Overview

URL qgkyiu.com/
IP104.148.98.104
ASNLAYER-HOST
Location United States
Report completed2022-11-25 09:31:50 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-25 2 towelioctltykddpdt.xyz Sinkholed
2022-11-25 2 towelioctltykddpdt.xyz Sinkholed
2022-11-25 2 kvkggg.top Sinkholed
2022-11-25 2 2588qq.com Sinkholed
2022-11-25 2 986338dsd.com Sinkholed
2022-11-25 2 2599qq.com Sinkholed


Files

No files detected



Passive DNS (39)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.bbnjd.xyz (8) 0 2022-11-25 01:42:38 UTC 2022-11-25 01:42:38 UTC 156.251.184.244 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
mnemonic passive DNS kvezz.com (1) 237784 2021-10-17 08:32:09 UTC 2022-11-24 10:36:50 UTC 45.154.215.92
mnemonic passive DNS e1.o.lencr.org (3) 6159 No data No data 23.36.76.226
mnemonic passive DNS p3.douyinpic.com (2) 23536 No data No data 47.246.44.227
mnemonic passive DNS n0533.com (1) 0 2021-02-01 01:45:28 UTC 2021-02-01 01:45:28 UTC 20.78.78.186 Unknown ranking
mnemonic passive DNS p.qlogo.cn (1) 48578 2014-01-15 11:11:45 UTC 2020-05-03 00:28:53 UTC 43.154.254.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
mnemonic passive DNS ak-d.tripcdn.com (2) 71581 No data No data 96.6.16.143
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
mnemonic passive DNS 8499483.com (1) 0 No data No data 23.224.101.35 Unknown ranking
mnemonic passive DNS www.towelioctltykddpdt.xyz (2) 0 2022-07-14 01:19:18 UTC 2022-11-25 01:42:38 UTC 172.247.28.61 Unknown ranking
mnemonic passive DNS www.qgkyiu.com (3) 0 2022-10-19 04:07:33 UTC 2022-10-19 04:07:33 UTC 104.148.98.104 Unknown ranking
mnemonic passive DNS push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2020-04-25 10:56:18 UTC 39.156.68.163
mnemonic passive DNS 2588qq.com (1) 0 No data No data 103.170.15.91 Unknown ranking
mnemonic passive DNS img.1180555.com (1) 0 No data No data 91.199.87.220 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS js.users.51.la (1) 53024 2012-05-30 15:10:11 UTC 2022-08-20 01:24:32 UTC 103.143.19.103
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
mnemonic passive DNS kvkeee.top (2) 0 2022-11-08 06:30:57 UTC 2022-11-24 10:15:41 UTC 172.67.171.171 Unknown ranking
mnemonic passive DNS img.1158555.com (1) 0 No data No data 91.199.87.220 Unknown ranking
mnemonic passive DNS 986338dsd.com (1) 0 No data No data 103.170.15.76 Unknown ranking
mnemonic passive DNS qgkyiu.com (1) 0 2022-10-19 04:07:20 UTC 2022-10-19 04:07:20 UTC 104.148.98.104 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.82.48.240
mnemonic passive DNS www.tupku.top (1) 0 2022-06-30 21:26:11 UTC 2022-11-24 10:36:50 UTC 172.67.200.40 Unknown ranking
mnemonic passive DNS zerossl.ocsp.sectigo.com (5) 4049 No data No data 104.18.32.68
mnemonic passive DNS 2599qq.com (1) 0 No data No data 103.170.15.101 Unknown ranking
mnemonic passive DNS u1022.com (1) 0 2021-02-01 01:45:41 UTC 2021-02-01 01:45:41 UTC 45.61.212.140 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
mnemonic passive DNS kzeaa.com (2) 0 2022-05-22 06:40:48 UTC 2022-11-24 15:14:27 UTC 98.126.214.50 Unknown ranking
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.21.226
mnemonic passive DNS u1099.com (1) 0 2021-01-30 23:32:48 UTC 2021-01-30 23:32:48 UTC 103.170.15.66 Unknown ranking
mnemonic passive DNS n0522.com (1) 0 2021-02-01 01:45:29 UTC 2021-02-01 01:45:29 UTC 104.208.83.207 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS ocsp.sectigo.com (6) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
mnemonic passive DNS kvkggg.top (1) 0 2022-11-08 06:39:56 UTC 2022-11-24 15:14:27 UTC 172.67.154.165 Unknown ranking
mnemonic passive DNS sysupload.csiteadmin.com (10) 0 No data No data 52.184.85.118 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (8) 344 No data No data 23.36.77.32


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 104.148.98.104

Date UQ / IDS / BL URL IP
2022-11-25 09:31:50 +0000
0 - 0 - 6 qgkyiu.com/ 104.148.98.104

Last 5 reports on ASN: LAYER-HOST

Date UQ / IDS / BL URL IP
2022-11-30 23:42:06 +0000
0 - 0 - 5 emukes.me/ 107.179.33.44
2022-11-30 23:01:59 +0000
0 - 0 - 5 eyegoy.com/ 107.179.33.21
2022-11-30 20:09:21 +0000
0 - 0 - 3 onahec.com/ 107.179.33.44
2022-11-30 12:51:46 +0000
0 - 0 - 10 customketodiet.life/ 23.247.42.42
2022-11-30 11:40:12 +0000
0 - 0 - 3 ibucoz.me/ 104.223.153.107

Last 1 reports on domain: qgkyiu.com

Date UQ / IDS / BL URL IP
2022-11-25 09:31:50 +0000
0 - 0 - 6 qgkyiu.com/ 104.148.98.104

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-25 01:42:50 +0000
0 - 0 - 5 www.xtdar.com/ 134.73.206.107
2022-11-06 02:19:08 +0000
0 - 0 - 7 ntjmx.com/ 38.63.112.244
2022-11-01 02:16:13 +0000
0 - 0 - 6 cdhom.com/ 38.63.113.17
2022-10-17 04:54:32 +0000
0 - 0 - 3 www.hpaak.com/ 38.63.114.173
2022-10-16 01:32:55 +0000
0 - 0 - 10 bhuoie.com/ 38.63.110.208


JavaScript

Executed Scripts (7)


Executed Evals (1)

#1 JavaScript::Eval (size: 468, repeated: 1) - SHA256: 97d5f64bbce84595c57664e2fb168e0573041ee60b273fb54aa63a652ab9611f

                                        document.write('<title>l� Y���	Pl�</title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="http://www.bbnjd.xyz"></iframe></div><style type="text/css">html{width:100%;height:100%}body {width:100%;height:100%;overflow:hidden}');
                                    

Executed Writes (5)

#1 JavaScript::Write (size: 449, repeated: 1) - SHA256: 52192c66f5e344af0294a681f7a916addd38735d6420baa85901428019c9d46b

                                        < title > l� Y��� Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="http:/ / www.bbnjd.xyz "></iframe></div><style type="
text / css ">html{width:100%;height:100%}body {width:100%;height:100%;overflow:hidden}
                                    

#2 JavaScript::Write (size: 100, repeated: 1) - SHA256: b1a4051b1f954ea452e505d79dfb722266c2ef7fadd3dedbf09616e08c55544b

                                        < script src = "https://www.govkunming.cn:12443/ty/64C6B5C6-A2D6-14969-34-2CA235499B78.alpha" > < /script>
                                    

#3 JavaScript::Write (size: 92, repeated: 1) - SHA256: 8be486cf9cc27e59e5f3602b910afdb976ea731f6f3334250cde5405e8550bf4

                                         < script type = "text/javascript"
 src = "http://www.towelioctltykddpdt.xyz/js/jlys.js" > < /script>
                                    

#4 JavaScript::Write (size: 75, repeated: 1) - SHA256: fbb00bcc928d4094149889958b2e8e4c1c180d2a11505d140e028ce6d5987baa

                                        < script type = "text/javascript"
src = "//js.users.51.la/21348005.js" > < /script>
                                    

#5 JavaScript::Write (size: 75, repeated: 1) - SHA256: 1a6c6f4c4d5dab7ded691f77f9be4901e477915ab52fc40d490fa43925ddfe7a

                                        < script type = "text/javascript"
src = "//js.users.51.la/21443133.js" > < /script>
                                    


HTTP Transactions (91)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11144
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 09:31:38 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: qgkyiu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.148.98.104
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 24 Nov 2022 18:42:50 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.qgkyiu.com/

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6568
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 09:31:38 GMT
Last-Modified: Fri, 25 Nov 2022 07:42:10 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2676
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 09:31:38 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:19:04 GMT
cache-control: public,max-age=3600
age: 754
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: r0qlkpGmie8YJuecRxRiYlPsv8nD1P0+cJ0WPI4hut8UPlsVTXSAUxCjU0rdhFJTcznErKh0r+M=
x-amz-request-id: 6V6PK5DC5HXEA39C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:43:46 GMT
age: 2872
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 09:31:38 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:08:53 GMT
cache-control: public,max-age=3600
age: 1365
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: www.qgkyiu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.148.98.104
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 24 Nov 2022 18:42:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (710), with CRLF line terminators
Size:   753
Md5:    1bf64ac1e00e3a001f4e6589c025556d
Sha1:   cecfc0821967997a674f26b296d70130f121470a
Sha256: e958d9b6d9d5b491551cd487fd85652d1122cb930dfc518f280aa52cc49c0105
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5215
Cache-Control: max-age=90125
Date: Fri, 25 Nov 2022 09:31:39 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:33:44 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /common.js HTTP/1.1 
Host: www.qgkyiu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/

                                         
                                         104.148.98.104
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 24 Nov 2022 18:42:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1065), with no line terminators
Size:   507
Md5:    3a94a5fefad82e37a781a8613b63edb2
Sha1:   33fdcfcbc94b9e641c8c32943c48a5257920bf02
Sha256: c2436c695d7e01e6a193f911bcacfb4211e93a86f7806795bc1bfc571f281d20
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rfIcbv1sKOfW8Bh7kkjgug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.82.48.240
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vC6c2nTTi6EkSiWaUoJfD3/v4u0=

                                        
                                            GET /tj.js HTTP/1.1 
Host: www.qgkyiu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/

                                         
                                         104.148.98.104
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 24 Nov 2022 18:42:51 GMT
Content-Length: 202
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   202
Md5:    e164ca25f4fc840e6411d16dfadf8516
Sha1:   9427a9fab0a2b9ce0f88f454e0ea5dafdd0ab9ab
Sha256: ba2ba532d6f4c02357df00ac38aef3fc8764a2538f4dca9d95428f169717fe5c
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/

                                         
                                         39.156.68.163
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Fri, 25 Nov 2022 09:31:39 GMT
Etag: "4078521116"
Expires: Sat, 25 Nov 2023 09:31:39 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=4992D33E4479B70F81626DBE99EAE9B1:FG=1; max-age=31536000; expires=Sat, 25-Nov-23 09:31:39 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /js/jlys.js HTTP/1.1 
Host: www.towelioctltykddpdt.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/

                                         
                                         172.247.28.61
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:04 GMT
Last-Modified: Thu, 02 Jun 2022 07:24:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"629865a6-f3a"
Expires: Sat, 26 Nov 2022 05:32:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (447), with CRLF line terminators
Size:   1822
Md5:    88facc9844ed555fcd48540ca500e724
Sha1:   dea6514308a73bf471b55dca6155be10ccf55263
Sha256: 440a96acdbbe4eaeb3ddd12ce300a541b578fae83a1b01d1ee956d7d9cbaa965

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /jlys_data.php?zq=jlys&val=smplink&t=0.15822558079310556?v=05039189235504532 HTTP/1.1 
Host: www.towelioctltykddpdt.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.qgkyiu.com
Connection: keep-alive
Referer: http://www.qgkyiu.com/

                                         
                                         172.247.28.61
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   58
Md5:    4715bed2cf85ed6b9e9aaa51306b8b04
Sha1:   05383457ee6c4295aa9b4c4a66e10100c041a62c
Sha256: 5ff26241a7e56c271cd594f32b6014e9f0a6e82738b4363b4ae27da86b03e092

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 52810
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2351
Md5:    66d06d3cac1784e4ce6c8c89c300f10a
Sha1:   41ef94d198bbf98185eb332a3b6934c3c26c3afc
Sha256: 55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 41048
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 18520
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 41770
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8917
Md5:    5863138af1ddbba34a7856242a7b3a06
Sha1:   2eba66ff6539388c48562503e8d11ff0e060350a
Sha256: d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 41772
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6130
Md5:    ba7b9c131ab7e5998f25b069ba3860a0
Sha1:   0214fc0deecb1115766802f42cfd256e3c479490
Sha256: 717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tCG6Llkb9UHrJDHyxk5RgLkQ3Cds3dXRc0uMhy_9GbnzgMWk5UBS6w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:04:29 GMT
age: 74316
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10950
Md5:    4abf25d4a15ce58edadd54994b3434a2
Sha1:   18800e21d05596f7b64213072dee7dda5c1faf61
Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
                                        
                                            GET / HTTP/1.1 
Host: www.bbnjd.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qgkyiu.com/
Upgrade-Insecure-Requests: 1

                                         
                                         156.251.184.244
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (431)
Size:   11915
Md5:    b590320f9f7a7c4dd6734ecef8a91a58
Sha1:   2af525fa8fe47644b8edeb0febd0a181543f56ae
Sha256: c05b91b79f78958e6efc3a56cd0980b8fa32aca9dc639e851a499c6e15f559fe
                                        
                                            GET /template/jlys/static/css/bootstrap.min.css HTTP/1.1 
Host: www.bbnjd.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

                                         
                                         156.251.184.244
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Last-Modified: Wed, 27 May 2020 23:55:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf0-2212e"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (493)
Size:   27078
Md5:    009318d8ae281e66da9d7eaf20de9350
Sha1:   5598f58336a95bd4208b7ebddeb204d43865a70e
Sha256: 80683f9d898f82ebd9b8335a25cf57e68b84c836c4765a42c7bc17b43bea16e2
                                        
                                            GET /template/jlys/static/css/swiper.min.css HTTP/1.1 
Host: www.bbnjd.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

                                         
                                         156.251.184.244
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Last-Modified: Wed, 27 May 2020 23:55:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf2-4562"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (17459)
Size:   3298
Md5:    3b0f19c6e3d95b50787117fc26d47c7f
Sha1:   33799bc7c5f9ebda4adde8d59116a87fc2cce23f
Sha256: 39c608aa9656788524e36287f3a9e0070085695a439e4081a5bfd48c3b6f83b3
                                        
                                            GET /template/jlys/static/css/white.css HTTP/1.1 
Host: www.bbnjd.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

                                         
                                         156.251.184.244
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Last-Modified: Wed, 21 Apr 2021 20:48:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60808fb6-29da"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (1029), with CRLF line terminators
Size:   2820
Md5:    a5eccc7e2836315f7bb04b7898a027fd
Sha1:   b0df7401bdd8d1c8e70596bcf988254afafd6805
Sha256: 2bce05beec599deec60a00af27e41f9af335ca0684f93e22a6e3c2f6d5169590
                                        
                                            GET /template/jlys/static/css/mm-content.css HTTP/1.1 
Host: www.bbnjd.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

                                         
                                         156.251.184.244
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Last-Modified: Mon, 09 May 2022 14:28:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62792503-1cd0"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   1418
Md5:    52aa59d2204183f0387403c70b429fe9
Sha1:   834ea6ae81fa673cf95f01619c727198d4954f6f
Sha256: 57ce4e3e4ddc6bb24d3d25a9ef34a5a3076395b049f6fa832eb05b3d62b95d00
                                        
                                            GET /template/jlys/static/css/style.css HTTP/1.1 
Host: www.bbnjd.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

                                         
                                         156.251.184.244
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Last-Modified: Thu, 08 Jul 2021 15:56:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60e72017-10b00"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 text, with very long lines (350), with CRLF line terminators
Size:   14728
Md5:    4495e8aa756dc2cda90f57239ecad9ea
Sha1:   c8aaebce7643d7c46edc3b4e2ae426ae6b8c6ed5
Sha256: d56b5cf774c910d16c7c11a36322205fd47fe3f64688fb79e3f59b1f2a9a9257
                                        
                                            GET /static/js/jquery.js HTTP/1.1 
Host: www.bbnjd.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

                                         
                                         156.251.184.244
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Last-Modified: Sat, 12 Nov 2022 17:31:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636fd867-15e3f"
Expires: Sat, 26 Nov 2022 05:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   34877
Md5:    abedc8bae88e267ba9ab2db769d1eee4
Sha1:   e2e0efd271d8a6564837e7226c7586a0d96047b5
Sha256: a33a11a3922bed1ab922e13cd825e1fdf1fff5a9695aa9359acaa2a6e8d30066
                                        
                                            GET /images/0Z05r2224t6z9bba9EA9A.gif HTTP/1.1 
Host: ak-d.tripcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         96.6.16.143
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 917226
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7622796
expires: Tue, 21 Feb 2023 14:58:17 GMT
date: Fri, 25 Nov 2022 09:31:41 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   917226
Md5:    28998a87f539b948e98fdc9c82fc6a69
Sha1:   c0085b4e65a2679d63c10ccf8bcffd7b6014b211
Sha256: 1bcb305b12f83cc84760b87cc0d7088e774e0d67e19657f131fdc6a0fadbec0a
                                        
                                            GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1 
Host: ak-d.tripcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         96.6.16.143
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6556792
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Fri, 25 Nov 2022 09:31:41 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   1197751
Md5:    6938343bc2a842c4d2c9c96f4dde0298
Sha1:   00e2b1b902b196b3c005facb934c10e2a2ca1961
Sha256: 5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
                                        
                                            GET /21285005.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Fri, 25 Nov 2022 09:31:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=f6f7824deaf82245532; path=/ HWWAFSESTIME=1669368699935; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    c827032af976c243b7bd48054094e6c9
Sha1:   bc5327afcec506ecd4a4e5af1b891f788a3e24bc
Sha256: e5a1e6ee76c05c78cf4654d9f917125112c358781afbbb1ecae66724472dd496
                                        
                                            GET /gh/re341/ipad@main/112.ww HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/octet-stream
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"113605-HX8syPKxflKeUtK/RZS+Khk07yU"
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:31:41 GMT
age: 28703
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1645-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1127941
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 206 x 206\012- data
Size:   1127941
Md5:    0e7eec6edceaeea89caf8f918078ac38
Sha1:   1d7f2cc8f2b17e529e52d2bf4594be2a1934ef25
Sha256: a1dae3e6252e4cc2d7d8ef59a9b8b7484fd5e4a10f7276e975c3654f6c9391c8
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1797
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f95f72786c0b51-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    e5b4f0edacb0e1ec14b068b30274304e
Sha1:   88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
Sha256: 33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144
                                        
                                            GET /template/jlys//images/logo.png HTTP/1.1 
Host: www.bbnjd.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbnjd.xyz/

                                         
                                         156.251.184.244
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 17:32:05 GMT
Content-Length: 31224
Last-Modified: Thu, 16 Jun 2022 13:35:12 GMT
Connection: keep-alive
ETag: "62ab3190-79f8"
Expires: Sun, 25 Dec 2022 17:32:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size:   31224
Md5:    9e193b97a7e7ad03e60ea7e0525d1cc2
Sha1:   8a65564e9be25b8c9130ca5f46e42440f455f747
Sha256: 5b91ad20822478a84eb4018c93feb80184e765c4d7997383def9160c92e00757
                                        
                                            POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EACA7F7C80089C7BBFB0D3886EA60C71D31DBE1984EA7F773A20BC38B1D88EA2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1835
Expires: Fri, 25 Nov 2022 10:02:16 GMT
Date: Fri, 25 Nov 2022 09:31:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "50EFF0CC9219BF8A9B2AC708744E23AA7AD08A5219DBE6ACF6040083FAA9C0AE"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Fri, 25 Nov 2022 10:46:24 GMT
Date: Fri, 25 Nov 2022 09:31:41 GMT
Connection: keep-alive

                                        
                                            GET /lm/031815-80.gif HTTP/1.1 
Host: www.tupku.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.40
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 09:31:41 GMT
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Thu, 15 Dec 2022 23:37:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 772848
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2Ohyh70Q1%2B7PN%2B3xtjNF34%2BiGnhoKeEpUVXlE%2BsNTTCuiOKhHyLgQkiXHygK0S8BYobPbdi3c3F6zac5o1Zq82yD0Ln3abZCvvQfczsk8PGiSUgB8ODB7faw4%2Bro5od"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f95f734df90b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 281\012- data
Size:   1626999
Md5:    17244f3a8b60a0f7b291f5621c873713
Sha1:   c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
Sha256: 4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:21:49 GMT
Expires: Tue, 29 Nov 2022 23:21:48 GMT
Etag: "31b11d0550d45edc800a0f7e17838abbbb1498c8"
Cache-Control: max-age=394805,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f73eaa80b55-OSL

                                        
                                            GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1 
Host: kvezz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.154.215.92
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Fri, 25 Nov 2022 09:31:42 GMT
content-length: 162
location: https://kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 14:25:51 GMT
Expires: Thu, 01 Dec 2022 14:25:50 GMT
Etag: "b724a30579f0151ba30eb4313a8f56b2951831b8"
Cache-Control: max-age=535447,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f73fff01c0a-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 03:05:07 GMT
Expires: Tue, 29 Nov 2022 03:05:06 GMT
Etag: "7878d6d76412c208d171ee3b34480fc15154c5ab"
Cache-Control: max-age=321803,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f740f61b4e8-OSL

                                        
                                            GET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1 
Host: kzeaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         98.126.214.50
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Fri, 25 Nov 2022 09:31:42 GMT
content-length: 162
location: https://kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1 
Host: kzeaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         98.126.214.50
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Fri, 25 Nov 2022 09:31:42 GMT
content-length: 162
location: https://kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=595692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f74892bb527-OSL

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=595692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f74895ab51b-OSL

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 05:44:40 GMT
ETag: "7bfae97b990f84587fd4cb5bb226ebaca4626d0f"
Last-Modified: Fri, 25 Nov 2022 05:44:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2171
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f95f751d33b521-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    189cdefb347864aa5542e9480249ba68
Sha1:   7bfae97b990f84587fd4cb5bb226ebaca4626d0f
Sha256: 4359b3014e3700c027ada43defc2ce9a10004ed75f159d5adf8e9e02424d0403
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "AFCA105DE30FDC527BDABD3900C3E58BBD3612A2563D2C6F367EC81D2A5935B5"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5538
Expires: Fri, 25 Nov 2022 11:04:00 GMT
Date: Fri, 25 Nov 2022 09:31:42 GMT
Connection: keep-alive

                                        
                                            POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "AFCA105DE30FDC527BDABD3900C3E58BBD3612A2563D2C6F367EC81D2A5935B5"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5538
Expires: Fri, 25 Nov 2022 11:04:00 GMT
Date: Fri, 25 Nov 2022 09:31:42 GMT
Connection: keep-alive

                                        
                                            GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1 
Host: kvkeee.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbnjd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.171.171
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 09:31:42 GMT
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:02 GMT
etag: "637c023e-ff86"
expires: Wed, 21 Dec 2022 23:57:34 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 293648
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbLirwM%2FGgBPObw69NdKNXQhIgPuXTLX1hhS4z5uGCrly%2F32uFlwoo8kekWn9S%2BLStOfMu9Yi2iySmtVQ19gLMhLtekbu1s%2BRDSxvGTAXi7a747IG5HUNEtyrusq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f95f754b820b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   65414
Md5:    514c48163ce5b65fb6bf16d8578b478b
Sha1:   6c21c2f7fd18259458573225fbfdf80cd27b6bac
Sha256: 045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
                                        
                                            GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1 
Host: kvkggg.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbnjd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.154.165
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 09:31:42 GMT
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Sat, 10 Dec 2022 11:40:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1288255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3ngy42RVnXdjTkrG4Z3IEkXhTnjY7joHKFTF%2FGMiykh2kTbnWut9Jc3tTQDYP5xHr%2FLn826xu2c%2FTrIfCz7G1Qo%2BJwXhGTYF4vBJbPskNNhWkcqaeDS4ybrKu2e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f95f754a66b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   400264
Md5:    b722c3905b96f11823e04826aafdd50e
Sha1:   68b63b572a042d40ab210aa313b7ebbc372be5a1
Sha256: 630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1 
Host: kvkeee.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbnjd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.171.171
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 09:31:42 GMT
content-length: 82442
last-modified: Mon, 21 Nov 2022 22:57:04 GMT
etag: "637c0240-1420a"
expires: Thu, 22 Dec 2022 11:54:59 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 250603
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSkuFsoTx1FRhM4%2B6SSJlHzMXdxfTmfPQWxC2ihkK%2BmQ3lmqOFPS5wZvmqaexXhYJPWc%2BaL71SMCnnXX6YLUJSfkIqvyiwfbAgZfD4T1QrV6Mh90D6NygeGohCnf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f95f754b800b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   82442
Md5:    62f39c1c0c44a8d8d01f8d3f72921ce3
Sha1:   94b052ad190771bc28a0d2925f342b364775c004
Sha256: 1fa3b28afa7262c9e4c7f1473a073f8b3b4275aa754418b5a21a7248cf6f758b
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "AFCA105DE30FDC527BDABD3900C3E58BBD3612A2563D2C6F367EC81D2A5935B5"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5538
Expires: Fri, 25 Nov 2022 11:04:00 GMT
Date: Fri, 25 Nov 2022 09:31:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=595692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f7489b70afe-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 408
Cache-Control: max-age=131409
Date: Fri, 25 Nov 2022 09:31:42 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 22:01:51 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /obj/tos-cn-i-dy/393be3929c084e6fb01b3ba7b9dff8bb HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.227
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 637760
date: Thu, 24 Nov 2022 02:29:59 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 02:29:59 GMT
nw-session-id: 202211241029590102081611003A90D0C5js7tg03dy
nw-session-trace: 2022-11-24T10:29:59.927601758+08:00 47
x-bdcdn-cache-status: TCP_MISS
x-length: 637760
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 10:29:59 GMT
x-tt-logid: 202211241029590102081611003A90D0C5
via: n204-100-041, cache5.l2de2[0,0,206-0,H], cache21.l2de2[1,0], cache21.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc01:25:582::100
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01ffe91cff7ea325a541cc3dcd422cd38fa118ec9bc0dad61e1d7e36fb45011e8f0884fede43e9076cdcc0bf1d19bfac28e64296137a05619ab7a90ea90f6bc096db56de7461029a92ef4608cff9a7a6184ee1febeb16140a34ebb8d041107360d
x-response-lb: image
ali-swift-global-savetime: 1669257000
age: 111702
x-cache: HIT TCP_MEM_HIT dirn:4:398299303 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 12:24:59 GMT
x-swift-cachetime: 31500301
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693687023804893e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 700 x 100\012- data
Size:   637760
Md5:    259084ada3cea292dfd0fac4cef92e4f
Sha1:   5347fd087223f90569b8c05245ea457857bcf53f
Sha256: 226dea4d5627f9ebf789241a75f597078964c975d204d68cb66b4725fedf4cc8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:55:15 GMT
Expires: Tue, 29 Nov 2022 23:55:14 GMT
Etag: "65851a755e917d441fb222dbca6cd8a4c7c06036"
Cache-Control: max-age=396811,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f761cf00b55-OSL

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=595692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f748e38b529-OSL

                                        
                                            POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:09:43 GMT
Expires: Mon, 28 Nov 2022 23:09:42 GMT
Etag: "49ba6d2eb8d9050c4ef1c54fc62980ee6cdf46a0"
Cache-Control: max-age=307679,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f75ca9cb527-OSL

                                        
                                            GET /obj/tos-cn-i-dy/a43878b494d3499bb0307524ed7d7c04 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         47.246.44.227
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 420442
date: Tue, 22 Nov 2022 14:19:21 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 22 Nov 2022 14:03:01 GMT
nw-session-id: 2022112222030101017509107004F9EF5495wf903dy
nw-session-trace: 2022-11-22T22:03:01.621048573+08:00 199
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Tue, 22 Nov 2022 22:03:01 GMT
x-tt-logid: 2022112222030101017509107004F9EF54
via: n204-099-014, cache14.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache7.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc01:26:265::25
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0141e3d7960f7348f6a0c5a74918f663f382b6206bc515906d96f4f53a0995b49fb7b4b3aeddec37d8f5e4f69d26905cdf931f49bcc00b93420caa5bea756d30aabc6b5dd756aa03d95cb8c76e45d6044b2f8b2336501f24ecb3abe0994e1128a1
x-response-lb: image
ali-swift-global-savetime: 1669126761
age: 241941
x-cache: HIT TCP_MEM_HIT dirn:3:263799029
x-swift-savetime: Tue, 22 Nov 2022 16:41:12 GMT
x-swift-cachetime: 31527489
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716693687025465049e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   420442
Md5:    7020ecb5ebdf5d2d41668f76d36f5982
Sha1:   30c768ceb1463fffc0145f1e73c808f8f6d2bb51
Sha256: 3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:39:05 GMT
Expires: Wed, 30 Nov 2022 15:39:04 GMT
Etag: "b21c4758aa7cda5014cd3386e5bceb4123053a9e"
Cache-Control: max-age=453441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f766a8b1c0a-OSL

                                        
                                            GET /7f4326a942de44468e832f3775975026.gif HTTP/1.1 
Host: 2588qq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.91
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "633a7a7c-18f07"
Date: Wed, 23 Nov 2022 11:51:00 GMT
Server: nginx
Last-Modified: Mon, 03 Oct 2022 06:00:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 102151


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 150\012- data
Size:   102151
Md5:    eb2d786404404d76068eecb94ed0fea3
Sha1:   222b3896c1f7dac188d9d04b69990fb2888e89a4
Sha256: acb9ec9b6d3000bf1a24d0a1c167aa1dd137438f8ef339cf7be7ebff9b26f824

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /images/637cd3ae57b922de4f030a9d.gif HTTP/1.1 
Host: img.1158555.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.199.87.220
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/393be3929c084e6fb01b3ba7b9dff8bb
cache-control: max-age=3600
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 13:20:38 GMT
Expires: Thu, 01 Dec 2022 13:20:37 GMT
Etag: "392611dff6ef5eb39e216bb8587d6040e590604e"
Cache-Control: max-age=531534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f95f769a48b4e8-OSL

                                        
                                            GET /c253cd51928a4e92b6ff93e58865e510.gif HTTP/1.1 
Host: 986338dsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.76
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "637a2e84-57910"
Date: Tue, 22 Nov 2022 06:09:49 GMT
Server: nginx
Last-Modified: Sun, 20 Nov 2022 13:41:24 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-06
Content-Length: 358672


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   358672
Md5:    668143938c3bb811847d83330decd423
Sha1:   f86300da5d773b84bc65d3c901a4767fd8566c48
Sha256: a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   133073
Md5:    f44f18314d520e89498d1f67557c2697
Sha1:   bbdd1041f6be7316f0a565d525761a902959b6e6
Sha256: 303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8
                                        
                                            GET /41a28e3efa3841c89761a8f637921969.gif HTTP/1.1 
Host: 2599qq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.101
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62f895dd-8d5ca"
Date: Wed, 23 Nov 2022 08:01:10 GMT
Server: nginx
Last-Modified: Sun, 14 Aug 2022 06:27:41 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Length: 579018


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 120\012- data
Size:   579018
Md5:    54c2a3fb838c8e711bbe07220637d637
Sha1:   77e33ed77eb68c23320c059105fb2c900141301e
Sha256: fc832269e62682138155c4f5e7f34f36512d1bfe69482fbc4a2cc3d27251c8e1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Fri, 11 Nov 2022 11:33:51 GMT
ETag: "1668166431"
Expires: Sun, 11 Dec 2022 11:33:51 GMT
Last-Modified: Fri, 11 Nov 2022 11:33:51 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   211695
Md5:    0b39ec7c3e074e11a5629819f3aa4700
Sha1:   df59dbbb9d99b72d01f518d9c8484cd188440f0f
Sha256: f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8
                                        
                                            GET /static/uploads/image/x22/20221021/1666352536705082.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Sun, 20 Nov 2022 11:59:54 GMT
ETag: "1668945594"
Expires: Tue, 20 Dec 2022 11:59:54 GMT
Last-Modified: Sun, 20 Nov 2022 11:59:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   423091
Md5:    05cb648d84c2606c9892128f3ae9892d
Sha1:   aacbe8019ae2afaf01cb75f291ecb852ab21e94e
Sha256: 1ecea29ead7cf4e13e61b83bf6b40832727c259807f3a5f963f6ba435ce0eeb1
                                        
                                            GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494405"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:25 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   257993
Md5:    038ba2e11d90524678f7762f4628513f
Sha1:   a41054637ff263d13570f7eec83a3286957edc80
Sha256: 51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71
                                        
                                            GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   131724
Md5:    6815a174b1da262bb85e17910991d3ed
Sha1:   cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
Sha256: d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01
                                        
                                            GET /static/uploads/image/x22/20221021/1666352753192348.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Sun, 20 Nov 2022 11:46:11 GMT
ETag: "1668944773"
Expires: Tue, 20 Dec 2022 11:46:11 GMT
Last-Modified: Sun, 20 Nov 2022 11:46:13 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   428593
Md5:    60de0e198b93e9f487d4f1c77ed5db88
Sha1:   fa3070711f791e218c5235ff20bba7c086697f75
Sha256: ab8489fad65bf627642df428a3ba8b3733ce209f60b5c5e4064d76a0d160dd41
                                        
                                            GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   212163
Md5:    14c76e87c5da9f7226cf412026035c9d
Sha1:   a6cbebd6fd70a1975c7900dbacea379c7722bf94
Sha256: b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4
                                        
                                            GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   245365
Md5:    15b01b59267acae7726f30675e79d8bf
Sha1:   7449390411869cdc7b1b4ae6bee7e4fb7e893675
Sha256: 3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d
                                        
                                            GET /7512405275124866b7fcece7e39348e1.gif HTTP/1.1 
Host: n0533.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.78.78.186
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 15:09:18 GMT
ETag: W/"6378f19e-51701"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 100\012- data
Size:   91062
Md5:    62b3bf929422e901c730c19691b7f4de
Sha1:   86f1140094a1a931b074a10908b16b739582c83e
Sha256: c9fd595fadf8b281d9b3832517983de4ffffc87bcd116553fed9a1c20ab20800
                                        
                                            GET /3cd54835899b4244a452da12a2401f29.gif HTTP/1.1 
Host: u1099.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.66
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "6367a229-5d77a"
server: nginx
date: Mon, 07 Nov 2022 17:50:16 GMT
last-modified: Sun, 06 Nov 2022 12:01:45 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-56
content-length: 382842
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 100\012- data
Size:   382842
Md5:    3ee8c68d9bcee9dba9e18883f7a79dd7
Sha1:   ca6173103323ab2685f5c50c81c2e80d50583ab9
Sha256: 150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9
                                        
                                            GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   251962
Md5:    feb5419ef22c0a10470f6cfe2b0f1517
Sha1:   412e6b8e6f4244071851549b9d5ba5fdf9a5b631
Sha256: d889e702650ec0543cef9a6d281f576366872f31463f3b707498aac5cef2ae07
                                        
                                            GET /fdb81046090e418b958f9fc3d83528d0.gif HTTP/1.1 
Host: u1022.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.140
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "6367a25b-80eeb"
server: nginx
date: Wed, 09 Nov 2022 12:19:04 GMT
last-modified: Sun, 06 Nov 2022 12:02:35 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-10
content-length: 528107
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 100\012- data
Size:   528107
Md5:    b835921ae97148cb73e491e4288ae077
Sha1:   392c16f2ee23667d7956bc601ee2f5927c16160d
Sha256: acbe56eb9498265786e993eebf99780215d02e1cb27ea3a755f43a6134f10a55
                                        
                                            GET /static/uploads/image/x26/20221021/1666352814488575.gif HTTP/1.1 
Host: sysupload.csiteadmin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.184.85.118
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=2592000
Content-Encoding: gzip
Date: Sun, 20 Nov 2022 11:59:54 GMT
ETag: "1668945594"
Expires: Tue, 20 Dec 2022 11:59:54 GMT
Last-Modified: Sun, 20 Nov 2022 11:59:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   459715
Md5:    d4e74dbadc18d9e35bc48b815b8f37de
Sha1:   07562effc5109ea41403466d5d8795ededa57030
Sha256: 7973bc38aaf7332a150691990b844ce1efb79ab82e4d262fcd5901e77a53112b
                                        
                                            GET /4d6f5c464538416c8a4367f41accb357.gif HTTP/1.1 
Host: n0522.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.208.83.207
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 25 Nov 2022 09:31:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 12:03:50 GMT
ETag: W/"6367a2a6-64308"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 100\012- data
Size:   234083
Md5:    4accb5edc5dd748c790fadf9b37bb1e4
Sha1:   f7b4853dfa6d176c56863a976e3ba723a24e00ce
Sha256: 4306964c6de77a1def7c9b8d0f97c8d08ec81a5e62dd01a1a364feb22bf7fd42
                                        
                                            GET /qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0 HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 09:31:42 GMT
content-length: 331043
vary: Accept,Origin
last-modified: Sat, 12 Nov 2022 13:28:23 GMT
cache-control: max-age=2592000
x-delay: 49843 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 3dbacc4d-0b13-4eaf-93f8-d668a54d094c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   331043
Md5:    09f29e56330449942571a66f47f82fb5
Sha1:   30fc3421671176f6f724f32ee910470f03661ddc
Sha256: b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
                                        
                                            GET /8499/960x60.gif HTTP/1.1 
Host: 8499483.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.101.35
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 09:31:42 GMT
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   331043
Md5:    09f29e56330449942571a66f47f82fb5
Sha1:   30fc3421671176f6f724f32ee910470f03661ddc
Sha256: b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
                                        
                                            GET /images/637cd3de57b922de4f030a9e.gif HTTP/1.1 
Host: img.1180555.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbnjd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.199.87.220
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/a43878b494d3499bb0307524ed7d7c04
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---