qq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	579 kB	103.170.15.101
n0522.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	234 kB	104.208.83.207
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
n0533.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	91 kB	20.78.78.186
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	284 B	750 B	39.156.68.163
www.towelioctltykddpdt.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	674 B	2.4 kB	172.247.28.61
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	1.9 kB	104.18.21.226
kvkeee.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	800 B	149 kB	172.67.171.171
sysupload.csiteadmin.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	2.8 MB	52.184.85.118
p.qlogo.cn	48578	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	456 B	332 kB	43.154.254.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.82.48.240
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	47 kB	34.120.237.76
ak-d.tripcdn.com	71581	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	2.1 MB	96.6.16.143
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	23.36.76.226
p3.douyinpic.com	23536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	1.1 MB	47.246.44.227
u1099.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	383 kB	103.170.15.66
8499483.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	331 kB	23.224.101.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
img.1180555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	91.199.87.220
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.8 kB	172.64.155.188
img.1158555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	654 B	91.199.87.220
qgkyiu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	186 B	104.148.98.104

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	towelioctltykddpdt.xyz	Sinkholed
2022-11-25	medium	towelioctltykddpdt.xyz	Sinkholed
2022-11-25	medium	kvkggg.top	Sinkholed
2022-11-25	medium	2588qq.com	Sinkholed
2022-11-25	medium	986338dsd.com	Sinkholed
2022-11-25	medium	2599qq.com	Sinkholed

JavaScript (13)

	URL	Size	First Seen	Last Seen
	www.towelioctltykddpdt.xyz/js/jlys.js	3.9 kB	2023-03-07	2023-05-12
Pretty URL www.towelioctltykddpdt.xyz/js/jlys.js IP 172.247.28.61 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:45 Last Seen2023-05-12 09:08:41 Times Seen10 Hash 814c2484c1fe16dff3ef9a1407d61cad 1379beed7aa943d7c78990c50a4c80e376695a23 eb749a89daea7d137bb1b9f7ab0e39382379c62a60aaf6bab425649614e1768b Loading...

	www.qgkyiu.com/tj.js	202 B	2023-03-11	2023-03-26
Pretty URL www.qgkyiu.com/tj.js IP 104.148.98.104 ASN #46573 LAYER-HOST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:37 Last Seen2023-03-26 00:10:00 Times Seen2 Hash e164ca25f4fc840e6411d16dfadf8516 9427a9fab0a2b9ce0f88f454e0ea5dafdd0ab9ab ba2ba532d6f4c02357df00ac38aef3fc8764a2538f4dca9d95428f169717fe5c Loading...

	www.bbnjd.xyz/static/js/jquery.js	90 kB	2023-03-07	2024-04-23
Pretty URL www.bbnjd.xyz/static/js/jquery.js IP 156.251.184.244 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:57:17 Last Seen2024-04-23 18:26:41 Times Seen512 Hash f9bdfd807c7561b5a4eb97516f348321 0fa72756e48c33a6feeace1ffa5d790d58b53729 131c0d82967fed05e1920e519e0ea6ec91ab97b7c40480f72f8af8680bba1f0a Loading...

	www.bbnjd.xyz/	1.1 kB	2023-03-11	2023-03-11
Pretty URL www.bbnjd.xyz/ IP 156.251.184.244 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:13:15 Last Seen2023-03-11 19:44:37 Times Seen1 Hash ae3ccaf7a84ee5496f403b323aa514d4 7f9021dc50408dd2313dac2399f28d521f8f6131 f5d2f02e391d38e546c1e3b6c7a9c52a5f62b1c6a87feea7c6ada574e7bf80a7 Loading...

	www.qgkyiu.com/	404 B	2023-03-07	2024-04-18
Pretty URL www.qgkyiu.com/ IP 104.148.98.104 ASN #46573 LAYER-HOST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 08:01:19 Times Seen2975 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.qgkyiu.com/common.js	1.1 kB	2023-03-07	2023-05-12
Pretty URL www.qgkyiu.com/common.js IP 104.148.98.104 ASN #46573 LAYER-HOST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:45 Last Seen2023-05-12 09:08:41 Times Seen10 Hash e2e96d214a8e7f0ca2a37277ece233f5 fbbdb205a058fc8101b45951b64d3cda6fdeb6aa 93bdbe0f178532159cdb7bcbb6b8af856b114954228637f8a0186530e0897c28 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-24
Pretty URL push.zhanzhang.baidu.com/push.js IP 39.156.68.163 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-24 14:00:50 Times Seen18985 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 725aa46d2724cf9377ab6210ffcdf6ff	468 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 19:44:37 Last Seen2023-03-11 19:44:37 Times Seen1 Hash 725aa46d2724cf9377ab6210ffcdf6ff 4e5a6ec95da6973a451e33f9c06a713dbad6c89f 97d5f64bbce84595c57664e2fb168e0573041ee60b273fb54aa63a652ab9611f Loading...

		Size	First Seen	Last Seen
	#1 Write - 28aafff82977cfe267f210a666797938	449 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 19:44:37 Last Seen2023-03-11 19:44:37 Times Seen1 Hash 28aafff82977cfe267f210a666797938 336554208d7eaec5cfcd26f6278160ac66caa324 52192c66f5e344af0294a681f7a916addd38735d6420baa85901428019c9d46b Loading...

	#2 Write - 177d5d0add06484a8e72ef361e58a4c7	100 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 19:44:37 Last Seen2023-03-11 19:44:37 Times Seen1 Hash 177d5d0add06484a8e72ef361e58a4c7 f27303090feaac142ff764fa8ba5489a4ff59671 b1a4051b1f954ea452e505d79dfb722266c2ef7fadd3dedbf09616e08c55544b Loading...

	#3 Write - 8cad1ba47d55856571e2dbd35da5e1fc	92 B	2023-03-07	2023-05-12
Pretty Observations First Seen2023-03-07 13:21:45 Last Seen2023-05-12 09:08:41 Times Seen8 Hash 8cad1ba47d55856571e2dbd35da5e1fc a2b94a6907d662b23b9711248105156d1d418d69 8be486cf9cc27e59e5f3602b910afdb976ea731f6f3334250cde5405e8550bf4 Loading...

	#4 Write - f1a45f51127701df3d7f60b923856a7a	75 B	2023-03-11	2023-03-26
Pretty Observations First Seen2023-03-11 19:44:37 Last Seen2023-03-26 00:10:00 Times Seen2 Hash f1a45f51127701df3d7f60b923856a7a c577aaed14768fd212142b53895618ea37c4f08f fbb00bcc928d4094149889958b2e8e4c1c180d2a11505d140e028ce6d5987baa Loading...

	#5 Write - 0b8d139a3dacecbc4ec6bdc465e432cb	75 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 14:29:40 Last Seen2023-03-26 04:24:21 Times Seen5 Hash 0b8d139a3dacecbc4ec6bdc465e432cb 6766182c721ffd6540c9eb282d65966af81283e0 1a6c6f4c4d5dab7ded691f77f9be4901e477915ab52fc40d490fa43925ddfe7a Loading...

HTTP Transactions (91)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11144
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 09:31:38 GMT
Connection: keep-alive

qgkyiu.com/

104.148.98.104

301 Moved Permanently

0 B

URL HTTP/1.1
qgkyiu.com/
IP
104.148.98.104:0
ASN
#46573 LAYER-HOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: qgkyiu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 24 Nov 2022 18:42:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.qgkyiu.com/

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6568
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:31:38 GMT
Last-Modified: Fri, 25 Nov 2022 07:42:10 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2676
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 09:31:38 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:19:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 754
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: r0qlkpGmie8YJuecRxRiYlPsv8nD1P0+cJ0WPI4hut8UPlsVTXSAUxCjU0rdhFJTcznErKh0r+M=
x-amz-request-id: 6V6PK5DC5HXEA39C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:43:46 GMT
age: 2872
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 09:31:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:08:53 GMT
cache-control: public,max-age=3600
age: 1365
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

www.qgkyiu.com/

104.148.98.104

200 OK

753 B

URL HTTP/1.1
www.qgkyiu.com/
IP
104.148.98.104:0
ASN
#46573 LAYER-HOST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (710), with CRLF line terminators
Size
753 B (753 bytes)
Hash
1bf64ac1e00e3a001f4e6589c025556d
cecfc0821967997a674f26b296d70130f121470a
e958d9b6d9d5b491551cd487fd85652d1122cb930dfc518f280aa52cc49c0105

HTTP Headers

GET / HTTP/1.1
Host: www.qgkyiu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 18:42:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5215
Cache-Control: max-age=90125
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:31:39 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:33:44 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

www.qgkyiu.com/common.js

104.148.98.104

200 OK

507 B

URL HTTP/1.1
www.qgkyiu.com/common.js
IP
104.148.98.104:0
ASN
#46573 LAYER-HOST

File type
ASCII text, with very long lines (1065), with no line terminators
Size
507 B (507 bytes)
Hash
3a94a5fefad82e37a781a8613b63edb2
33fdcfcbc94b9e641c8c32943c48a5257920bf02
c2436c695d7e01e6a193f911bcacfb4211e93a86f7806795bc1bfc571f281d20

HTTP Headers

GET /common.js HTTP/1.1
Host: www.qgkyiu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 18:42:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

35.82.48.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.48.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rfIcbv1sKOfW8Bh7kkjgug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vC6c2nTTi6EkSiWaUoJfD3/v4u0=

www.qgkyiu.com/tj.js

104.148.98.104

200 OK

202 B

URL HTTP/1.1
www.qgkyiu.com/tj.js
IP
104.148.98.104:0
ASN
#46573 LAYER-HOST

File type
HTML document, ASCII text, with CRLF line terminators
Size
202 B (202 bytes)
Hash
e164ca25f4fc840e6411d16dfadf8516
9427a9fab0a2b9ce0f88f454e0ea5dafdd0ab9ab
ba2ba532d6f4c02357df00ac38aef3fc8764a2538f4dca9d95428f169717fe5c

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.qgkyiu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 18:42:51 GMT
Content-Type: application/x-javascript
Content-Length: 202
Connection: keep-alive

push.zhanzhang.baidu.com/push.js

39.156.68.163

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
39.156.68.163:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 25 Nov 2022 09:31:39 GMT
Etag: "4078521116"
Expires: Sat, 25 Nov 2023 09:31:39 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=4992D33E4479B70F81626DBE99EAE9B1:FG=1; max-age=31536000; expires=Sat, 25-Nov-23 09:31:39 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

www.towelioctltykddpdt.xyz/js/jlys.js

172.247.28.61

200 OK

1.8 kB

URL HTTP/1.1
www.towelioctltykddpdt.xyz/js/jlys.js
IP
172.247.28.61:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document, ASCII text, with very long lines (447), with CRLF line terminators
Size
1.8 kB (1822 bytes)
Hash
88facc9844ed555fcd48540ca500e724
dea6514308a73bf471b55dca6155be10ccf55263
440a96acdbbe4eaeb3ddd12ce300a541b578fae83a1b01d1ee956d7d9cbaa965

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/jlys.js HTTP/1.1
Host: www.towelioctltykddpdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:04 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jun 2022 07:24:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"629865a6-f3a"
Expires: Sat, 26 Nov 2022 05:32:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.towelioctltykddpdt.xyz/jlys_data.php?zq=jlys&val=smplink&t=0.15822558079310556?v=05039189235504532

172.247.28.61

200 OK

58 B

URL HTTP/1.1
www.towelioctltykddpdt.xyz/jlys_data.php?zq=jlys&val=smplink&t=0.15822558079310556?v=05039189235504532
IP
172.247.28.61:0
ASN
#40065 CNSERVERS

File type
JSON data\012- , ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
4715bed2cf85ed6b9e9aaa51306b8b04
05383457ee6c4295aa9b4c4a66e10100c041a62c
5ff26241a7e56c271cd594f32b6014e9f0a6e82738b4363b4ae27da86b03e092

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /jlys_data.php?zq=jlys&val=smplink&t=0.15822558079310556?v=05039189235504532 HTTP/1.1
Host: www.towelioctltykddpdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.qgkyiu.com
Connection: keep-alive
Referer: http://www.qgkyiu.com/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:04 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:40 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg

34.120.237.76

200 OK

2.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.4 kB (2351 bytes)
Hash
66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 52810
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 41048
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3955 bytes)
Hash
4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 18520
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8917 bytes)
Hash
5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 41770
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6130 bytes)
Hash
ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 41772
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10950 bytes)
Hash
4abf25d4a15ce58edadd54994b3434a2
18800e21d05596f7b64213072dee7dda5c1faf61
633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tCG6Llkb9UHrJDHyxk5RgLkQ3Cds3dXRc0uMhy_9GbnzgMWk5UBS6w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:04:29 GMT
age: 74316
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.bbnjd.xyz/

156.251.184.244

200 OK

12 kB

URL HTTP/1.1
www.bbnjd.xyz/
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (431)
Size
12 kB (11915 bytes)
Hash
b590320f9f7a7c4dd6734ecef8a91a58
2af525fa8fe47644b8edeb0febd0a181543f56ae
c05b91b79f78958e6efc3a56cd0980b8fa32aca9dc639e851a499c6e15f559fe

HTTP Headers

GET / HTTP/1.1
Host: www.bbnjd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.bbnjd.xyz/template/jlys/static/css/bootstrap.min.css

156.251.184.244

200 OK

27 kB

URL HTTP/1.1
www.bbnjd.xyz/template/jlys/static/css/bootstrap.min.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (493)
Size
27 kB (27078 bytes)
Hash
009318d8ae281e66da9d7eaf20de9350
5598f58336a95bd4208b7ebddeb204d43865a70e
80683f9d898f82ebd9b8335a25cf57e68b84c836c4765a42c7bc17b43bea16e2

HTTP Headers

GET /template/jlys/static/css/bootstrap.min.css HTTP/1.1
Host: www.bbnjd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Type: text/css
Last-Modified: Wed, 27 May 2020 23:55:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf0-2212e"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbnjd.xyz/template/jlys/static/css/swiper.min.css

156.251.184.244

200 OK

3.3 kB

URL HTTP/1.1
www.bbnjd.xyz/template/jlys/static/css/swiper.min.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (17459)
Size
3.3 kB (3298 bytes)
Hash
3b0f19c6e3d95b50787117fc26d47c7f
33799bc7c5f9ebda4adde8d59116a87fc2cce23f
39c608aa9656788524e36287f3a9e0070085695a439e4081a5bfd48c3b6f83b3

HTTP Headers

GET /template/jlys/static/css/swiper.min.css HTTP/1.1
Host: www.bbnjd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Type: text/css
Last-Modified: Wed, 27 May 2020 23:55:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf2-4562"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbnjd.xyz/template/jlys/static/css/white.css

156.251.184.244

200 OK

2.8 kB

URL HTTP/1.1
www.bbnjd.xyz/template/jlys/static/css/white.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
assembler source, ASCII text, with very long lines (1029), with CRLF line terminators
Size
2.8 kB (2820 bytes)
Hash
a5eccc7e2836315f7bb04b7898a027fd
b0df7401bdd8d1c8e70596bcf988254afafd6805
2bce05beec599deec60a00af27e41f9af335ca0684f93e22a6e3c2f6d5169590

HTTP Headers

GET /template/jlys/static/css/white.css HTTP/1.1
Host: www.bbnjd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Type: text/css
Last-Modified: Wed, 21 Apr 2021 20:48:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60808fb6-29da"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbnjd.xyz/template/jlys/static/css/mm-content.css

156.251.184.244

200 OK

1.4 kB

URL HTTP/1.1
www.bbnjd.xyz/template/jlys/static/css/mm-content.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.4 kB (1418 bytes)
Hash
52aa59d2204183f0387403c70b429fe9
834ea6ae81fa673cf95f01619c727198d4954f6f
57ce4e3e4ddc6bb24d3d25a9ef34a5a3076395b049f6fa832eb05b3d62b95d00

HTTP Headers

GET /template/jlys/static/css/mm-content.css HTTP/1.1
Host: www.bbnjd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Type: text/css
Last-Modified: Mon, 09 May 2022 14:28:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62792503-1cd0"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbnjd.xyz/template/jlys/static/css/style.css

156.251.184.244

200 OK

15 kB

URL HTTP/1.1
www.bbnjd.xyz/template/jlys/static/css/style.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
assembler source, Unicode text, UTF-8 text, with very long lines (350), with CRLF line terminators
Size
15 kB (14728 bytes)
Hash
4495e8aa756dc2cda90f57239ecad9ea
c8aaebce7643d7c46edc3b4e2ae426ae6b8c6ed5
d56b5cf774c910d16c7c11a36322205fd47fe3f64688fb79e3f59b1f2a9a9257

HTTP Headers

GET /template/jlys/static/css/style.css HTTP/1.1
Host: www.bbnjd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Type: text/css
Last-Modified: Thu, 08 Jul 2021 15:56:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60e72017-10b00"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbnjd.xyz/static/js/jquery.js

156.251.184.244

200 OK

35 kB

URL HTTP/1.1
www.bbnjd.xyz/static/js/jquery.js
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (65447)
Size
35 kB (34877 bytes)
Hash
abedc8bae88e267ba9ab2db769d1eee4
e2e0efd271d8a6564837e7226c7586a0d96047b5
a33a11a3922bed1ab922e13cd825e1fdf1fff5a9695aa9359acaa2a6e8d30066

HTTP Headers

GET /static/js/jquery.js HTTP/1.1
Host: www.bbnjd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Type: application/javascript
Last-Modified: Sat, 12 Nov 2022 17:31:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636fd867-15e3f"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif

96.6.16.143

200 OK

917 kB

URL HTTP/2
ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
IP
96.6.16.143:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
917 kB (917226 bytes)
Hash
28998a87f539b948e98fdc9c82fc6a69
c0085b4e65a2679d63c10ccf8bcffd7b6014b211
1bcb305b12f83cc84760b87cc0d7088e774e0d67e19657f131fdc6a0fadbec0a

HTTP Headers

GET /images/0Z05r2224t6z9bba9EA9A.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 917226
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7622796
expires: Tue, 21 Feb 2023 14:58:17 GMT
date: Fri, 25 Nov 2022 09:31:41 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif

96.6.16.143

200 OK

1.2 MB

URL HTTP/2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP
96.6.16.143:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
1.2 MB (1197751 bytes)
Hash
6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6

HTTP Headers

GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6556792
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Fri, 25 Nov 2022 09:31:41 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

js.users.51.la/21285005.js

103.143.19.103

200 OK

2.3 kB

URL HTTP/1.1
js.users.51.la/21285005.js
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
ASCII text, with very long lines (4898)
Size
2.3 kB (2310 bytes)
Hash
c827032af976c243b7bd48054094e6c9
bc5327afcec506ecd4a4e5af1b891f788a3e24bc
e5a1e6ee76c05c78cf4654d9f917125112c358781afbbb1ecae66724472dd496

HTTP Headers

GET /21285005.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 25 Nov 2022 09:31:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=f6f7824deaf82245532; path=/
HWWAFSESTIME=1669368699935; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

cdn.jsdelivr.net/gh/re341/ipad@main/112.ww

151.101.85.229

200 OK

1.1 MB

URL HTTP/2
cdn.jsdelivr.net/gh/re341/ipad@main/112.ww
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 206 x 206\012- data
Size
1.1 MB (1127941 bytes)
Hash
0e7eec6edceaeea89caf8f918078ac38
1d7f2cc8f2b17e529e52d2bf4594be2a1934ef25
a1dae3e6252e4cc2d7d8ef59a9b8b7484fd5e4a10f7276e975c3654f6c9391c8

HTTP Headers

GET /gh/re341/ipad@main/112.ww HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
content-type: application/octet-stream
etag: W/"113605-HX8syPKxflKeUtK/RZS+Khk07yU"
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:31:41 GMT
age: 28703
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1645-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1127941
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
e5b4f0edacb0e1ec14b068b30274304e
88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:41 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1797
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f95f72786c0b51-OSL

www.bbnjd.xyz/template/jlys//images/logo.png

156.251.184.244

200 OK

31 kB

URL HTTP/1.1
www.bbnjd.xyz/template/jlys//images/logo.png
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (31224 bytes)
Hash
9e193b97a7e7ad03e60ea7e0525d1cc2
8a65564e9be25b8c9130ca5f46e42440f455f747
5b91ad20822478a84eb4018c93feb80184e765c4d7997383def9160c92e00757

HTTP Headers

GET /template/jlys//images/logo.png HTTP/1.1
Host: www.bbnjd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Type: image/png
Content-Length: 31224
Last-Modified: Thu, 16 Jun 2022 13:35:12 GMT
Connection: keep-alive
ETag: "62ab3190-79f8"
Expires: Sun, 25 Dec 2022 17:32:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ce6c5aca493f3ef33cdd85e2f3645a68
b9d5fd679f7f9b542cb1450b80d8926f8495dbd6
a2979a1633801f83e076f41b2f951ce5344f534612e01f2c7fa8ce75cbb95cd3

HTTP Headers

POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:31:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc0c87e2958de9a09b47bdab344e4580
231fd032aae20cbebfe468ceb8ea99103fa6de66
eaca7f7c80089c7bbfb0d3886ea60c71d31dbe1984ea7f773a20bc38b1d88ea2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EACA7F7C80089C7BBFB0D3886EA60C71D31DBE1984EA7F773A20BC38B1D88EA2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1835
Expires: Fri, 25 Nov 2022 10:02:16 GMT
Date: Fri, 25 Nov 2022 09:31:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9381665bdbe88ea0f7fef1e4fdb81a5d
93c65c106fdc534bb9207b44b5d1cc49856c88d6
50eff0cc9219bf8a9b2ac708744e23aa7ad08a5219dbe6acf6040083faa9c0ae

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50EFF0CC9219BF8A9B2AC708744E23AA7AD08A5219DBE6ACF6040083FAA9C0AE"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Fri, 25 Nov 2022 10:46:24 GMT
Date: Fri, 25 Nov 2022 09:31:41 GMT
Connection: keep-alive

www.tupku.top/lm/031815-80.gif

172.67.200.40

200 OK

1.6 MB

URL HTTP/2
www.tupku.top/lm/031815-80.gif
IP
172.67.200.40:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 500 x 281\012- data
Size
1.6 MB (1626999 bytes)
Hash
17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435

HTTP Headers

GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:31:41 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Thu, 15 Dec 2022 23:37:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 772848
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2Ohyh70Q1%2B7PN%2B3xtjNF34%2BiGnhoKeEpUVXlE%2BsNTTCuiOKhHyLgQkiXHygK0S8BYobPbdi3c3F6zac5o1Zq82yD0Ln3abZCvvQfczsk8PGiSUgB8ODB7faw4%2Bro5od"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f95f734df90b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
59b02c1c948cef8ac39cb280b2422d4d
31b11d0550d45edc800a0f7e17838abbbb1498c8
66d52879030be45f297ae1d7fd40cee0700712dc87456efd19a6886506aa064f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:21:49 GMT
Expires: Tue, 29 Nov 2022 23:21:48 GMT
Etag: "31b11d0550d45edc800a0f7e17838abbbb1498c8"
Cache-Control: max-age=394805,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f73eaa80b55-OSL

kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 09:31:42 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
13081f5281d0d4518ebb90e66d4bd75b
b724a30579f0151ba30eb4313a8f56b2951831b8
01632250c0368a67006a77ccca89fca2936e06d8a08a2dd2dbfb39b337de4c36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 14:25:51 GMT
Expires: Thu, 01 Dec 2022 14:25:50 GMT
Etag: "b724a30579f0151ba30eb4313a8f56b2951831b8"
Cache-Control: max-age=535447,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f73fff01c0a-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
629786c256d30270dd3081c83a6c5b92
7878d6d76412c208d171ee3b34480fc15154c5ab
397c0056786eaa61891bc6b5c1cdb7ee19998b3f5e3d197439cad45998f799d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 03:05:07 GMT
Expires: Tue, 29 Nov 2022 03:05:06 GMT
Etag: "7878d6d76412c208d171ee3b34480fc15154c5ab"
Cache-Control: max-age=321803,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f740f61b4e8-OSL

kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gif

98.126.214.50

301 Moved Permanently

162 B

URL HTTP/2
kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gif
IP
98.126.214.50:0
ASN
#4213 VPLS-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 09:31:42 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ce6c5aca493f3ef33cdd85e2f3645a68
b9d5fd679f7f9b542cb1450b80d8926f8495dbd6
a2979a1633801f83e076f41b2f951ce5344f534612e01f2c7fa8ce75cbb95cd3

HTTP Headers

POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:31:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif

98.126.214.50

301 Moved Permanently

162 B

URL HTTP/2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
98.126.214.50:0
ASN
#4213 VPLS-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 09:31:42 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=595692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f74892bb527-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=595692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f74895ab51b-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
189cdefb347864aa5542e9480249ba68
7bfae97b990f84587fd4cb5bb226ebaca4626d0f
4359b3014e3700c027ada43defc2ce9a10004ed75f159d5adf8e9e02424d0403

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 05:44:40 GMT
ETag: "7bfae97b990f84587fd4cb5bb226ebaca4626d0f"
Last-Modified: Fri, 25 Nov 2022 05:44:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2171
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f95f751d33b521-OSL

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
5c2563411931928a7d9d82ac3bae0986
e3dfc41f881d0cad511e02a367070557811949af
afca105de30fdc527bdabd3900c3e58bbd3612a2563d2c6f367ec81d2a5935b5

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AFCA105DE30FDC527BDABD3900C3E58BBD3612A2563D2C6F367EC81D2A5935B5"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5538
Expires: Fri, 25 Nov 2022 11:04:00 GMT
Date: Fri, 25 Nov 2022 09:31:42 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6d816beb8586fcb5389d50598ae54cf
43a3c5b9569e28c3b1c36ac8448acbb8cac433cc
b5b6b366321283f6bdd50fa5d08b1f1decfba09a202d9570954ac4dec78214e3

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:31:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
5c2563411931928a7d9d82ac3bae0986
e3dfc41f881d0cad511e02a367070557811949af
afca105de30fdc527bdabd3900c3e58bbd3612a2563d2c6f367ec81d2a5935b5

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AFCA105DE30FDC527BDABD3900C3E58BBD3612A2563D2C6F367EC81D2A5935B5"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5538
Expires: Fri, 25 Nov 2022 11:04:00 GMT
Date: Fri, 25 Nov 2022 09:31:42 GMT
Connection: keep-alive

kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif

172.67.171.171

200 OK

65 kB

URL HTTP/2
kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP
172.67.171.171:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
65 kB (65414 bytes)
Hash
514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvkeee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbnjd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:31:42 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:02 GMT
etag: "637c023e-ff86"
expires: Wed, 21 Dec 2022 23:57:34 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 293648
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbLirwM%2FGgBPObw69NdKNXQhIgPuXTLX1hhS4z5uGCrly%2F32uFlwoo8kekWn9S%2BLStOfMu9Yi2iySmtVQ19gLMhLtekbu1s%2BRDSxvGTAXi7a747IG5HUNEtyrusq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f95f754b820b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

172.67.154.165

200 OK

400 kB

URL HTTP/2
kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
172.67.154.165:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
400 kB (400264 bytes)
Hash
b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbnjd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:31:42 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Sat, 10 Dec 2022 11:40:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1288255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3ngy42RVnXdjTkrG4Z3IEkXhTnjY7joHKFTF%2FGMiykh2kTbnWut9Jc3tTQDYP5xHr%2FLn826xu2c%2FTrIfCz7G1Qo%2BJwXhGTYF4vBJbPskNNhWkcqaeDS4ybrKu2e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f95f754a66b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif

172.67.171.171

200 OK

82 kB

URL HTTP/2
kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif
IP
172.67.171.171:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 80\012- data
Size
82 kB (82442 bytes)
Hash
62f39c1c0c44a8d8d01f8d3f72921ce3
94b052ad190771bc28a0d2925f342b364775c004
1fa3b28afa7262c9e4c7f1473a073f8b3b4275aa754418b5a21a7248cf6f758b

HTTP Headers

GET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1
Host: kvkeee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbnjd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:31:42 GMT
content-type: image/gif
content-length: 82442
last-modified: Mon, 21 Nov 2022 22:57:04 GMT
etag: "637c0240-1420a"
expires: Thu, 22 Dec 2022 11:54:59 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 250603
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSkuFsoTx1FRhM4%2B6SSJlHzMXdxfTmfPQWxC2ihkK%2BmQ3lmqOFPS5wZvmqaexXhYJPWc%2BaL71SMCnnXX6YLUJSfkIqvyiwfbAgZfD4T1QrV6Mh90D6NygeGohCnf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f95f754b800b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
5c2563411931928a7d9d82ac3bae0986
e3dfc41f881d0cad511e02a367070557811949af
afca105de30fdc527bdabd3900c3e58bbd3612a2563d2c6f367ec81d2a5935b5

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AFCA105DE30FDC527BDABD3900C3E58BBD3612A2563D2C6F367EC81D2A5935B5"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5538
Expires: Fri, 25 Nov 2022 11:04:00 GMT
Date: Fri, 25 Nov 2022 09:31:42 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=595692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f7489b70afe-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 408
Cache-Control: max-age=131409
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:31:42 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 22:01:51 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727

p3.douyinpic.com/obj/tos-cn-i-dy/393be3929c084e6fb01b3ba7b9dff8bb

47.246.44.227

200 OK

638 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/393be3929c084e6fb01b3ba7b9dff8bb
IP
47.246.44.227:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 700 x 100\012- data
Size
638 kB (637760 bytes)
Hash
259084ada3cea292dfd0fac4cef92e4f
5347fd087223f90569b8c05245ea457857bcf53f
226dea4d5627f9ebf789241a75f597078964c975d204d68cb66b4725fedf4cc8

HTTP Headers

GET /obj/tos-cn-i-dy/393be3929c084e6fb01b3ba7b9dff8bb HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 637760
date: Thu, 24 Nov 2022 02:29:59 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 02:29:59 GMT
nw-session-id: 202211241029590102081611003A90D0C5js7tg03dy
nw-session-trace: 2022-11-24T10:29:59.927601758+08:00 47
x-bdcdn-cache-status: TCP_MISS
x-length: 637760
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 10:29:59 GMT
x-tt-logid: 202211241029590102081611003A90D0C5
via: n204-100-041, cache5.l2de2[0,0,206-0,H], cache21.l2de2[1,0], cache21.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc01:25:582::100
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01ffe91cff7ea325a541cc3dcd422cd38fa118ec9bc0dad61e1d7e36fb45011e8f0884fede43e9076cdcc0bf1d19bfac28e64296137a05619ab7a90ea90f6bc096db56de7461029a92ef4608cff9a7a6184ee1febeb16140a34ebb8d041107360d
x-response-lb: image
ali-swift-global-savetime: 1669257000
age: 111702
x-cache: HIT TCP_MEM_HIT dirn:4:398299303 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 12:24:59 GMT
x-swift-cachetime: 31500301
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693687023804893e
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e3492cb8b5d79fca4a4728f1c7a24c67
65851a755e917d441fb222dbca6cd8a4c7c06036
ed6b90d0db6beadcc3d21313f4d01063da407f58e62a9199f59a3098986a1263

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:55:15 GMT
Expires: Tue, 29 Nov 2022 23:55:14 GMT
Etag: "65851a755e917d441fb222dbca6cd8a4c7c06036"
Cache-Control: max-age=396811,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f761cf00b55-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=595692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f748e38b529-OSL

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6d816beb8586fcb5389d50598ae54cf
43a3c5b9569e28c3b1c36ac8448acbb8cac433cc
b5b6b366321283f6bdd50fa5d08b1f1decfba09a202d9570954ac4dec78214e3

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:31:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
4843fada1c0617d36927afca3400e17e
49ba6d2eb8d9050c4ef1c54fc62980ee6cdf46a0
a7467348802a0796518d6f90895f44cf80ee8520290567f3c3ec26c4497505ab

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:09:43 GMT
Expires: Mon, 28 Nov 2022 23:09:42 GMT
Etag: "49ba6d2eb8d9050c4ef1c54fc62980ee6cdf46a0"
Cache-Control: max-age=307679,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f75ca9cb527-OSL

p3.douyinpic.com/obj/tos-cn-i-dy/a43878b494d3499bb0307524ed7d7c04

47.246.44.227

200 OK

420 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/a43878b494d3499bb0307524ed7d7c04
IP
47.246.44.227:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
420 kB (420442 bytes)
Hash
7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb

HTTP Headers

GET /obj/tos-cn-i-dy/a43878b494d3499bb0307524ed7d7c04 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Tue, 22 Nov 2022 14:19:21 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 22 Nov 2022 14:03:01 GMT
nw-session-id: 2022112222030101017509107004F9EF5495wf903dy
nw-session-trace: 2022-11-22T22:03:01.621048573+08:00 199
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Tue, 22 Nov 2022 22:03:01 GMT
x-tt-logid: 2022112222030101017509107004F9EF54
via: n204-099-014, cache14.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache7.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc01:26:265::25
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0141e3d7960f7348f6a0c5a74918f663f382b6206bc515906d96f4f53a0995b49fb7b4b3aeddec37d8f5e4f69d26905cdf931f49bcc00b93420caa5bea756d30aabc6b5dd756aa03d95cb8c76e45d6044b2f8b2336501f24ecb3abe0994e1128a1
x-response-lb: image
ali-swift-global-savetime: 1669126761
age: 241941
x-cache: HIT TCP_MEM_HIT dirn:3:263799029
x-swift-savetime: Tue, 22 Nov 2022 16:41:12 GMT
x-swift-cachetime: 31527489
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693687025465049e
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
8d2d4c2519e173d156b0629de506e00c
b21c4758aa7cda5014cd3386e5bceb4123053a9e
25238d4415525d3410163e30d1b1e07336dee26372340f07a2689bc2fac22e73

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:39:05 GMT
Expires: Wed, 30 Nov 2022 15:39:04 GMT
Etag: "b21c4758aa7cda5014cd3386e5bceb4123053a9e"
Cache-Control: max-age=453441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f766a8b1c0a-OSL

2588qq.com/7f4326a942de44468e832f3775975026.gif

103.170.15.91

200 OK

102 kB

URL HTTP/1.1
2588qq.com/7f4326a942de44468e832f3775975026.gif
IP
103.170.15.91:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 750 x 150\012- data
Size
102 kB (102151 bytes)
Hash
eb2d786404404d76068eecb94ed0fea3
222b3896c1f7dac188d9d04b69990fb2888e89a4
acb9ec9b6d3000bf1a24d0a1c167aa1dd137438f8ef339cf7be7ebff9b26f824

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /7f4326a942de44468e832f3775975026.gif HTTP/1.1
Host: 2588qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633a7a7c-18f07"
Date: Wed, 23 Nov 2022 11:51:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 03 Oct 2022 06:00:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 102151

img.1158555.com/images/637cd3ae57b922de4f030a9d.gif

91.199.87.220

302 Found

472 B

URL HTTP/2
img.1158555.com/images/637cd3ae57b922de4f030a9d.gif
IP
91.199.87.220:0
ASN
#0

File type
data
Size
472 B (472 bytes)
Hash
ad7b16c1a145de2a743a373b1f4b81e6
5e2c80478a031ee5c5ffd44526e2f89a0131a1ac
131f427bd11b00c80c58620e3379738aa003c72ec53e77cf88737ead60636b5f

HTTP Headers

GET /images/637cd3ae57b922de4f030a9d.gif HTTP/1.1
Host: img.1158555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/393be3929c084e6fb01b3ba7b9dff8bb
cache-control: max-age=3600
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
30560bb985f62cf43b07a4d052c01dfd
392611dff6ef5eb39e216bb8587d6040e590604e
c0a25c0045587d03547315c48733530a9b12f78a6f58da8513af564197dda40f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 13:20:38 GMT
Expires: Thu, 01 Dec 2022 13:20:37 GMT
Etag: "392611dff6ef5eb39e216bb8587d6040e590604e"
Cache-Control: max-age=531534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f769a48b4e8-OSL

986338dsd.com/c253cd51928a4e92b6ff93e58865e510.gif

103.170.15.76

200 OK

359 kB

URL HTTP/1.1
986338dsd.com/c253cd51928a4e92b6ff93e58865e510.gif
IP
103.170.15.76:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
359 kB (358672 bytes)
Hash
668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /c253cd51928a4e92b6ff93e58865e510.gif HTTP/1.1
Host: 986338dsd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637a2e84-57910"
Date: Tue, 22 Nov 2022 06:09:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 20 Nov 2022 13:41:24 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-06
Content-Length: 358672

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif

52.184.85.118

200 OK

133 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
133 kB (133073 bytes)
Hash
f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

2599qq.com/41a28e3efa3841c89761a8f637921969.gif

103.170.15.101

200 OK

579 kB

URL HTTP/1.1
2599qq.com/41a28e3efa3841c89761a8f637921969.gif
IP
103.170.15.101:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 750 x 120\012- data
Size
579 kB (579018 bytes)
Hash
54c2a3fb838c8e711bbe07220637d637
77e33ed77eb68c23320c059105fb2c900141301e
fc832269e62682138155c4f5e7f34f36512d1bfe69482fbc4a2cc3d27251c8e1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /41a28e3efa3841c89761a8f637921969.gif HTTP/1.1
Host: 2599qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f895dd-8d5ca"
Date: Wed, 23 Nov 2022 08:01:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 14 Aug 2022 06:27:41 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Length: 579018

sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif

52.184.85.118

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (211695 bytes)
Hash
0b39ec7c3e074e11a5629819f3aa4700
df59dbbb9d99b72d01f518d9c8484cd188440f0f
f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8

HTTP Headers

GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:33:51 GMT
ETag: "1668166431"
Expires: Sun, 11 Dec 2022 11:33:51 GMT
Last-Modified: Fri, 11 Nov 2022 11:33:51 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352536705082.gif

52.184.85.118

200 OK

423 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352536705082.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 120\012- data
Size
423 kB (423091 bytes)
Hash
05cb648d84c2606c9892128f3ae9892d
aacbe8019ae2afaf01cb75f291ecb852ab21e94e
1ecea29ead7cf4e13e61b83bf6b40832727c259807f3a5f963f6ba435ce0eeb1

HTTP Headers

GET /static/uploads/image/x22/20221021/1666352536705082.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Sun, 20 Nov 2022 11:59:54 GMT
ETag: "1668945594"
Expires: Tue, 20 Dec 2022 11:59:54 GMT
Last-Modified: Sun, 20 Nov 2022 11:59:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif

52.184.85.118

200 OK

258 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
258 kB (257993 bytes)
Hash
038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494405"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:25 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif

52.184.85.118

200 OK

132 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
132 kB (131724 bytes)
Hash
6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352753192348.gif

52.184.85.118

200 OK

429 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352753192348.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 120\012- data
Size
429 kB (428593 bytes)
Hash
60de0e198b93e9f487d4f1c77ed5db88
fa3070711f791e218c5235ff20bba7c086697f75
ab8489fad65bf627642df428a3ba8b3733ce209f60b5c5e4064d76a0d160dd41

HTTP Headers

GET /static/uploads/image/x22/20221021/1666352753192348.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Sun, 20 Nov 2022 11:46:11 GMT
ETag: "1668944773"
Expires: Tue, 20 Dec 2022 11:46:11 GMT
Last-Modified: Sun, 20 Nov 2022 11:46:13 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif

52.184.85.118

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (212163 bytes)
Hash
14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif

52.184.85.118

200 OK

245 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
245 kB (245365 bytes)
Hash
15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

n0533.com/7512405275124866b7fcece7e39348e1.gif

20.78.78.186

200 OK

91 kB

URL HTTP/1.1
n0533.com/7512405275124866b7fcece7e39348e1.gif
IP
20.78.78.186:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 100\012- data
Size
91 kB (91062 bytes)
Hash
62b3bf929422e901c730c19691b7f4de
86f1140094a1a931b074a10908b16b739582c83e
c9fd595fadf8b281d9b3832517983de4ffffc87bcd116553fed9a1c20ab20800

HTTP Headers

GET /7512405275124866b7fcece7e39348e1.gif HTTP/1.1
Host: n0533.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 15:09:18 GMT
ETag: W/"6378f19e-51701"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

u1099.com/3cd54835899b4244a452da12a2401f29.gif

103.170.15.66

200 OK

383 kB

URL HTTP/2
u1099.com/3cd54835899b4244a452da12a2401f29.gif
IP
103.170.15.66:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 100\012- data
Size
383 kB (382842 bytes)
Hash
3ee8c68d9bcee9dba9e18883f7a79dd7
ca6173103323ab2685f5c50c81c2e80d50583ab9
150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9

HTTP Headers

GET /3cd54835899b4244a452da12a2401f29.gif HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "6367a229-5d77a"
server: nginx
date: Mon, 07 Nov 2022 17:50:16 GMT
content-type: image/gif
last-modified: Sun, 06 Nov 2022 12:01:45 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-56
content-length: 382842
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif

52.184.85.118

200 OK

252 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
252 kB (251962 bytes)
Hash
feb5419ef22c0a10470f6cfe2b0f1517
412e6b8e6f4244071851549b9d5ba5fdf9a5b631
d889e702650ec0543cef9a6d281f576366872f31463f3b707498aac5cef2ae07

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

u1022.com/fdb81046090e418b958f9fc3d83528d0.gif

45.61.212.140

200 OK

528 kB

URL HTTP/2
u1022.com/fdb81046090e418b958f9fc3d83528d0.gif
IP
45.61.212.140:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 100\012- data
Size
528 kB (528107 bytes)
Hash
b835921ae97148cb73e491e4288ae077
392c16f2ee23667d7956bc601ee2f5927c16160d
acbe56eb9498265786e993eebf99780215d02e1cb27ea3a755f43a6134f10a55

HTTP Headers

GET /fdb81046090e418b958f9fc3d83528d0.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "6367a25b-80eeb"
server: nginx
date: Wed, 09 Nov 2022 12:19:04 GMT
content-type: image/gif
last-modified: Sun, 06 Nov 2022 12:02:35 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-10
content-length: 528107
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x26/20221021/1666352814488575.gif

52.184.85.118

200 OK

460 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221021/1666352814488575.gif
IP
52.184.85.118:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 120\012- data
Size
460 kB (459715 bytes)
Hash
d4e74dbadc18d9e35bc48b815b8f37de
07562effc5109ea41403466d5d8795ededa57030
7973bc38aaf7332a150691990b844ce1efb79ab82e4d262fcd5901e77a53112b

HTTP Headers

GET /static/uploads/image/x26/20221021/1666352814488575.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Sun, 20 Nov 2022 11:59:54 GMT
ETag: "1668945594"
Expires: Tue, 20 Dec 2022 11:59:54 GMT
Last-Modified: Sun, 20 Nov 2022 11:59:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

n0522.com/4d6f5c464538416c8a4367f41accb357.gif

104.208.83.207

200 OK

234 kB

URL HTTP/1.1
n0522.com/4d6f5c464538416c8a4367f41accb357.gif
IP
104.208.83.207:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 100\012- data
Size
234 kB (234083 bytes)
Hash
4accb5edc5dd748c790fadf9b37bb1e4
f7b4853dfa6d176c56863a976e3ba723a24e00ce
4306964c6de77a1def7c9b8d0f97c8d08ec81a5e62dd01a1a364feb22bf7fd42

HTTP Headers

GET /4d6f5c464538416c8a4367f41accb357.gif HTTP/1.1
Host: n0522.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 12:03:50 GMT
ETag: W/"6367a2a6-64308"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0

43.154.254.32

200 OK

331 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 09:31:42 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Sat, 12 Nov 2022 13:28:23 GMT
cache-control: max-age=2592000
x-delay: 49843 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 3dbacc4d-0b13-4eaf-93f8-d668a54d094c
X-Firefox-Spdy: h2

8499483.com/8499/960x60.gif

23.224.101.35

200 OK

331 kB

URL HTTP/2
8499483.com/8499/960x60.gif
IP
23.224.101.35:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:31:42 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

img.1180555.com/images/637cd3de57b922de4f030a9e.gif

91.199.87.220

302 Found

0 B

URL HTTP/2
img.1180555.com/images/637cd3de57b922de4f030a9e.gif
IP
91.199.87.220:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/637cd3de57b922de4f030a9e.gif HTTP/1.1
Host: img.1180555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/a43878b494d3499bb0307524ed7d7c04
cache-control: max-age=3600
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash