Report - 110e960a.nat123.fun

Report Overview

Visitedpublic

2024-08-31 22:47:17

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-31 17:40:44	1.3 kB	3.5 kB	23.33.119.57
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-08-31 17:39:09	981 B	2.7 kB	23.33.119.27
110e960a.nat123.fun	unknown	unknown	No data	No data	739 B	2.8 kB	107.175.6.48
images.nat123.com	unknown	2013-10-26	2014-07-01 14:38:49	2020-05-02 17:19:20	1.1 kB	3.6 kB	47.104.222.149
106.52.95.226	unknown	unknown	2023-07-28 03:59:22	2023-09-08 11:37:28	1.0 kB	82 kB	106.52.95.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-31	medium	106.52.95.226	Sinkholed
2024-08-31	medium	106.52.95.226	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (14)

URL IP Response Size

r10.o.lencr.org/

23.33.119.57

504 B

URL

r10.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-31

Last Seen2024-09-20

Times Seen36159

Size504 B (504 bytes)

MD5404e3e4520c09fcce1358b1a21f6b171

SHA1040aa03460f3d7ec6f75cae0bf5a462a4bb9798d

SHA256f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A"
Last-Modified: Sat, 31 Aug 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18650
Expires: Sun, 01 Sep 2024 03:57:41 GMT
Date: Sat, 31 Aug 2024 22:46:51 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL

r10.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-29

Last Seen2024-09-20

Times Seen25767

Size504 B (504 bytes)

MD5c3d1bfb12515d2f23214f980f7a18b8c

SHA124cc3d9048888cc7e1f4ff42b8fdc1c16c9feb46

SHA25635a446cea345dbdb2c297726a3d6cc5f1088f4f9a3f65904c3b9655056efda06

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "35A446CEA345DBDB2C297726A3D6CC5F1088F4F9A3F65904C3B9655056EFDA06"
Last-Modified: Thu, 29 Aug 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3930
Expires: Sat, 31 Aug 2024 23:52:21 GMT
Date: Sat, 31 Aug 2024 22:46:51 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL

r10.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-31

Last Seen2024-09-20

Times Seen25067

Size504 B (504 bytes)

MD5231aa156f55dd8497dca6a2066312be3

SHA1741432c8275492eb38bba5d0841685dc4f864fee

SHA256f348affacf8e814c579ff56d592287275dcf79e2f55f1d041921833d730d2349

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F348AFFACF8E814C579FF56D592287275DCF79E2F55F1D041921833D730D2349"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3830
Expires: Sat, 31 Aug 2024 23:50:41 GMT
Date: Sat, 31 Aug 2024 22:46:51 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL

r10.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-31

Last Seen2024-09-20

Times Seen27687

Size504 B (504 bytes)

MD59d2c063731a46a7e1548540195080de0

SHA1dd1924ebf7697509a10f3f07604f28f96b4fc498

SHA2560d414ed4850119c53fae9ddd19ee1dd95783fd08f7389c3e8ec95215023e298e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0D414ED4850119C53FAE9DDD19EE1DD95783FD08F7389C3E8EC95215023E298E"
Last-Modified: Sat, 31 Aug 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4003
Expires: Sat, 31 Aug 2024 23:53:35 GMT
Date: Sat, 31 Aug 2024 22:46:52 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-31

Last Seen2024-09-20

Times Seen19268

Size504 B (504 bytes)

MD520c9eec1ed6a0f3c730b021493b9e3ec

SHA19f241af1cf1513631da05ffbaede6bcd16e93571

SHA2560b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4056
Expires: Sat, 31 Aug 2024 23:54:30 GMT
Date: Sat, 31 Aug 2024 22:46:54 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-31

Last Seen2024-09-20

Times Seen19268

Size504 B (504 bytes)

MD520c9eec1ed6a0f3c730b021493b9e3ec

SHA19f241af1cf1513631da05ffbaede6bcd16e93571

SHA2560b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4056
Expires: Sat, 31 Aug 2024 23:54:30 GMT
Date: Sat, 31 Aug 2024 22:46:54 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-31

Last Seen2024-09-20

Times Seen19268

Size504 B (504 bytes)

MD520c9eec1ed6a0f3c730b021493b9e3ec

SHA19f241af1cf1513631da05ffbaede6bcd16e93571

SHA2560b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4056
Expires: Sat, 31 Aug 2024 23:54:30 GMT
Date: Sat, 31 Aug 2024 22:46:54 GMT
Connection: keep-alive

GET 110e960a.nat123.fun/

107.175.6.48

200 server2ok

2.4 kB

URL

110e960a.nat123.fun/

IP / ASN

107.175.6.48

#36352 AS-COLOCROSSING

Requested byN/A

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators

First Seen2024-09-20

Last Seen2024-09-20

Times Seen1

Size2.4 kB (2392 bytes)

MD5ba642415070a3498e4fd93df8e944815

SHA1bf2632f3928138917fd400e704497ba4354c4c0d

SHA256e6758daafad9006c2de3f96696b571a64874895602313ef3d67f3e582202942e

HTTP Headers

GET / HTTP/1.1
Host: 110e960a.nat123.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 server2ok
Server: nat123web
ServerIp: 107.175.6.48v4
ServerTime: 9/1/2024 6:46:45 AM
Content-Length: 2392
Connection: close
Content-Type: text/html

GET 110e960a.nat123.fun/favicon.ico

107.175.6.48

200 OK

98 B

URL

110e960a.nat123.fun/favicon.ico

IP / ASN

107.175.6.48

#36352 AS-COLOCROSSING

Requested byhttp://110e960a.nat123.fun/

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2024-06-09

Last Seen2024-09-20

Times Seen2

Size98 B (98 bytes)

MD57768312c9ce7907d4bb14a622a7842b9

SHA19ff31241b7158b20531a99620e6c14788e7c3d8c

SHA256ae1f317a9f8ed22724f0538f844ff67754f832406a86a4064080cd38a2cfba18

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 110e960a.nat123.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://110e960a.nat123.fun/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nat123/NatWebServer
Content-Length: 98
Connection: close
Content-Type: text/html

GET images.nat123.com/Content/logogw.gif

47.104.222.149

200 OK

2.6 kB

URL

images.nat123.com/Content/logogw.gif

IP / ASN

47.104.222.149

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested byhttp://110e960a.nat123.fun/

Resource Info

File typeGIF image data, version 89a, 190 x 50

First Seen2023-07-14

Last Seen2025-07-23

Times Seen13

Size2.6 kB (2553 bytes)

MD547e0977807a0462f2489ee2f9e4b1b2a

SHA15a712b4ce509ef7fec0fc9de07100be03953b1e5

SHA25651d661bba59a31e9a9b0e62c991406c5afbc7b9f8488fe32fdf00deed2641380

HTTP Headers

GET /Content/logogw.gif HTTP/1.1
Host: images.nat123.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://110e960a.nat123.fun/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
IsHtml: false
IsSpeedUp: false
Proxy-By: nat123.com/x.220422
Access-Control-Allow-Origin: *
Content-Type: image/gif
Last-Modified: Thu, 17 Dec 2015 00:49:23 GMT
Accept-Ranges: bytes
ETag: "5fba77c56438d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 31 Aug 2024 22:46:55 GMT
Content-Length: 2553

GET images.nat123.com/temple/images/bg.jpg

47.104.222.149

301 Moved fornat123

0 B

URL

images.nat123.com/temple/images/bg.jpg

IP / ASN

47.104.222.149

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested byhttp://110e960a.nat123.fun/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-03

Times Seen5619390

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /temple/images/bg.jpg HTTP/1.1
Host: images.nat123.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://110e960a.nat123.fun/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved fornat123
Date: Mon, 28 Apr 2014 17:44:38 GMT
Server: NAT123/ForSpeedUp2014
X-Powered-By: NAT123/1.14
location: http://106.52.95.226/nat123CacheFolder/696D616765732E6E61743132332E636F6D/3fb747daa5444861b91c90c475420caeCD30CD34D039D031DF36C534C93ACA35_1f6606e30908286482e920b6f0c5d9ac/temple/images/bg.jpg
Content-Length: 0
Content-Type: text/html

GET images.nat123.com/Content/logobbs.gif

47.104.222.149

301 Moved fornat123

0 B

URL

images.nat123.com/Content/logobbs.gif

IP / ASN

47.104.222.149

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested byhttp://110e960a.nat123.fun/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-03

Times Seen5619390

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Content/logobbs.gif HTTP/1.1
Host: images.nat123.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://110e960a.nat123.fun/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved fornat123
Date: Mon, 28 Apr 2014 17:44:38 GMT
Server: NAT123/ForSpeedUp2014
X-Powered-By: NAT123/1.14
location: http://106.52.95.226/nat123CacheFolder/696D616765732E6E61743132332E636F6D/d6ff6b6537584d9990153c0e61fdaa9cCD30CD34D039D031DF36C534C93ACA35_1f6606e30908286482e920b6f0c5d9ac/Content/logobbs.gif
Content-Length: 0
Content-Type: text/html

GET 106.52.95.226/nat123CacheFolder/696D616765732E6E61743132332E636F6D/d6ff6b6537584d9990153c0e61fdaa9cCD30CD34D039D031DF36C534C93ACA35_1f6606e30908286482e920b6f0c5d9ac/Content/logobbs.gif

106.52.95.226

200 OK

3.2 kB

URL

106.52.95.226/nat123CacheFolder/696D616765732E6E61743132332E636F6D/d6ff6b6537584d9990153c0e61fdaa9cCD30CD34D039D031DF36C534C93ACA35_1f6606e30908286482e920b6f0c5d9ac/Content/logobbs.gif

IP / ASN

106.52.95.226

#45090 Shenzhen Tencent Computer Systems Company Limited

Requested byhttp://110e960a.nat123.fun/

Resource Info

File typePNG image data, 190 x 50, 8-bit/color RGBA, non-interlaced

First Seen2023-07-27

Last Seen2025-07-23

Times Seen12

Size3.2 kB (3180 bytes)

MD5e8677d6894a141865f5dece9ab441143

SHA1fc40ec3b0f5530cd4c32a4ccfbc29d735c1315d1

SHA256bdad68c05f0ed459ff8af9233b720160681c4dc97afb01f9d081d07dbde1b416

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nat123CacheFolder/696D616765732E6E61743132332E636F6D/d6ff6b6537584d9990153c0e61fdaa9cCD30CD34D039D031DF36C534C93ACA35_1f6606e30908286482e920b6f0c5d9ac/Content/logobbs.gif HTTP/1.1
Host: 106.52.95.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://110e960a.nat123.fun/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
IsHtml: false
IsSpeedUp: false
Proxy-By: nat123.com/x.220422
Access-Control-Allow-Origin: *
Content-Type: image/gif
Last-Modified: Tue, 05 Sep 2017 23:27:27 GMT
Accept-Ranges: bytes
ETag: "667f80899e26d31:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 27 Aug 2024 17:00:06 GMT
Content-Length: 3180

GET 106.52.95.226/nat123CacheFolder/696D616765732E6E61743132332E636F6D/3fb747daa5444861b91c90c475420caeCD30CD34D039D031DF36C534C93ACA35_1f6606e30908286482e920b6f0c5d9ac/temple/images/bg.jpg

106.52.95.226

200 OK

78 kB

URL

106.52.95.226/nat123CacheFolder/696D616765732E6E61743132332E636F6D/3fb747daa5444861b91c90c475420caeCD30CD34D039D031DF36C534C93ACA35_1f6606e30908286482e920b6f0c5d9ac/temple/images/bg.jpg

IP / ASN

106.52.95.226

#45090 Shenzhen Tencent Computer Systems Company Limited

Requested byhttp://110e960a.nat123.fun/

Resource Info

File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:12:27 17:17:51], baseline, precision 8, 860x500, components 3

First Seen2023-05-12

Last Seen2025-07-24

Times Seen30

Size78 kB (78327 bytes)

MD58f9a6af0a8f2905437c28e0acf58029e

SHA170e0415e58dd915e2879beeff5589c0eab142661

SHA2561e94793416bd7c824d5822af99d7465993379bcb17f7f47540467ff92b5fd66d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nat123CacheFolder/696D616765732E6E61743132332E636F6D/3fb747daa5444861b91c90c475420caeCD30CD34D039D031DF36C534C93ACA35_1f6606e30908286482e920b6f0c5d9ac/temple/images/bg.jpg HTTP/1.1
Host: 106.52.95.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://110e960a.nat123.fun/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
IsHtml: false
IsSpeedUp: false
Proxy-By: nat123.com/x.220422
Access-Control-Allow-Origin: *
Content-Type: image/jpeg
Last-Modified: Thu, 17 Dec 2015 00:47:52 GMT
Accept-Ranges: bytes
ETag: "23f28b8f6438d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 30 Aug 2024 17:01:01 GMT
Content-Length: 78327