nyjd365.com/cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm
38.63.244.175301 Moved Permanently 0 B URL HTTP/1.1 nyjd365.com/cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm
IP 38.63.244.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm HTTP/1.1
Host: nyjd365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 23 Mar 2023 08:25:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.nyjd365.com/cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13221
Expires: Thu, 23 Mar 2023 12:05:26 GMT
Date: Thu, 23 Mar 2023 08:25:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5008
Expires: Thu, 23 Mar 2023 09:48:33 GMT
Date: Thu, 23 Mar 2023 08:25:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 07:27:31 GMT
content-type: application/json
age: 3454
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14058
Expires: Thu, 23 Mar 2023 12:19:23 GMT
Date: Thu, 23 Mar 2023 08:25:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m/xqHzZigC5b/Jj5IpZxLxcnKxmGWDgMhxKDTvMYG+i1J+X6ZI4tKRZOAlMvU1aHEiHUKmZbHuQ=
x-amz-request-id: 3JAN2XMPGR8S1G1Q
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 07:53:58 GMT
age: 1867
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 08:17:23 GMT
age: 463
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nyjd365.com/cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm
38.63.244.175200 OK 807 B URL HTTP/1.1 www.nyjd365.com/cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm
IP 38.63.244.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (1714), with CRLF line terminators
Hash f4304d212eb45494a9f5f96d0526ec7d
c4dec8a82e007abdb42541a0ca66085dee3d4caf
38966a41f082b9c05dbd38df3c0379141cd7c897d289ec90ced2e7f76a8ec7fc
GET /cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm HTTP/1.1
Host: www.nyjd365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 08:25:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7429
Expires: Thu, 23 Mar 2023 10:28:55 GMT
Date: Thu, 23 Mar 2023 08:25:06 GMT
Connection: keep-alive
www.nyjd365.com/common.js
38.63.244.175200 OK 403 B URL HTTP/1.1 www.nyjd365.com/common.js
IP 38.63.244.175:0
File type ASCII text, with very long lines (1003), with CRLF line terminators
Hash db0cf5dc17018706f218d18a31985c74
6319557d1a84cb495e323e799ab02f4ce47ee79a
188e3c754806d323a0737ae4bf6b7ba9e9386a56890ff08740687ab4ceeb1d9c
GET /common.js HTTP/1.1
Host: www.nyjd365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nyjd365.com/cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 08:25:06 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.nyjd365.com/tj.js
38.63.244.175200 OK 316 B IP 38.63.244.175:0
File type HTML document, ASCII text, with CRLF line terminators
Hash cbe6f023684f02320f59c9289df84cf4
7f7c0fc89e56119c3c9b616cd99007e06d6c23d0
57b01c9aeac8ca2c1447d48eb97027ae7747bd3edd6d973b6572f46ab4b46ff4
GET /tj.js HTTP/1.1
Host: www.nyjd365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nyjd365.com/cms/news/100000/0000000224/2017/12/20/88a703101ad04c059f21623c7ad9e213.shtml.htm
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 08:25:06 GMT
Content-Type: application/x-javascript
Content-Length: 316
Connection: keep-alive
push.services.mozilla.com/
35.82.212.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.212.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /sJMgY4WvtP/ke3FuHrNdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T99rS8PbP96FI+l3ndE5wFfx9Fg=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73a4f05705d8c51060897b0c70627952
4a7de1f5aa45227d341f7bdc9831c097462b0c14
85c380d3121bc8993d4ed7b70108b960f971dc92d75535944eef8b2b8fba3979
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85C380D3121BC8993D4ED7B70108B960F971DC92D75535944EEF8B2B8FBA3979"
Last-Modified: Wed, 22 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16219
Expires: Thu, 23 Mar 2023 12:55:26 GMT
Date: Thu, 23 Mar 2023 08:25:07 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.194.133:0
Hash 01dce973d12f90fea10ce6cae7c205ac
992fefb40040070d62a9d89711f955d2bcb0c8d5
684da4bb96cdb481c800e77a6b6bd6a75b7e513c2554aad1e7bed7e27da8fc0d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 27 Mar 2023 06:39:18 GMT
ETag: "992fefb40040070d62a9d89711f955d2bcb0c8d5"
Last-Modified: Thu, 23 Mar 2023 06:39:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 23 Mar 2023 08:25:07 GMT
Age: 1840
X-Served-By: cache-qpg1230-QPG, cache-bma1683-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 15, 1
X-Timer: S1679559908.657018,VS0,VE1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6341
Expires: Thu, 23 Mar 2023 10:10:48 GMT
Date: Thu, 23 Mar 2023 08:25:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6341
Expires: Thu, 23 Mar 2023 10:10:48 GMT
Date: Thu, 23 Mar 2023 08:25:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6341
Expires: Thu, 23 Mar 2023 10:10:48 GMT
Date: Thu, 23 Mar 2023 08:25:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:34 GMT
age: 38493
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f148d2e3cd5679fe5cb9cd58630517c7
b312f7c6526254709a0f7424502952e9eaff9c78
6e98a90935a53caa8871238088e77269e5d7215d16dccabe7e9e4af09f39f7b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: a49dca74-54fa-457c-a5b6-e347fd139d1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8ovEgAIAMFcnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b749e-673461e13b7d2f4e7ad66e7f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:35:26 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: uuIP_yp-XnJjUMLZ5qCkwZhqhbAViZrp2J3GJEfFHr54ouK7s6gjlA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:35 GMT
age: 38492
etag: "b312f7c6526254709a0f7424502952e9eaff9c78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbdd70a4-b533-4e87-84d2-c2122ca1cdc5.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbdd70a4-b533-4e87-84d2-c2122ca1cdc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31ad983ec21e3dee7b6083bc04742aee
a98933e2845c02158175a54d9648f12086a96569
8cb18730db03dd8727b2ff42ecfa7885b9e8dbe3c37c08b1ad0c67e629338b95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbdd70a4-b533-4e87-84d2-c2122ca1cdc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5915
x-amzn-requestid: 1c6acb42-48cc-4113-a8d0-6a811cd16613
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xXaGUVoAMFwIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64156295-0edcaad90df031882fa7457c;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:04:53 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 7adB6pgLZouHEUjlJ0bXM2XnYcNUS1yjIhz6bz2C0jkIb60sqqQS6w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:54:10 GMT
age: 37857
etag: "a98933e2845c02158175a54d9648f12086a96569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a774aa1a206523471dfa75b624be2af
e41ca3e0550e74562b0374565225444ffb977c4e
208ea0f25d7bde64057701891811cdb8c0a67b6f60899ca514fbaf2e04d595bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9550
x-amzn-requestid: 8f8b6510-7da0-4bb9-80fc-25a56e03fcbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHWg3HJYoAMF8nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6419379e-505a4e8974c7ef9f23cef8a9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 04:50:38 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3LU04L75Jlw32jbOl1GoAXOLrTFpDPqApqkYNj0d1paR56fv5kx_hQ==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 11:36:44 GMT
age: 74903
etag: "e41ca3e0550e74562b0374565225444ffb977c4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ncagzm12kJaHQtYhhjUUhcfXVfbwMdonoNYqpK-QXEmLfyyENgFnFA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 02:49:25 GMT
age: 20142
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:33 GMT
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
age: 38494
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.users.51.la/21272119.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21272119.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash bc64deb18c42e580ff07cb34391809e9
d8f91459e29b51b562b3ef8defe25c1b14ab0eed
aab05e0d55e668ad036c73928e691a99367141a5e4fc59cfa2d215b6db5b2341
GET /21272119.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nyjd365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Thu, 23 Mar 2023 08:25:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=cb2b65efc1e0399cfd8; path=/
HWWAFSESTIME=1679559903772; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
tengxunbo-fa999.site/template/mb1/image/loading.svg
107.148.151.166200 OK 506 B URL HTTP/2 tengxunbo-fa999.site/template/mb1/image/loading.svg
IP 107.148.151.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
GET /template/mb1/image/loading.svg HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 10 Dec 2021 11:26:38 GMT
etag: "61b3396e-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tengxunbo-fa999.site/template/mb1/css/common.css
107.148.151.166200 OK 2.7 kB URL HTTP/2 tengxunbo-fa999.site/template/mb1/css/common.css
IP 107.148.151.166:0
Hash a22d1c86f803d06e4aa98f567be97357
e28880ffe801b06941dd0f7bcf6c6e6a9435ec11
10beedd388925e163cb8457b7342e26974fd077ac956e3628992dbe988e97e26
GET /template/mb1/css/common.css HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: text/css
last-modified: Mon, 11 Apr 2022 16:13:36 GMT
vary: Accept-Encoding
etag: W/"625453b0-22d0"
expires: Thu, 23 Mar 2023 20:25:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 693ecafc3a2c651e4d9245d9ed1db5f0
94803075d6c00520688665416e3a6776eb7efaab
514db73afc2401051283c0610ce5d6313fdb75e65976f5820b4780cb517a1977
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "514DB73AFC2401051283C0610CE5D6313FDB75E65976F5820B4780CB517A1977"
Last-Modified: Wed, 22 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16214
Expires: Thu, 23 Mar 2023 12:55:22 GMT
Date: Thu, 23 Mar 2023 08:25:08 GMT
Connection: keep-alive
tengxunbo-fa999.site/template/mb1/css/hmlcss.css
107.148.151.166200 OK 18 kB URL HTTP/2 tengxunbo-fa999.site/template/mb1/css/hmlcss.css
IP 107.148.151.166:0
Hash 7b19f8e3cb7159c77327d552aa942345
c065dd1f3d97d9e0849e75e49312c7402b46e435
7c057cd936c459ccde9c526e4dec72bcbf924679c6e0137a05400aaa0612e428
GET /template/mb1/css/hmlcss.css HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: text/css
last-modified: Wed, 22 Feb 2023 12:21:51 GMT
vary: Accept-Encoding
etag: W/"63f608df-142d8"
expires: Thu, 23 Mar 2023 20:25:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 06f086ca5791260fae22a4505d0656fe
46189e57f8fd1957ff858b7af236ac9a482e1f97
5c00cc7032e62ba399f470d016ba91765a8ff922e1d593ad562d270acd2b5a70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C00CC7032E62BA399F470D016BA91765A8FF922E1D593AD562D270ACD2B5A70"
Last-Modified: Wed, 22 Mar 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Thu, 23 Mar 2023 14:24:42 GMT
Date: Thu, 23 Mar 2023 08:25:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 06f086ca5791260fae22a4505d0656fe
46189e57f8fd1957ff858b7af236ac9a482e1f97
5c00cc7032e62ba399f470d016ba91765a8ff922e1d593ad562d270acd2b5a70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C00CC7032E62BA399F470D016BA91765A8FF922E1D593AD562D270ACD2B5A70"
Last-Modified: Wed, 22 Mar 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 23 Mar 2023 14:25:08 GMT
Date: Thu, 23 Mar 2023 08:25:08 GMT
Connection: keep-alive
tengxunbo-fa111.site/diaoyong/5fhhf.js
107.148.151.166200 OK 410 B URL HTTP/2 tengxunbo-fa111.site/diaoyong/5fhhf.js
IP 107.148.151.166:0
File type HTML document, Unicode text, UTF-8 text
Hash 8f59b60d4dd9f3481a288c8fb6f5aab7
41313ab631bbdede0e6d884d3c97bf2fa221039b
c8edfe827cc8e16d31ae4be5309e18802cb62858e18dc356697b49684e574648
GET /diaoyong/5fhhf.js HTTP/1.1
Host: tengxunbo-fa111.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:12 GMT
content-type: application/javascript
content-length: 410
last-modified: Sat, 11 Mar 2023 10:12:17 GMT
etag: "640c5401-19a"
expires: Thu, 23 Mar 2023 20:25:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
js.users.51.la/21272123.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21272123.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 2246317fa55ce67ec5839f886bf91468
e8cb423943f5246a57714015196b19a45d777092
1a6c738e3807a20b366499f1b561e4e1b7544a5be1472c144c9d7cd323a6eb36
GET /21272123.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Thu, 23 Mar 2023 08:25:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=e25d225013c5516aef5; path=/
HWWAFSESTIME=1679559906721; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
tupkku.top/logotp/bbzy7.gif
104.21.51.97200 OK 111 kB URL HTTP/2 tupkku.top/logotp/bbzy7.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /logotp/bbzy7.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 08:25:08 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 19 Jun 2022 13:14:29 GMT
etag: "62af2135-1b020"
expires: Wed, 05 Apr 2023 04:00:05 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1484642
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYSMtIK3FmHPDswGapCrgWnoTpdT%2FnyYR2h5bdXamWw%2Fb9Vb7gsB5mzecS9vlPPWrDH5Z%2Fxw2SrDtLho4e9EQen4UX6RBp%2FKM5i02gD5flAfnGCbAAzp5pfVk1v4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac548354927b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tengxunbo-fa999.site/template/mb1/image/video-play.png
107.148.151.166200 OK 1.6 kB URL HTTP/2 tengxunbo-fa999.site/template/mb1/image/video-play.png
IP 107.148.151.166:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/mb1/image/video-play.png HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/template/mb1/css/hmlcss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:12 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 17 Jun 2022 16:40:52 GMT
etag: "62acae94-61f"
expires: Sat, 22 Apr 2023 08:25:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
aooacctp.vip/lm/ynv100.gif
172.67.161.53200 OK 89 kB URL HTTP/2 aooacctp.vip/lm/ynv100.gif
IP 172.67.161.53:0
File type GIF image data, version 89a, 267 x 160\012- data
Hash 482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
GET /lm/ynv100.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 08:25:08 GMT
content-type: image/gif
content-length: 89034
last-modified: Sun, 29 May 2022 06:37:35 GMT
etag: "629314af-15bca"
expires: Mon, 03 Apr 2023 15:28:36 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1616134
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqSMTBa9LRdFZRR4DHtp5DrswUyTYeULLUhoO%2BhSAgayqYYLp%2FRs0zi%2BWQCvpLynaz930nBsnmUrYPYk0%2BnDxxgJiyNMXTnGEwOkuSLYf2tOpRzPWo8Snp0xRK7H6JM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac54836d813b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.users.51.la/21272117.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21272117.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 808f0e4e9e1dabedd9524af90b002f24
fddf238c0e65475f2c66595ed43a4d657f218f3b
821932047ea635d4a16b3c92733029be40865aa1a8eefe0ffa72f1e97df25293
GET /21272117.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nyjd365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Thu, 23 Mar 2023 08:25:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=79fef63dfa079eed1ee; path=/
HWWAFSESTIME=1679559905865; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
9304hhh999.vip/9304/960-80D.gif
172.67.223.176200 OK 986 kB URL HTTP/1.1 9304hhh999.vip/9304/960-80D.gif
IP 172.67.223.176:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 986 kB (985486 bytes)
Hash 2893906f8c716d1a1a32843c5044e267
fcac88c9cf902d9a01ae74c9aa85bf5433207c61
27e8c66ca49c013f8c233c7a462d6748c18c010a893a375d4b98d9d5d0b71bee
GET /9304/960-80D.gif HTTP/1.1
Host: 9304hhh999.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 08:25:09 GMT
Content-Type: image/gif
Content-Length: 985486
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 07:38:06 GMT
ETag: "c054b2f3fd39d91:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lDwU8ynZrsbtlzD7udk8Hp1EcNV8konMU4l9725viecxsQd5jMihoW4posSus%2Bvtp3wQJm6IHcNVsmNthlDDH5BtgU%2BwfZ1b2snfAO%2Fs6h%2BKF4twkyVyJjDch4Br5cFQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac54834ca6cb4f9-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ba8b3511a8aeec3f571f3282bf1fac3
e682031a8b2962f9b1364a4a6f566250ee24527e
e245fdf3d52331983268350072faf87af8c628d135ae691ff7acd08581af6727
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E245FDF3D52331983268350072FAF87AF8C628D135AE691FF7ACD08581AF6727"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 23 Mar 2023 14:25:09 GMT
Date: Thu, 23 Mar 2023 08:25:09 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.194.133:0
Hash cd694e72b5685ec58b8b49398082754e
411e4b1b5bccc0c4ea24c51a689caf7da3a6cb8e
2f9e5955b63ccb3e565b4ad6ea93215d93ef5deea2bb008a03dbdab9c6c23ae4
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 27 Mar 2023 06:59:17 GMT
ETag: "411e4b1b5bccc0c4ea24c51a689caf7da3a6cb8e"
Last-Modified: Thu, 23 Mar 2023 06:59:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 23 Mar 2023 08:25:09 GMT
Age: 1486
X-Served-By: cache-qpg1233-QPG, cache-bma1683-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 31, 1
X-Timer: S1679559909.382823,VS0,VE1
tengxunbo-fa999.site/template/mb1/js/jquery.min.js
107.148.151.166200 OK 38 kB URL HTTP/2 tengxunbo-fa999.site/template/mb1/js/jquery.min.js
IP 107.148.151.166:0
Hash bb61d14d26a136cbd0d9a648f515ccbd
344068303caa00518f64baf725a66ab68bba52c7
02085e0e1e71b128ac7afb645a4d23dc0c026f95705636bc8d5a7cb42fd42300
GET /template/mb1/js/jquery.min.js HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: application/javascript
last-modified: Fri, 08 Jul 2022 12:34:02 GMT
vary: Accept-Encoding
etag: W/"62c8243a-17b8a"
expires: Thu, 23 Mar 2023 20:25:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bde2b11717a139440568caee331ffa11
95bc62de742e92eb7ebad2ea85f69bd771045ec6
11626b99d3ba1f6dc3b5dd1e5aadb42c47358b4a20e3770bfde9f0813d91371e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11626B99D3BA1F6DC3B5DD1E5AADB42C47358B4A20E3770BFDE9F0813D91371E"
Last-Modified: Tue, 21 Mar 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 23 Mar 2023 14:25:09 GMT
Date: Thu, 23 Mar 2023 08:25:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aaf1812178357b2ebef633a2e18fce40
7f7395419a1891076940abc0baa2a4c86446b3fb
194eb86cad88d0cf4dc0bbd0d68d77a0550da79f6b285fdec60a7c7a3eb4e2a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "194EB86CAD88D0CF4DC0BBD0D68D77A0550DA79F6B285FDEC60A7C7A3EB4E2A5"
Last-Modified: Tue, 21 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1777
Expires: Thu, 23 Mar 2023 08:54:46 GMT
Date: Thu, 23 Mar 2023 08:25:09 GMT
Connection: keep-alive
tengxunbo-fa111.site/diaoyong/4fhhf.js
107.148.151.166200 OK 2.0 kB URL HTTP/2 tengxunbo-fa111.site/diaoyong/4fhhf.js
IP 107.148.151.166:0
Hash 8f55626b7152eb2ff7e41d9b7c84f2c1
046b57f2b6162aac676a9f0a9495a1ae57224b52
f79f0f7903805c67e785edef9343ecfa99e44c0410f5b359685dccc8090bdbd9
GET /diaoyong/4fhhf.js HTTP/1.1
Host: tengxunbo-fa111.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:12 GMT
content-type: application/javascript
last-modified: Sat, 18 Mar 2023 17:22:39 GMT
vary: Accept-Encoding
etag: W/"6415f35f-2707"
expires: Thu, 23 Mar 2023 20:25:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvkaa.com/c6a65988a83a7719b360a51b2954a216.gif
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/c6a65988a83a7719b360a51b2954a216.gif
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c6a65988a83a7719b360a51b2954a216.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 23 Mar 2023 08:25:09 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/c6a65988a83a7719b360a51b2954a216.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ia.51.la/go1?id=21272119&rt=1679559916556&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2&ing=2&ekc=&sid=1679559916556&tt=%25E4%25B8%25B4%25E6%25B2%25A7%25E8%259B%258A%25E5%258A%259D%25E8%2588%25AA%25E5%25A4%25A9%25E4%25BF%25A1%25E6%2581%25AF%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E6%2597%25A5%25E9%259F%25A9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%25BE%252C%25E7%258E%25A9%25E5%25B0%2591%25E5%25A6%2587%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%252C%25E6%2588%2590%25E5%25B9%25B4%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%2597%25E6%259A%25B4%25E6%25AF%259B%25E7%2589%2587%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B%252C%25E4%25B8%25B0%25E6%25BB%25A1%25E7%2588%2586%25E4%25B9%25B3%25E5%25B0%2591%25E5%25A6%2587%25E4%25B8%25AD%25E6%2596%2587%25E6%2597%25A0%25E7%25A0%2581%25E7%2589%25A1%25E4%25B8%25B9%252C%25E5%25A5%25B3%25E6%2580%25A7%25E7%25A7%2581%25E5%25AF%2586%25E4%25BF%259D%25E5%2581%25A5%25E6%258C%2589%25E6%2591%25A9%25E8%25A7%2586%25E9%25A2%2591%252C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E5%2599%259C%25E5%2599%259C%25E5%2599%259C%25E4%25B9%2585%25E4%25B9%2585&cu=http%253A%252F%252Fwww.nyjd365.com%252Fcms%252Fnews%252F100000%252F0000000224%252F2017%252F12%252F20%252F88a703101ad04c059f21623c7ad9e213.shtml.htm&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21272119&rt=1679559916556&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2&ing=2&ekc=&sid=1679559916556&tt=%25E4%25B8%25B4%25E6%25B2%25A7%25E8%259B%258A%25E5%258A%259D%25E8%2588%25AA%25E5%25A4%25A9%25E4%25BF%25A1%25E6%2581%25AF%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E6%2597%25A5%25E9%259F%25A9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%25BE%252C%25E7%258E%25A9%25E5%25B0%2591%25E5%25A6%2587%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%252C%25E6%2588%2590%25E5%25B9%25B4%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%2597%25E6%259A%25B4%25E6%25AF%259B%25E7%2589%2587%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B%252C%25E4%25B8%25B0%25E6%25BB%25A1%25E7%2588%2586%25E4%25B9%25B3%25E5%25B0%2591%25E5%25A6%2587%25E4%25B8%25AD%25E6%2596%2587%25E6%2597%25A0%25E7%25A0%2581%25E7%2589%25A1%25E4%25B8%25B9%252C%25E5%25A5%25B3%25E6%2580%25A7%25E7%25A7%2581%25E5%25AF%2586%25E4%25BF%259D%25E5%2581%25A5%25E6%258C%2589%25E6%2591%25A9%25E8%25A7%2586%25E9%25A2%2591%252C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E5%2599%259C%25E5%2599%259C%25E5%2599%259C%25E4%25B9%2585%25E4%25B9%2585&cu=http%253A%252F%252Fwww.nyjd365.com%252Fcms%252Fnews%252F100000%252F0000000224%252F2017%252F12%252F20%252F88a703101ad04c059f21623c7ad9e213.shtml.htm&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21272119&rt=1679559916556&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2&ing=2&ekc=&sid=1679559916556&tt=%25E4%25B8%25B4%25E6%25B2%25A7%25E8%259B%258A%25E5%258A%259D%25E8%2588%25AA%25E5%25A4%25A9%25E4%25BF%25A1%25E6%2581%25AF%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E6%2597%25A5%25E9%259F%25A9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%25BE%252C%25E7%258E%25A9%25E5%25B0%2591%25E5%25A6%2587%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%252C%25E6%2588%2590%25E5%25B9%25B4%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%2597%25E6%259A%25B4%25E6%25AF%259B%25E7%2589%2587%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B%252C%25E4%25B8%25B0%25E6%25BB%25A1%25E7%2588%2586%25E4%25B9%25B3%25E5%25B0%2591%25E5%25A6%2587%25E4%25B8%25AD%25E6%2596%2587%25E6%2597%25A0%25E7%25A0%2581%25E7%2589%25A1%25E4%25B8%25B9%252C%25E5%25A5%25B3%25E6%2580%25A7%25E7%25A7%2581%25E5%25AF%2586%25E4%25BF%259D%25E5%2581%25A5%25E6%258C%2589%25E6%2591%25A9%25E8%25A7%2586%25E9%25A2%2591%252C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E5%2599%259C%25E5%2599%259C%25E5%2599%259C%25E4%25B9%2585%25E4%25B9%2585&cu=http%253A%252F%252Fwww.nyjd365.com%252Fcms%252Fnews%252F100000%252F0000000224%252F2017%252F12%252F20%252F88a703101ad04c059f21623c7ad9e213.shtml.htm&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nyjd365.com/
HTTP/1.1 200
Server: CloudWAF
Date: Thu, 23 Mar 2023 08:25:09 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=9427d6f4a5db2680d10; path=/
HWWAFSESTIME=1679559908336; path=/
ia.51.la/go1?id=21272117&rt=1679559916551&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2&ing=1&ekc=&sid=1679559916551&tt=%25E4%25B8%25B4%25E6%25B2%25A7%25E8%259B%258A%25E5%258A%259D%25E8%2588%25AA%25E5%25A4%25A9%25E4%25BF%25A1%25E6%2581%25AF%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E6%2597%25A5%25E9%259F%25A9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%25BE%252C%25E7%258E%25A9%25E5%25B0%2591%25E5%25A6%2587%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%252C%25E6%2588%2590%25E5%25B9%25B4%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%2597%25E6%259A%25B4%25E6%25AF%259B%25E7%2589%2587%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B%252C%25E4%25B8%25B0%25E6%25BB%25A1%25E7%2588%2586%25E4%25B9%25B3%25E5%25B0%2591%25E5%25A6%2587%25E4%25B8%25AD%25E6%2596%2587%25E6%2597%25A0%25E7%25A0%2581%25E7%2589%25A1%25E4%25B8%25B9%252C%25E5%25A5%25B3%25E6%2580%25A7%25E7%25A7%2581%25E5%25AF%2586%25E4%25BF%259D%25E5%2581%25A5%25E6%258C%2589%25E6%2591%25A9%25E8%25A7%2586%25E9%25A2%2591%252C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E5%2599%259C%25E5%2599%259C%25E5%2599%259C%25E4%25B9%2585%25E4%25B9%2585&cu=http%253A%252F%252Fwww.nyjd365.com%252Fcms%252Fnews%252F100000%252F0000000224%252F2017%252F12%252F20%252F88a703101ad04c059f21623c7ad9e213.shtml.htm&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21272117&rt=1679559916551&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2&ing=1&ekc=&sid=1679559916551&tt=%25E4%25B8%25B4%25E6%25B2%25A7%25E8%259B%258A%25E5%258A%259D%25E8%2588%25AA%25E5%25A4%25A9%25E4%25BF%25A1%25E6%2581%25AF%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E6%2597%25A5%25E9%259F%25A9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%25BE%252C%25E7%258E%25A9%25E5%25B0%2591%25E5%25A6%2587%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%252C%25E6%2588%2590%25E5%25B9%25B4%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%2597%25E6%259A%25B4%25E6%25AF%259B%25E7%2589%2587%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B%252C%25E4%25B8%25B0%25E6%25BB%25A1%25E7%2588%2586%25E4%25B9%25B3%25E5%25B0%2591%25E5%25A6%2587%25E4%25B8%25AD%25E6%2596%2587%25E6%2597%25A0%25E7%25A0%2581%25E7%2589%25A1%25E4%25B8%25B9%252C%25E5%25A5%25B3%25E6%2580%25A7%25E7%25A7%2581%25E5%25AF%2586%25E4%25BF%259D%25E5%2581%25A5%25E6%258C%2589%25E6%2591%25A9%25E8%25A7%2586%25E9%25A2%2591%252C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E5%2599%259C%25E5%2599%259C%25E5%2599%259C%25E4%25B9%2585%25E4%25B9%2585&cu=http%253A%252F%252Fwww.nyjd365.com%252Fcms%252Fnews%252F100000%252F0000000224%252F2017%252F12%252F20%252F88a703101ad04c059f21623c7ad9e213.shtml.htm&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21272117&rt=1679559916551&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2&ing=1&ekc=&sid=1679559916551&tt=%25E4%25B8%25B4%25E6%25B2%25A7%25E8%259B%258A%25E5%258A%259D%25E8%2588%25AA%25E5%25A4%25A9%25E4%25BF%25A1%25E6%2581%25AF%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%25AC%25A7%25E7%25BE%258E%25E9%25AB%2598%25E6%25B8%2585%25E4%25B8%2580%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E4%25B8%2593%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E6%2597%25A5%25E9%259F%25A9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%25BE%252C%25E7%258E%25A9%25E5%25B0%2591%25E5%25A6%2587%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%252C%25E6%2588%2590%25E5%25B9%25B4%25E5%25A5%25B3%25E4%25BA%25BA%25E7%25B2%2597%25E6%259A%25B4%25E6%25AF%259B%25E7%2589%2587%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B%252C%25E4%25B8%25B0%25E6%25BB%25A1%25E7%2588%2586%25E4%25B9%25B3%25E5%25B0%2591%25E5%25A6%2587%25E4%25B8%25AD%25E6%2596%2587%25E6%2597%25A0%25E7%25A0%2581%25E7%2589%25A1%25E4%25B8%25B9%252C%25E5%25A5%25B3%25E6%2580%25A7%25E7%25A7%2581%25E5%25AF%2586%25E4%25BF%259D%25E5%2581%25A5%25E6%258C%2589%25E6%2591%25A9%25E8%25A7%2586%25E9%25A2%2591%252C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E5%2599%259C%25E5%2599%259C%25E5%2599%259C%25E4%25B9%2585%25E4%25B9%2585&cu=http%253A%252F%252Fwww.nyjd365.com%252Fcms%252Fnews%252F100000%252F0000000224%252F2017%252F12%252F20%252F88a703101ad04c059f21623c7ad9e213.shtml.htm&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nyjd365.com/
HTTP/1.1 200
Server: CloudWAF
Date: Thu, 23 Mar 2023 08:25:09 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=9427d718a5db2680d10; path=/
HWWAFSESTIME=1679559908336; path=/
tengxunbo-fa999.site/template/mb1/css/app.css
107.148.151.166200 OK 2.8 kB URL HTTP/2 tengxunbo-fa999.site/template/mb1/css/app.css
IP 107.148.151.166:0
Hash e050607f44eff7511604629589e3266e
47b9963447a0274cafab3a29f0943e5eba15974a
d7b3a2e6d0d59a638de93dd72b30fe2335d4664ba39da5eab90d1cba0933b633
GET /template/mb1/css/app.css HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: text/css
last-modified: Sat, 21 May 2022 15:56:32 GMT
vary: Accept-Encoding
etag: W/"62890bb0-abb"
expires: Thu, 23 Mar 2023 20:25:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sv1.stor.petaexpress.com/dfegfegeg/InKkgCOVsAWTB6v.jpg
199.180.101.118200 OK 11 kB URL HTTP/1.1 sv1.stor.petaexpress.com/dfegfegeg/InKkgCOVsAWTB6v.jpg
IP 199.180.101.118:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1002x58, components 3\012- data
Hash 419d482409e0e9496d5ee0158b213bc6
aff34b29110b9c567a14c7d298c41720d8ef31ab
84b0f44e1433054b20975c4cce5a806cfb55f3856f32c57e80eb28e9481c3203
GET /dfegfegeg/InKkgCOVsAWTB6v.jpg HTTP/1.1
Host: sv1.stor.petaexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 08:25:09 GMT
Content-Type: image/jpeg
Content-Length: 10691
Connection: keep-alive
Accept-Ranges: bytes
Etag: "419d482409e0e9496d5ee0158b213bc6"
Last-Modified: Tue, 29 Nov 2022 08:07:45 GMT
x-qs-request-id: 28fd20d8fd7e9d61
x-qs-storage-class: STANDARD
n33033.com/24e84a20aa65b6ef63395311a53eea87.gif
5.78.95.164200 OK 23 kB URL HTTP/2 n33033.com/24e84a20aa65b6ef63395311a53eea87.gif
IP 5.78.95.164:0
File type GIF image data, version 89a, 108 x 108\012- data
Hash 0a13df82fb17cd832929d3c09a9e47e1
c7e2e9d17223565edf07aa14959f1a83c646bb3a
d6a2c902ebd74cca8aed3b3806b38963c02b74d112750693e6ecedab4df5dfd4
GET /24e84a20aa65b6ef63395311a53eea87.gif HTTP/1.1
Host: n33033.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:09 GMT
content-type: image/gif
content-length: 22731
last-modified: Tue, 20 Dec 2022 07:49:01 GMT
etag: "63a168ed-58cb"
expires: Thu, 23 Mar 2023 20:25:09 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 5206
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwlaLCNhr6589Mm89q4%2BZ1dtTnN3esJ8DsmoFMozEvx%2Bs5g3vbSC%2FK1VajAmfkUO4bsQTr9hWC%2FN0CZpNXXaBrlH%2BqOnUYFn%2F6r%2FXoL4UlrkHUkM%2FWOXh1XJcCH4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7ab427ddabc8ef98-PDX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 980b6a834a0a33b542e93fa9b542b21c
b9b5c2e9b44a7d4a20378e56f4e3870f4010ba50
6e7eb05402e951e202a5ce3220050aa904d0c142a5f6b6e8cd9d7ed860574967
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 08:25:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 01:20:40 GMT
Expires: Mon, 27 Mar 2023 01:20:39 GMT
Etag: "b9b5c2e9b44a7d4a20378e56f4e3870f4010ba50"
Cache-Control: max-age=319529,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac5483becc90b4d-OSL
abc748596aaa.vip/9820/960-80A.gif
103.142.8.251200 OK 56 kB URL HTTP/1.1 abc748596aaa.vip/9820/960-80A.gif
IP 103.142.8.251:0
ASN #136933 Gigabitbank Global
File type GIF image data, version 89a, 980 x 60\012- data
Hash 361aed34798f98db26e7c50462c4b8c5
5ef04619670d41dbbe05e4fa0df9ddd54445d2cd
3a462d3a0fa3dc9d6e8ad5a69e6ec75418b618e0ff6a6abc4bef899a96874e57
Analyzer Verdict Alert quad9 Sinkholed
GET /9820/960-80A.gif HTTP/1.1
Host: abc748596aaa.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 09 Nov 2022 12:29:16 GMT
Accept-Ranges: bytes
ETag: "2ac34ee236f4d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 11 Mar 2023 07:40:51 GMT
Content-Length: 55633
ia.51.la/go1?id=21272123&rt=1679559916272&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&ing=1&ekc=&sid=1679559916272&tt=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&kw=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&cu=https%253A%252F%252Ftengxunbo-fa999.site%252F&pu=http%253A%252F%252Fwww.nyjd365.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21272123&rt=1679559916272&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&ing=1&ekc=&sid=1679559916272&tt=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&kw=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&cu=https%253A%252F%252Ftengxunbo-fa999.site%252F&pu=http%253A%252F%252Fwww.nyjd365.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21272123&rt=1679559916272&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&ing=1&ekc=&sid=1679559916272&tt=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&kw=%25E8%2585%25BE%25E8%25AE%25AF-tengxunav-com&cu=https%253A%252F%252Ftengxunbo-fa999.site%252F&pu=http%253A%252F%252Fwww.nyjd365.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Thu, 23 Mar 2023 08:25:09 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=429791558d6605b942ce; path=/
HWWAFSESTIME=1679559906768; path=/
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 55843e8cfbff03412a026fb4f402f80b
a5be9456004d44e4fc54c568f83cc3cedb95186a
945b3d55657bf5eb2b0352cfbbabd1e313a29f4a198bc63a9672d16e57929d8f
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 08:25:10 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 19 Mar 2023 23:17:13 GMT
Expires: Sun, 26 Mar 2023 23:17:12 GMT
Etag: "a5be9456004d44e4fc54c568f83cc3cedb95186a"
Cache-Control: max-age=312121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac5483cac48b50b-OSL
kvtaaa.top/c6a65988a83a7719b360a51b2954a216.gif
104.21.30.227200 OK 1.1 MB URL HTTP/2 kvtaaa.top/c6a65988a83a7719b360a51b2954a216.gif
IP 104.21.30.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.1 MB (1088124 bytes)
Hash 22b05fb7dd8dfb2c1c0f59a9b8b8b3b5
ff95ea37d9b7fee86072dd41b683c50eb7e456c7
9453485cf924296690fe4e0628ac08e9ec46fe423a4c2d6bc63d01d6bb1b3492
GET /c6a65988a83a7719b360a51b2954a216.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tengxunbo-fa999.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 08:25:10 GMT
content-type: image/gif
content-length: 1088124
last-modified: Sun, 25 Dec 2022 10:35:56 GMT
etag: "63a8278c-109a7c"
expires: Sat, 22 Apr 2023 08:25:09 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQ1ZiVx1gdVpOTAo4F2yI3hW9F%2F2vJ9QMi94KXLpFsz6b98ebAT8Yx5IvKUSBvfkVdQW84UEvAvyVvqmNdQdTjHetF2EvyRLH%2BbtnidlwLd2M1LaQWwUXqskWKhZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac5483c4e4ab4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d8636e7a64c68bf16542e66f83ef9fc5
1d057def4b2706a0f43a20486f92772fd7046d6e
1d7e63fd4ed98037813cfedaea88ae7ba97d1fae232a7cdb69bf2e42755a2700
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 08:25:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 14:14:58 GMT
Expires: Mon, 27 Mar 2023 14:14:57 GMT
Etag: "1d057def4b2706a0f43a20486f92772fd7046d6e"
Cache-Control: max-age=365986,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac5483f585b0b4d-OSL
n0533.com/e84d89cfb5e649bab6bbbdae9b0f28d6.gif
107.167.16.2200 OK 127 kB URL HTTP/1.1 n0533.com/e84d89cfb5e649bab6bbbdae9b0f28d6.gif
IP 107.167.16.2:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 127 kB (126639 bytes)
Hash c15d09d052e98e5509afe7028333f70a
63784c690b5612ef5c43e4ccc28914f6ff7f4330
c18beea0bcde5dc44fb4a01beb05711a7b2bb11ec01b6c4a163070dfa7570b4d
GET /e84d89cfb5e649bab6bbbdae9b0f28d6.gif HTTP/1.1
Host: n0533.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 08:25:09 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 08 Mar 2023 11:02:33 GMT
ETag: W/"64086b49-5c246"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
qp.ezfxpuo.cn/960X60.gif
218.66.171.78200 OK 245 kB IP 218.66.171.78:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (244625 bytes)
Hash 8ea7a6d4406fc7d5d0c11e711a860b6b
5dfe851d968ba8bdd6c9aa331fe816505f1749f6
f1fb1cf1dc68a5b38cf47a0676d19a68a67a1fec63d97657be4a32b899cf0aaf
GET /960X60.gif HTTP/1.1
Host: qp.ezfxpuo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Thu, 23 Mar 2023 08:25:09 GMT
content-type: image/gif
content-length: 244625
x-oss-request-id: 63F9A9C29DB57833328C4EFC
etag: "8EA7A6D4406FC7D5D0C11E711A860B6B"
last-modified: Fri, 24 Feb 2023 05:36:14 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4303395622184053937
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: jqem1EBvx9XQwR5xGoYLaw==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
13.227.254.111200 OK 393 kB URL HTTP/2 kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP 13.227.254.111:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 393 kB (393378 bytes)
Hash a930de5ec6e818c397927d0c8e288eb4
5740c07c68ec2828cf3544a76afa1755077a6f57
e5a218bd1dc9bc6410f36069969a1c36a3f34f0d42079c4bd02ec8c19421bee0
GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: kzett.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 393378
last-modified: Tue, 03 Jan 2023 03:28:21 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 22 Mar 2023 14:50:21 GMT
etag: "a930de5ec6e818c397927d0c8e288eb4"
x-cache: Hit from cloudfront
via: 1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: pstsxr4wXevcBb9ZYtgH2tys619givRqbif2WZFSyQhYt3cumUS4oA==
age: 63290
X-Firefox-Spdy: h2
pic.picnewsss.com/tu-2022290039/960-60.gif
23.225.139.251200 OK 239 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/960-60.gif
IP 23.225.139.251:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 239 kB (238667 bytes)
Hash 76240c675ea11ed0347178b1b96b10aa
a6bf11d0305bad2d36701facd863507cee1993a2
e49416b013b8cd26e294056d139b7a883226a15d330ebac3e270b416b7575a5d
GET /tu-2022290039/960-60.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-type: image/gif
date: Wed, 22 Mar 2023 20:41:24 GMT
etag: "1679559615_br"
expires: Fri, 21 Apr 2023 20:41:24 GMT
last-modified: Thu, 23 Mar 2023 08:20:15 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, memory
X-Firefox-Spdy: h2
8499165.com/8499/zzxx/960x100.gif
172.247.109.213200 OK 479 kB URL HTTP/2 8499165.com/8499/zzxx/960x100.gif
IP 172.247.109.213:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 479 kB (479036 bytes)
Hash f586fcd7d6a54725a2d0d26355f16a06
338916b44a69b6820f8b741d0c47e68830e6234a
af1a7ed89fa356285f747cd80c8d7d33b980066a02051706c41083edd567414d
GET /8499/zzxx/960x100.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 08:25:10 GMT
content-type: image/gif
content-length: 479036
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "74f3c-5f092cf09552f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
xiod.xyz/k9-ky960x60.gif
116.177.225.100200 OK 406 kB IP 116.177.225.100:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (405511 bytes)
Hash 2cc0caa937d60ce47f10bcc67e78c29d
e6be035b70daeef0479d69f5530e552cb7bb5cdc
a8360b2d6ce237a2ff2899226461cce6ebf9d014aed3febb2c4cdc8e2356c6df
GET /k9-ky960x60.gif HTTP/1.1
Host: xiod.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 13 Mar 2023 10:13:40 GMT
Etag: "2cc0caa937d60ce47f10bcc67e78c29d"
Content-Type: image/gif
Date: Tue, 21 Mar 2023 05:59:20 GMT
Server: tencent-cos
x-cos-cache: true
x-cos-hash-crc64ecma: 17982091820924443950
x-cos-request-id: NjQxOTQ3YjhfYmE1MGI3MDlfYWJmZV8zZTdkYjYy
Content-Length: 405511
Accept-Ranges: bytes
X-NWS-LOG-UUID: 5140770539380613762
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=86400
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 28fbeef919f1247d9d81e83833018f80
8b5ff41ea437a3ade7be9375fec077fbec40c257
6505e9e556df977677529756a62fdeca006f301d497c33fd4f0dfff4c2ead686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 08:25:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 21:16:32 GMT
Expires: Mon, 27 Mar 2023 21:16:31 GMT
Etag: "8b5ff41ea437a3ade7be9375fec077fbec40c257"
Cache-Control: max-age=391279,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac54846aff60b4d-OSL
img.solomon89.xyz/images/6402f50937c7b44c919f779a.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.solomon89.xyz/images/6402f50937c7b44c919f779a.gif
IP 3.36.126.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6402f50937c7b44c919f779a.gif HTTP/1.1
Host: img.solomon89.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://img.mengzhan24.com/loveimgmoe/77/9a/6402f50937c7b44c919f779a.gif
X-Firefox-Spdy: h2
img.mengzhan24.com/loveimgmoe/77/9a/6402f50937c7b44c919f779a.gif
172.67.24.77200 OK 281 kB URL HTTP/2 img.mengzhan24.com/loveimgmoe/77/9a/6402f50937c7b44c919f779a.gif
IP 172.67.24.77:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 281 kB (281186 bytes)
Hash 328a681d303fc14ec09759a9a40f5e59
d7cef073187f1b7d92dd804cf5ef77b161993a53
74b2695464d6d8ac15b2b2183bacfe6c9bea5ff48dda89e8eaef8a82746c753f
GET /loveimgmoe/77/9a/6402f50937c7b44c919f779a.gif HTTP/1.1
Host: img.mengzhan24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: image/jpeg
content-length: 281186
cache-control: max-age=2678400
last-modified: Sun, 19 Mar 2023 07:19:43 GMT
cf-cache-status: HIT
age: 336685
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7ac548477c0eb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
47.246.44.251200 OK 9.2 kB URL HTTP/2 img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
IP 47.246.44.251:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg HTTP/1.1
Host: img.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 9166
date: Tue, 10 May 2022 07:04:29 GMT
last-modified: Fri, 13 Aug 2021 10:28:00 GMT
picasso-ret-code: SUCCESS
request-time: 0.160
expires: Wed, 10 May 2023 07:04:29 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1652166269
via: cache31.l2ot7-1[0,1,200-0,H], cache21.l2ot7-1[2,0], cache1.se1[0,0,200-0,H], cache1.se1[1,0]
access-control-allow-origin: *
age: 27393642
x-cache: HIT TCP_MEM_HIT dirn:4:129571929
x-swift-savetime: Sun, 12 Feb 2023 10:08:36 GMT
x-swift-cachetime: 7505753
s-rt: 1
timing-allow-origin: *
eagleid: 2ff62c9516795599117527329e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29390ca95c32171923ea45c54ff224b4
8a58aeb76403ffa48e58f379146e94eea7a24ed4
318405fcb478a5dffa327a1bbd03f62ec9baf47131e0a001caa67b2323b3ef34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "318405FCB478A5DFFA327A1BBD03F62EC9BAF47131E0A001CAA67B2323B3EF34"
Last-Modified: Tue, 21 Mar 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7510
Expires: Thu, 23 Mar 2023 10:30:22 GMT
Date: Thu, 23 Mar 2023 08:25:12 GMT
Connection: keep-alive
s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
172.67.69.40200 OK 9.2 kB URL HTTP/2 s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
IP 172.67.69.40:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /2022/05/21/zAxwCKkLnFjlaQ8.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 08:25:12 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Sat, 21 May 2022 11:42:12 GMT
etag: "6288d014-23ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2rbj5hHv6s7GkIBLbGS6o87PWW9vu2cJ3b3%2Bj%2FmDoGbE0a1ocrSPYJ0lVL3XOWghYw2Ig%2FF6mSHEbxShyI9ZwDtsqpoiBm0cZEuGNPIsfOemMB8nglHX6tVrh33"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac54848b8911c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
n33133.com/af0ba3fe8bb715fa82a8816200452ba2.gif
172.83.155.45200 OK 231 kB URL HTTP/2 n33133.com/af0ba3fe8bb715fa82a8816200452ba2.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 231 kB (230723 bytes)
Hash 73fd9d69f781b18679efd698ea6190c1
cd427a1bd2b3632f18c6587d1445882f0ad24b43
372ebffbaf9344516cc79c536e40079c94b0484c1a10c4b32042eca770cc19f7
GET /af0ba3fe8bb715fa82a8816200452ba2.gif HTTP/1.1
Host: n33133.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:12 GMT
content-type: image/gif
content-length: 230723
last-modified: Fri, 03 Feb 2023 12:02:28 GMT
etag: "63dcf7d4-38543"
expires: Thu, 23 Mar 2023 20:25:12 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 198342
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhlUf4mG1mhx73hcRF1sv94bNVrZNeTjXyC%2BOjkcQnGFbHdVk6Unh0gSj3PB%2BswAB9uH%2Fn8JLS0zYI7FqCpXUMgU1pG1E4iLHMyoGp2sny2ALWky27jsE1vst4%2B9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7a7ed37d6d42843d-YVR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigochina.com/
104.18.33.217200 OK 600 B IP 104.18.33.217:0
Hash f1647c3fcb24eca5556c945aff8f36ca
a019d42e5780337a767fd5f3cbb5ef24135a3955
76b1aaf481eed8ad8d2a687ee845a4a7517d7230ed8918d3e5a3526e19717a0d
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 08:25:13 GMT
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 23:28:27 GMT
Expires: Tue, 28 Mar 2023 23:28:26 GMT
Etag: "a019d42e5780337a767fd5f3cbb5ef24135a3955"
Cache-Control: max-age=485592,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac54851c896b4ff-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6d353a264c614ea1c4b96f19b0f87ea1
a5ec999f64efd46d0aed1ed0d4ef660688b34411
3aa6be9faa1627b41bf5891b61bab73d5c91a5a6f0ddccd7e44f9772df282482
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 08:25:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 03:03:46 GMT
Expires: Tue, 28 Mar 2023 03:03:45 GMT
Etag: "a5ec999f64efd46d0aed1ed0d4ef660688b34411"
Cache-Control: max-age=412111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac548516afb0b4d-OSL
kg.ttvosc.com/sc/2385?n=wywxeicb
154.23.151.42200 OK 9.8 kB URL HTTP/1.1 kg.ttvosc.com/sc/2385?n=wywxeicb
IP 154.23.151.42:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type ASCII text, with very long lines (9848), with no line terminators
Hash e4f4aff8992f7e89f79fa1fb41f71301
287f2c302ccf8f621a24be836937480630cc8fee
e7f8290060f47f4d09f48b605c43fddb0276d1d0c2a93c688792ab3c9eadfad9
GET /sc/2385?n=wywxeicb HTTP/1.1
Host: kg.ttvosc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Mar 2023 08:25:13 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Pragma: max-age=1800
288aaa.us/28cd9739fe9d4e719ea89ea9eac4c38e.gif
103.170.15.97200 OK 801 kB URL HTTP/1.1 288aaa.us/28cd9739fe9d4e719ea89ea9eac4c38e.gif
IP 103.170.15.97:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 801 kB (800611 bytes)
Hash 15bb7ae15496a1d7057ce86a12b75a16
adc3d4e1487bfffb7ed0ae14836f35cba4cc19e5
5af9cc1f186caeb929ecfa0a3a07e6b4e200de5feba556c6412cc31d2d981325
GET /28cd9739fe9d4e719ea89ea9eac4c38e.gif HTTP/1.1
Host: 288aaa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63fb1529-c3763"
Date: Fri, 03 Mar 2023 06:30:21 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 26 Feb 2023 08:15:37 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-27
Content-Length: 800611
tengxunbo-fa111.site/diaoyong/2zbhf.js
107.148.151.166200 OK 0 B URL HTTP/2 tengxunbo-fa111.site/diaoyong/2zbhf.js
IP 107.148.151.166:0
GET /diaoyong/2zbhf.js HTTP/1.1
Host: tengxunbo-fa111.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:12 GMT
content-type: application/javascript
last-modified: Tue, 21 Mar 2023 07:22:05 GMT
vary: Accept-Encoding
etag: W/"64195b1d-6cf"
expires: Thu, 23 Mar 2023 20:25:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
tengxunbo-fa111.site/diaoyong/1hdhf.js
107.148.151.166200 OK 0 B URL HTTP/2 tengxunbo-fa111.site/diaoyong/1hdhf.js
IP 107.148.151.166:0
GET /diaoyong/1hdhf.js HTTP/1.1
Host: tengxunbo-fa111.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:12 GMT
content-type: application/javascript
last-modified: Tue, 21 Mar 2023 13:40:00 GMT
vary: Accept-Encoding
etag: W/"6419b3b0-1330"
expires: Thu, 23 Mar 2023 20:25:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
tengxunbo-fa111.site/diaoyong/3dbhf.js
107.148.151.166200 OK 0 B URL HTTP/2 tengxunbo-fa111.site/diaoyong/3dbhf.js
IP 107.148.151.166:0
GET /diaoyong/3dbhf.js HTTP/1.1
Host: tengxunbo-fa111.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:12 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 11:43:47 GMT
vary: Accept-Encoding
etag: W/"641300f3-717"
expires: Thu, 23 Mar 2023 20:25:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
d.dcvbnzss.xyz/ty/752398F8-057D-18034-34-D27B2FB350A1.alpha
23.225.154.19200 OK 0 B URL HTTP/2 d.dcvbnzss.xyz/ty/752398F8-057D-18034-34-D27B2FB350A1.alpha
IP 23.225.154.19:0
Analyzer Verdict Alert quad9 Sinkholed
GET /ty/752398F8-057D-18034-34-D27B2FB350A1.alpha HTTP/1.1
Host: d.dcvbnzss.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Thu, 23 Mar 2023 08:25:11 GMT
expires: Thu, 23 Mar 2023 08:40:11 GMT
cache-control: max-age=900
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
tengxunbo-fa999.site/template/mb1/js/jquery.lazyload.min.js
107.148.151.166200 OK 0 B URL HTTP/2 tengxunbo-fa999.site/template/mb1/js/jquery.lazyload.min.js
IP 107.148.151.166:0
GET /template/mb1/js/jquery.lazyload.min.js HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 11:25:34 GMT
vary: Accept-Encoding
etag: W/"61b3392e-d35"
expires: Thu, 23 Mar 2023 20:25:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
tengxunbo-fa999.site/static/js/home.js
107.148.151.166200 OK 0 B URL HTTP/2 tengxunbo-fa999.site/static/js/home.js
IP 107.148.151.166:0
GET /static/js/home.js HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tengxunbo-fa999.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: application/javascript
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
vary: Accept-Encoding
etag: W/"61249190-95a5"
expires: Thu, 23 Mar 2023 20:25:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
tengxunbo-fa999.site/
107.148.151.166200 OK 0 B IP 107.148.151.166:0
GET / HTTP/1.1
Host: tengxunbo-fa999.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nyjd365.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 08:25:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2