Report - www.rswuma3.xyz/

Report Overview

Submitted URL
www.rswuma3.xyz/
IP
172.67.151.3
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 07:23:39
Access
public
Website Title
色情在线
Final URL
www.rswuma5.buzz/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
img-js.xn--wbs26e.net	unknown	2023-11-22	2023-12-22	2024-03-04	438 B	88 kB	111.47.131.100
www.rswuma3.xyz	unknown	unknown	No data	No data	470 B	835 B	104.21.90.16
www.ab1699.cc	unknown	2023-12-28	2024-01-01	2024-02-14	1.7 kB	920 kB	188.114.96.1
666bbb222bbb.com	unknown	unknown	No data	No data	898 B	268 kB	64.32.30.252
0c018cc5.xn--wbs26e.net	unknown	unknown	No data	No data	403 B	14 kB	119.36.90.133
jiekou.xn--wbs26e.net	unknown	2023-11-22	2023-12-19	2024-03-04	830 B	12 kB	119.36.90.133
www.rswuma5.buzz	unknown	unknown	No data	No data	5.7 kB	897 kB	172.67.154.99
mhbz7.top	unknown	unknown	No data	No data	466 B	71 kB	172.67.209.66
mhbz4.top	unknown	unknown	No data	No data	932 B	22 kB	188.114.97.1
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-18	423 B	101 kB	142.250.74.72
img-js.xn--15q617acha879f.com	unknown	2023-09-20	2023-11-03	2024-03-04	1.0 kB	1.7 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-18 07:23:22	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-04-18 07:23:22	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-04-18 07:23:22	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-04-18 07:23:23	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-04-18 07:23:24	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	www.rswuma5.buzz/	5.6 kB	2024-04-18	2024-04-18
Pretty URL www.rswuma5.buzz/ IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen1 Hash 58ad8c18d0ac102033134c941318c5bb e08ff4b1b862025207e79fc77a2b923fe50fd153 c3a37f0e2866ba8cf2de12ac477830e77d0445e8809afb71fb4bb98ba377f942 Loading...

	www.rswuma5.buzz/	35 B	2023-03-07	2024-04-18
Pretty URL www.rswuma5.buzz/ IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12:46 Last Seen2024-04-18 09:23:47 Times Seen63 Hash 8ca9e4baf9868752159d9945565dd972 a4b56b410637923f9fbe615a45951861879839d0 1882fcfb8502762ef08d0b63dcd4804c281052c0362fb6fd66a847eb8b9d33b2 Loading...

	www.rswuma5.buzz/	424 B	2023-03-07	2024-04-18
Pretty URL www.rswuma5.buzz/ IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:19:47 Last Seen2024-04-18 09:23:47 Times Seen9 Hash 7d653b52aaaa0c577c4bcea8ee3a490a a9147dde7b0d2552f3864319beaf6f4dfa8b28ef 610a9c48b41b03406e012025c335dc776eb0f300b4c2df61a6ad5450a466dc46 Loading...

	www.rswuma5.buzz/template/fld-hui/js/main.min.js	479 kB	2023-10-28	2024-04-18
Pretty URL www.rswuma5.buzz/template/fld-hui/js/main.min.js IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 02:54:13 Last Seen2024-04-18 09:23:47 Times Seen12 Hash 5b7bfe8695696dd4c0a1ce89b5ff3804 27871c11bbc1afe0bb17d45eb040f74c7aaf5f2b e3477e0eca6642bcef2de8e377c8da5adc82ff8483ed085a531c91e6ec176189 Loading...

	www.rswuma5.buzz/	424 B	2024-04-18	2024-04-18
Pretty URL www.rswuma5.buzz/ IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen1 Hash 746fedaa3198d04c99a67ab34af9b831 bcfd22e7bc4369a8be514422eb2be4e0af8239f9 5f50175b51d8b573fc60cb228671b5c75df7315431a88f75d1033d2de68874e6 Loading...

	www.googletagmanager.com/gtag/js?id=G-F53LVJGGST	300 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-F53LVJGGST IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen2 Hash 6104615f27826dcb804e30fdfb383556 827d8be958ddd9131575a23540cfca0bfc8e5b61 63a09a396a6c8e2a6e39fa03c674c4616d8aa180fdb1d23b00afb5beed105bc8 Loading...

	www.rswuma5.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-01
Pretty URL www.rswuma5.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-01 03:22:30 Times Seen55550 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.rswuma5.buzz/	514 B	2024-04-18	2024-04-18
Pretty URL www.rswuma5.buzz/ IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen1 Hash 93a08fdf0373e26fb04d47f0f1176196 a88e5d612d583f8ceae5bdd1b5acc9a551b85f9b cf77e9f965e9a551c5b34ffe114e16c2a7613725a96969bebdabccb796e3de2c Loading...

	www.rswuma5.buzz/	153 B	2024-04-18	2024-04-18
Pretty URL www.rswuma5.buzz/ IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen1 Hash 51d42efdcc3b6ae1fc5e117ba55bcb6d 5faf20e28bf77b90d516b72b236caaf6c748c726 7a4980b0dfa6cb64d4f12982d4bd09755fb94d15284e588fe581a1d0fe67dd4b Loading...

	unknown	88 kB	2023-12-22	2024-04-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-22 04:00:46 Last Seen2024-04-18 09:23:47 Times Seen14 Hash 7617957cce2154205f724d814cb3609c c94ad7f2fa4b2f9a7ac934d8d0ab0433a6ee8bd2 9365604e4999505f67a8e818919b1959758e97deea80fc8af0cb1b644684ad26 Loading...

	jiekou.xn--wbs26e.net/bid?url=https%3A%2F%2Fwww.rswuma5.buzz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:50:52&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=0&cpn=48&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=2&ihn=0&md=0&ns=prompt&np=undefined&pj=0&top=0&left=0&id=10245&rid=3281e8c70be469f3188e2da18b9c4e5b&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn=	349 B	2024-04-18	2024-04-18
Pretty URL jiekou.xn--wbs26e.net/bid?url=https%3A%2F%2Fwww.rswuma5.buzz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:50:52&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=0&cpn=48&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=2&ihn=0&md=0&ns=prompt&np=undefined&pj=0&top=0&left=0&id=10245&rid=3281e8c70be469f3188e2da18b9c4e5b&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn= IP 119.36.90.133 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen2 Hash cc4625c4b6c26788f481c04d3e794aa6 38aa69d640052b1eee5ad3f18c02befd730293aa 16d1dad0ffeb5b7a1a7dc433cd4054a9d4577ba7804c326039642593b163294c Loading...

	www.rswuma5.buzz/template/fld-hui/js/jquery.min.js	146 kB	2023-03-07	2024-04-28
Pretty URL www.rswuma5.buzz/template/fld-hui/js/jquery.min.js IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:21 Last Seen2024-04-28 16:45:11 Times Seen60 Hash 8be9cef8a4f454be76c10e60deaf6244 193972ed6a0d264946a38075d465ce1ad4c3b389 f3bf1dfc30c3d03223733bf3f8db208eac938252d5bd7fcd67443e3868815066 Loading...

	www.rswuma5.buzz/static/js/home.js	38 kB	2023-03-07	2024-04-29
Pretty URL www.rswuma5.buzz/static/js/home.js IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:35 Last Seen2024-04-29 23:55:57 Times Seen1945 Hash 97e311d35a4aa0ba09575a8dc989660b 8166b5f8ba52aa57ab23321a8ddc8d0118f1e590 1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311 Loading...

	www.rswuma5.buzz/	1.3 kB	2024-04-18	2024-04-18
Pretty URL www.rswuma5.buzz/ IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen1 Hash b1201c9c22016dffe0987a60369b3bd3 cd3a536211927bc1acfbbade77e405ad254f481f c199c5973ff9061bcc08efbd4e81431e1c1c22b81279868728c49bbff556f487 Loading...

	www.rswuma5.buzz/	0 B	2023-03-07	2024-05-01
Pretty URL www.rswuma5.buzz/ IP 172.67.154.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 03:59:09 Times Seen37235784 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	330 B	2024-04-18	2024-04-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen1 Hash 6561dc81d8f0eb0c653d8efc05c29980 e6c1db7ccc2f7eb35593c20b2f8c132cdc02434b 5ef6348bc919285eced908d0ec13b208fd5d5c7414a0b4e0143b011a468a3ce2 Loading...

	0c018cc5.xn--wbs26e.net/o.js	49 kB	2023-12-22	2024-04-18
Pretty URL 0c018cc5.xn--wbs26e.net/o.js IP 119.36.90.133 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-22 04:00:46 Last Seen2024-04-18 09:23:47 Times Seen27 Hash b9ccb51ce8b90b21a7a95678881f5ad1 bca6ae2b47d4faf886cb25584f4a2f81673c0848 7622f6f0fa54ff664517d4b47c750ff809d1b5a0b96310a6da00101d8645fbf0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b2c2041f8d99c45e0f21474fe4f8b7bc	17 B	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-30 14:14:57 Times Seen7463 Hash b2c2041f8d99c45e0f21474fe4f8b7bc 0b876666393469c726a2e3edbb29544c03a92154 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061 Loading...

		Size	First Seen	Last Seen
	#1 Write - 0e12f203c55fec57182b0a837d0cc792	71 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-18 09:23:47 Times Seen1 Hash 0e12f203c55fec57182b0a837d0cc792 c31cbcbadb03a93e5e6fe0dfa73b7d2b623ea085 1f68926e7d064a3d5d8ac8c07464b97c12a434153c0c4665473e6996be1b9c95 Loading...

	#2 Write - 37ef7a5b46efea18b58c6eebe4207936	67 B	2024-04-18	2024-04-22
Pretty Observations First Seen2024-04-18 09:23:47 Last Seen2024-04-22 01:03:35 Times Seen4 Hash 37ef7a5b46efea18b58c6eebe4207936 36da079dcc50b057680de3ce87bd6561d8b13036 59473debb4ee5e4839bdf045bb5c85d1ce345a2c2126cc4067dd9fbbdc7599e1 Loading...

HTTP Transactions (28)

	URL	IP	Response	Size
	www.rswuma3.xyz/	104.21.90.16	301 Moved Permanently	167 B
URL User Request GET HTTP/2 www.rswuma3.xyz/ IP 104.21.90.16:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectrswuma3.xyz Fingerprint4E:EF:2A:09:A3:DD:A7:62:3E:32:79:C6:0A:B4:8C:C7:C7:D5:5F:7F ValidityMon, 25 Mar 2024 08:39:12 GMT - Sun, 23 Jun 2024 08:39:11 GMT File type HTML document, ASCII text, with CRLF line terminators Size 167 B (167 bytes) Hash 0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f HTTP Headers `GET / HTTP/1.1 Host: www.rswuma3.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Thu, 18 Apr 2024 07:23:12 GMT content-type: text/html content-length: 167 location: https://www.rswuma5.buzz cache-control: max-age=3600 expires: Thu, 18 Apr 2024 08:23:12 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9XbNw0NkTqZLOwEZjVGBYv5hhWGw9m%2BJD6Akla9EWZA4eV%2F6nno8eSjKSRyDunUMZvkXPBc%2BBK6am3nwWxnrDwOaptBuhQ5DFqzMhgdzGzzvS3%2BsWXpRsfaZB19zjpitcM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e8790a01b51d-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.rswuma5.buzz/	172.67.154.99	200 OK	40 kB
URL User Request GET HTTP/2 www.rswuma5.buzz/ IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (4375), with CRLF, LF line terminators Size 40 kB (39586 bytes) Hash df9e1090a3f2293f71a6cc5b861b0ad6 334c726aef08e75f868fb80297ffa411749e4a9f 3f6e43b219f1a4173c94de7c16ea13f800e31eef23f09d8e753ced7c4658897d HTTP Headers `GET / HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: text/html;charset=utf-8 vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iG26IXjJ5cNpC7laNmcMdmRRHAGqp%2FzFxMGtu%2F9aFSkm1CFmy40D4nY92ihoAI8yPEbhCD1TKSc4JanyyZNT33VMYSZlqXZyMSneMd4Ouv9fO6BkECjgATZNevL7KdJIiRvk"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e87998e0b4fd-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.ab1699.cc/statics/jiuy.jpg	188.114.96.1	200 OK	20 kB
URL GET HTTP/2 www.ab1699.cc/statics/jiuy.jpg IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerGoogle Trust Services LLC Subjectab1699.cc FingerprintDF:79:F7:27:FA:C1:0E:0C:8D:26:0B:FD:40:50:74:EA:98:A9:60:56 ValiditySun, 25 Feb 2024 11:08:58 GMT - Sat, 25 May 2024 11:08:57 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x400, components 3 Size 20 kB (20347 bytes) Hash 252180ef07f398fdbc15d08f3cc721d8 d54d92403a31eba282113bfa8a247c1dfabc62f2 563dd78098c78025c4604954c09dacbc02e44f323a9326d81302876d5f7c7c5b HTTP Headers `GET /statics/jiuy.jpg HTTP/1.1 Host: www.ab1699.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: image/jpeg content-length: 20347 last-modified: Sun, 24 Mar 2024 18:21:52 GMT etag: "66006f40-4f7b" expires: Sat, 04 May 2024 17:41:54 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 1172478 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U6RJLt2TR7e3HfwTt7xXkbrAwtaJChxMmn5LwnDeGbholHxk0LnlEbm7WbLMiTA19eb3LMVZKbGuqPXJ2Ai4HX%2BzB5LvBQwyf%2F%2FZ8V6Iov5eVeS2zAc6RTupKmdsInH0"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87d292456af-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.ab1699.cc/statics/%E9%87%91%E6%B2%99960x120.gif	188.114.96.1	200 OK	81 kB
URL GET HTTP/2 www.ab1699.cc/statics/%E9%87%91%E6%B2%99960x120.gif IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerGoogle Trust Services LLC Subjectab1699.cc FingerprintDF:79:F7:27:FA:C1:0E:0C:8D:26:0B:FD:40:50:74:EA:98:A9:60:56 ValiditySun, 25 Feb 2024 11:08:58 GMT - Sat, 25 May 2024 11:08:57 GMT File type GIF image data, version 89a, 960 x 120 Size 81 kB (81344 bytes) Hash 7c858d33682f1a0db0ff05df0946ce18 5c966023eefa7e8e14bb2d2e08186c260ec9860c d5fd230de0359317a9904ec81aa1dd59cc3c19464475a503c497a89d67809ee3 HTTP Headers `GET /statics/%E9%87%91%E6%B2%99960x120.gif HTTP/1.1 Host: www.ab1699.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: image/gif content-length: 81344 last-modified: Thu, 11 Apr 2024 13:00:45 GMT etag: "6617defd-13dc0" expires: Sat, 11 May 2024 15:03:38 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 577174 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pl7qxn87LTERxKindPFprmwWXNQ6vbg5OdFdRCJWMfOoa%2Fhkkxi30LNkvGEEE5bRABNfjvtbLLqacf%2BSe3mApXxgt6kKbfdF69%2FNcYXlCSQjgWxQYGYw7rkNsPRDZS74"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87d292256af-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.ab1699.cc/statics/%E5%8A%A8%E5%B9%BF960x120.gif	188.114.96.1	200 OK	484 kB
URL GET HTTP/2 www.ab1699.cc/statics/%E5%8A%A8%E5%B9%BF960x120.gif IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerGoogle Trust Services LLC Subjectab1699.cc FingerprintDF:79:F7:27:FA:C1:0E:0C:8D:26:0B:FD:40:50:74:EA:98:A9:60:56 ValiditySun, 25 Feb 2024 11:08:58 GMT - Sat, 25 May 2024 11:08:57 GMT File type GIF image data, version 89a, 960 x 120 Size 484 kB (484398 bytes) Hash 8b800d3f47cc8d8836522dc9a7313227 4c2d41df55fff9b29ffe4de4199a2395c1e40a65 9b0453d427d0f652dbb4d486ddbac28b09e437070b26dc71194c00f0264c9328 HTTP Headers `GET /statics/%E5%8A%A8%E5%B9%BF960x120.gif HTTP/1.1 Host: www.ab1699.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: image/gif content-length: 484398 last-modified: Thu, 11 Apr 2024 13:00:45 GMT etag: "6617defd-7642e" expires: Sat, 11 May 2024 15:03:38 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 577174 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L4YGnZclANudi8B1N8UcQPbDchQ%2BGopIK6yFuz8iabofANbEN3PyxCo9m%2FnInLA96%2BThqgrXOfJZ48h27vuIarXRvlCORCmH9kJZOLBkxeUUuSq3xKj%2BQ1KABWmiE%2FU0"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87d392c56af-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.ab1699.cc/statics/2.gif	188.114.96.1	200 OK	331 kB
URL GET HTTP/2 www.ab1699.cc/statics/2.gif IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerGoogle Trust Services LLC Subjectab1699.cc FingerprintDF:79:F7:27:FA:C1:0E:0C:8D:26:0B:FD:40:50:74:EA:98:A9:60:56 ValiditySun, 25 Feb 2024 11:08:58 GMT - Sat, 25 May 2024 11:08:57 GMT File type GIF image data, version 89a, 960 x 120 Size 331 kB (331013 bytes) Hash 15f1c50ea5f88ce558e5b1f9df38c702 32dc70ed830a566eafd4c73f3b74be833d5684e3 50623b5f04496a29ec3dd0c1da0982a9d867e26186ea1898dc9296fda9e8d0ec HTTP Headers `GET /statics/2.gif HTTP/1.1 Host: www.ab1699.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: image/gif content-length: 331013 last-modified: Tue, 26 Mar 2024 13:47:53 GMT etag: "6602d209-50d05" expires: Thu, 25 Apr 2024 13:56:27 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 1963605 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5S1h%2B5We12QXaTad%2F0XtaLBgqoG%2F6FTucSSyiLg4OdDrv4GBsQeZi%2BU5Pqq1FtXcXMo1ivnjRtSL9YgjOwnOIob6lVezkKzPTfFjPysSNOFoSbegCrPUXw%2FhQNLOfqC"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87d393256af-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	mhbz7.top/download/2024-01-13/8b8f76a6-589e-4cc3-a924-f015df0eade5.jpg	172.67.209.66	200 OK	70 kB
URL GET HTTP/2 mhbz7.top/download/2024-01-13/8b8f76a6-589e-4cc3-a924-f015df0eade5.jpg IP 172.67.209.66:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerGoogle Trust Services LLC Subjectmhbz7.top FingerprintF5:30:6F:3D:CA:52:C8:43:F4:50:7B:66:CA:93:91:DF:A8:E1:76:3A ValidityTue, 16 Apr 2024 19:23:00 GMT - Mon, 15 Jul 2024 19:22:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 900x900, components 3 Size 70 kB (70365 bytes) Hash 084e5fdc5d8406c113662bdb6fb6d4dc b82000539916d6a85a04205452a11f9947de72ed 5691032255e97d3b31044ee496013a33d470b9e3e31a8c3019b7826593d5b87e HTTP Headers `GET /download/2024-01-13/8b8f76a6-589e-4cc3-a924-f015df0eade5.jpg HTTP/1.1 Host: mhbz7.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: image/jpeg content-length: 70365 last-modified: Fri, 12 Jan 2024 17:04:54 GMT etag: "65a17136-112dd" expires: Tue, 02 Jul 2024 02:05:08 GMT cache-control: max-age=7776000 access-control-allow-origin: * cf-cache-status: HIT age: 1315084 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOKV7Ve1g7Q%2BVqC3K2Fg3EhMvMFiUW9mU%2FYCdeErd%2FpWM%2FmYSmu2IS8gpVbOXVCgSWGSzSlr%2BPDw0r%2FsnhasqbkQIkHUwWVQVqNLflAZ6KgzhQ5do8tzl2sxHJg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87e18d456b9-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	mhbz4.top/download/2023-12-11/3ad4a7d0-1a58-41e0-87c3-aafbe86de46c.jpg	188.114.97.1	200 OK	8.9 kB
URL GET HTTP/2 mhbz4.top/download/2023-12-11/3ad4a7d0-1a58-41e0-87c3-aafbe86de46c.jpg IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerGoogle Trust Services LLC Subjectmhbz4.top Fingerprint5F:44:F6:0A:02:1C:5E:5E:58:AF:8A:8B:FC:92:6C:87:42:36:9C:D2 ValiditySun, 25 Feb 2024 11:24:01 GMT - Sat, 25 May 2024 11:24:00 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 307x307, components 3 Size 8.9 kB (8929 bytes) Hash e3be7d7342d4ee90b91ba82f384ab765 5268fa9e824f0fbad20059d611378af4c095d804 356b4d18892eef62954f0f609d4822646b47ec279500ed2b4068e345c2f9ed16 HTTP Headers `GET /download/2023-12-11/3ad4a7d0-1a58-41e0-87c3-aafbe86de46c.jpg HTTP/1.1 Host: mhbz4.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: image/jpeg content-length: 8929 last-modified: Mon, 11 Dec 2023 11:27:48 GMT etag: "6576f234-22e1" expires: Sat, 13 Jul 2024 01:00:27 GMT cache-control: max-age=7776000 access-control-allow-origin: * cf-cache-status: HIT age: 368564 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLa5a360knJkkIsPzMxPMZQt9UnenZqYI7k%2FKyOQogk8h3c7GPPN%2BJwECCGGz8eHXbODiC6gk26WgsgLA060ZhC95h8AwNt8%2BY6Oum0%2F3I46i%2BQ0uNdnngISPzI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87e1d375696-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	mhbz4.top/download/2023-12-11/c28848fe-d684-4b86-98ff-2e72edef2bcb.jpg	188.114.97.1	200 OK	12 kB
URL GET HTTP/2 mhbz4.top/download/2023-12-11/c28848fe-d684-4b86-98ff-2e72edef2bcb.jpg IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerGoogle Trust Services LLC Subjectmhbz4.top Fingerprint5F:44:F6:0A:02:1C:5E:5E:58:AF:8A:8B:FC:92:6C:87:42:36:9C:D2 ValiditySun, 25 Feb 2024 11:24:01 GMT - Sat, 25 May 2024 11:24:00 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 256x256, components 3 Size 12 kB (11591 bytes) Hash f2470f9805e101e8e028dfe92e421b0d 1d30abe6ebaacd31964f6c1df393a1e79184c6c5 170ffc40648b483aa1ad91b7a317292ddd2dc013e9ec679e13682a4435731e10 HTTP Headers `GET /download/2023-12-11/c28848fe-d684-4b86-98ff-2e72edef2bcb.jpg HTTP/1.1 Host: mhbz4.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: image/jpeg content-length: 11591 last-modified: Mon, 11 Dec 2023 11:25:10 GMT etag: "6576f196-2d47" expires: Sat, 13 Jul 2024 09:04:22 GMT cache-control: max-age=7776000 access-control-allow-origin: * cf-cache-status: HIT age: 339530 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQNFdyDBPNwF7HeFu4bl%2Fct52QA1NBuDMjyqJHfGLjb%2BPr5PWWkhtHRdX6e0PqwXhTdjDSwUMxpNVy0770NQtZCGfQcVwcCBOXYXx%2BYQocWv9O9OMPfFjcS6lvo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87e1d435696-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-F53LVJGGST	142.250.74.72	200 OK	100 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-F53LVJGGST IP 142.250.74.72:443 ASN #15169 GOOGLE Requested by https://www.rswuma5.buzz/ Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT File type JavaScript source, ASCII text, with very long lines (5955) Size 100 kB (100091 bytes) Hash 6104615f27826dcb804e30fdfb383556 827d8be958ddd9131575a23540cfca0bfc8e5b61 63a09a396a6c8e2a6e39fa03c674c4616d8aa180fdb1d23b00afb5beed105bc8 HTTP Headers `GET /gtag/js?id=G-F53LVJGGST HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 18 Apr 2024 07:23:13 GMT expires: Thu, 18 Apr 2024 07:23:13 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 100091 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.rswuma5.buzz/template/fld-hui/fonts/icomoon.ttf	172.67.154.99	200 OK	9.6 kB
URL GET HTTP/3 www.rswuma5.buzz/template/fld-hui/fonts/icomoon.ttf IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon Size 9.6 kB (9568 bytes) Hash 21263355cf739547055f2da9fd6759bd 762384d3af0de2d2bd630855b3f388326038ba92 2674595ece6d29bba3197719873b35d8e2893e9eb3a0271bad0ea717e9b3d405 HTTP Headers GET /template/fld-hui/fonts/icomoon.ttf HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/template/fld-hui/css/black-mini.css Cookie: kt_tcookie=1 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:13 GMT content-type: application/octet-stream content-length: 9568 last-modified: Mon, 08 Jan 2024 10:59:05 GMT etag: "659bd579-2560" cache-control: max-age=14400 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wxdyea5KpXklixRjkZzTpPmXwuBv7P8DQGA0z20GLrfAjaa%2Bk%2Fwx20q2RoC9dTLcWoJ50xNngtLByGbS8AmjP%2FzhwUqolLu9UJUrX3eFBQLV44%2B3wMZNJSD6VuX%2FLWHmHNY"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e880490a5689-OSL alt-svc: h3=":443"; ma=86400

	www.rswuma5.buzz/template/fld-hui/css/black-mini.css	172.67.154.99	200 OK	32 kB
URL GET HTTP/3 www.rswuma5.buzz/template/fld-hui/css/black-mini.css IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type ASCII text Size 32 kB (32447 bytes) Hash 53d8012b14a952a942656576670c4634 2baa837b4ab364fecf4e7c92858d659774cfddc5 7ada5759bf9389aa21033628c5ffd8ad9ec9fb4ed3446f4c88c76f635565a870 HTTP Headers `GET /template/fld-hui/css/black-mini.css HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: text/css last-modified: Tue, 16 Jan 2024 07:55:41 GMT vary: Accept-Encoding etag: W/"65a6367d-27e89" expires: Thu, 18 Apr 2024 09:18:10 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 36302 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1BGLRzR7BH1kziXxzcZ3G4tiWRY9rY4gQOtEEYTT3CfUFGgW2ZBf%2BYJd66xaFM4Bq18IeLRD8g7ZgbaT5ZlO0klCCpGACp1hrBycc5dWbeK1zCIepP%2B2RSkyhaiMvvHnH8l"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e87ccc895689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	666bbb222bbb.com/23fac5b44c6a4b71bdbf93b0f4b50eb3.gif	64.32.30.252	200 OK	26 kB
URL GET HTTP/1.1 666bbb222bbb.com/23fac5b44c6a4b71bdbf93b0f4b50eb3.gif IP 64.32.30.252:443 ASN #46844 SHARKTECH Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subject222bbb888bbb.com Fingerprint70:86:22:F0:75:47:81:37:A1:13:E3:C8:67:01:FE:E3:FB:FA:2D:B5 ValidityTue, 05 Mar 2024 12:26:32 GMT - Mon, 03 Jun 2024 12:26:31 GMT File type GIF image data, version 89a, 150 x 150 Size 26 kB (25467 bytes) Hash 4bd5eb23a60cfaafda237c394d9742a8 9dcf55b758833bb6c087a44796f6ab765d19b60f 491f20c95fad8600a3733e6c38d5f6d83956d806a986a1abf8e69198933fec82 HTTP Headers `GET /23fac5b44c6a4b71bdbf93b0f4b50eb3.gif HTTP/1.1 Host: 666bbb222bbb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 07:23:13 GMT Content-Type: image/gif Content-Length: 25467 Connection: keep-alive Last-Modified: Mon, 01 Apr 2024 07:20:49 GMT ETag: "660a6051-637b" Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	666bbb222bbb.com/a09b1319b9f344a8b339dfe098fa376a.gif	64.32.30.252	200 OK	242 kB
URL GET HTTP/1.1 666bbb222bbb.com/a09b1319b9f344a8b339dfe098fa376a.gif IP 64.32.30.252:443 ASN #46844 SHARKTECH Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subject222bbb888bbb.com Fingerprint70:86:22:F0:75:47:81:37:A1:13:E3:C8:67:01:FE:E3:FB:FA:2D:B5 ValidityTue, 05 Mar 2024 12:26:32 GMT - Mon, 03 Jun 2024 12:26:31 GMT File type GIF image data, version 89a, 960 x 120 Size 242 kB (242070 bytes) Hash d6db05b27e6132ac1974602ea595a96f 3aff02933e4b57504a52c4de7234819e6d96eaf5 e1fa63dd8818c1689059af98a105e68ee4bb774dd15f9bd47facebd4cb0f7f85 HTTP Headers `GET /a09b1319b9f344a8b339dfe098fa376a.gif HTTP/1.1 Host: 666bbb222bbb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 07:23:13 GMT Content-Type: image/gif Content-Length: 242070 Connection: keep-alive Last-Modified: Mon, 01 Apr 2024 07:20:22 GMT ETag: "660a6036-3b196" Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	0c018cc5.xn--wbs26e.net/o.js	119.36.90.133		13 kB
URL GET 0c018cc5.xn--wbs26e.net/o.js IP 119.36.90.133:0 ASN #4837 CHINA UNICOM China169 Backbone Requested by https://www.rswuma5.buzz/ Certificate IssuerZeroSSL Subject.xn--wbs26e.net Fingerprint3A:50:97:7D:39:3F:08:EC:AB:51:49:F6:C5:B5:F2:8C:D2:9A:0A:56 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (48058) Size 13 kB (13357 bytes) Hash b9ccb51ce8b90b21a7a95678881f5ad1 bca6ae2b47d4faf886cb25584f4a2f81673c0848 7622f6f0fa54ff664517d4b47c750ff809d1b5a0b96310a6da00101d8645fbf0 HTTP Headers `GET /o.js HTTP/1.1 Host: 0c018cc5.xn--wbs26e.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: Byte-nginx content-type: text/plain; charset=utf-8 content-length: 13357 access-control-allow-credentials: true access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE access-control-allow-origin: age: 32 content-encoding: br vary: Accept-Encoding x-bdcdn-cache-status: TCP_HIT x-request-id: aaf8d6c7ad336911740cf31d4bbfb29e x-request-ip: 91.90.42.154 x-response-cache: edge_hit x-response-cinfo: 91.90.42.154 x-tt-trace-tag: id=5 date: Thu, 18 Apr 2024 07:23:15 GMT via: cache06.hbxtcu X-Firefox-Spdy: h2

	www.rswuma5.buzz/template/fld-hui/images/favicon.png	172.67.154.99	404 Not Found	88 kB
URL GET HTTP/3 www.rswuma5.buzz/template/fld-hui/images/favicon.png IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type HTML document, ASCII text, with CRLF line terminators Size 88 kB (88108 bytes) Hash 8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 HTTP Headers GET /template/fld-hui/images/favicon.png HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Cookie: kt_tcookie=1; _ga_F53LVJGGST=GS1.1.1713424993.1.0.1713424993.0.0.0; _ga=GA1.1.759346191.1713424993 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 404 Not Found date: Thu, 18 Apr 2024 07:23:14 GMT content-type: text/html cache-control: max-age=14400 cf-cache-status: EXPIRED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DiemeuNXWV5plsaVY8KEGktEn%2B3ebZJSp6bDrY2QwqTLyDizIRQjxtSOVtBDwhJXx%2FbytrOosvgZHC5%2B1QZvVCHSrdxD6yslY8bWQgQnjbBvR9EKOsmqG7Gip3d4b1RunC2M"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e883edc35689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	www.rswuma5.buzz/?mode=async&action=js_stats&rand=1713424993242	172.67.154.99	200 OK	19 kB
URL GET HTTP/3 www.rswuma5.buzz/?mode=async&action=js_stats&rand=1713424993242 IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type data Size 19 kB (18927 bytes) Hash db9eadbf5827cf471c66b20aeac4e9a4 f5fdafa6980801c6df0ca9ea185eaefffc4f6105 0852ba241ce46c00c1c07343f9d8a2f70591592a5ec9c2d8e4a36b4f0b3511d9 HTTP Headers `GET /?mode=async&action=js_stats&rand=1713424993242 HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Cookie: kt_tcookie=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:13 GMT content-type: text/html;charset=utf-8 vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0l2zgwoIZrsYL0nYr7PaTEPtaxRCmrirPYYy0LyKpVdWyW6gCBOnp52FLEzzU0eQ7tnEW07f9q0XuP4cFXklfQGZUaWTyaZHWUYnLBp%2BP3dq3TmPNbjHWfuEFFBwApE2XzJ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e880591b5689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	img-js.xn--15q617acha879f.com/l?advid=37486203243578682-10245&ver=v2.4	188.114.96.1	200 OK	13 B
URL GET HTTP/2 img-js.xn--15q617acha879f.com/l?advid=37486203243578682-10245&ver=v2.4 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectxn--15q617acha879f.com FingerprintE9:1B:6D:BD:16:CB:84:9F:B2:B5:A1:88:D7:48:1B:80:66:86:3C:DF ValiditySun, 14 Apr 2024 17:14:15 GMT - Sat, 13 Jul 2024 17:14:14 GMT File type JSON text data Size 13 B (13 bytes) Hash 4c1a5fb945bbe7905ba41dc015e48b9b edf0f03609880989d76557b421360c51d9b4e2de 3d8aefbb329697e13483dea2c8d80cb75e2171e5454032d51e8f3cb75f7c4fa4 HTTP Headers `GET /l?advid=37486203243578682-10245&ver=v2.4 HTTP/1.1 Host: img-js.xn--15q617acha879f.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.rswuma5.buzz DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:23 GMT content-type: application/json; charset=UTF-8 content-length: 13 access-control-allow-origin: https://www.rswuma5.buzz access-control-allow-methods: GET,POST,OPTIONS access-control-allow-headers: Content-type,x-tt-w access-control-allow-credentials: true etag: "edf0f03609880989d76557b421360c51d9b4e2de" cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGxW5hwICOemvfJbCTsW8ZxVlBHrxXCMahZLvCnammkspZSgJjjrNZSAffUOxe61%2BOfQbI3a2Drljpw7s4tY7mKwEq99wByURK9%2BBed72eGGALrYYKEhms%2F6QprAxJK7x0E8mIPvZv5GkWvMZGAm8g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e8ba8b8d5690-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	jiekou.xn--wbs26e.net/bid?url=https%3A%2F%2Fwww.rswuma5.buzz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:50:52&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=0&cpn=48&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=2&ihn=0&md=0&ns=prompt&np=undefined&pj=0&top=0&left=0&id=10245&rid=3281e8c70be469f3188e2da18b9c4e5b&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn=	119.36.90.133		12 kB
URL GET jiekou.xn--wbs26e.net/bid?url=https%3A%2F%2Fwww.rswuma5.buzz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:50:52&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=0&cpn=48&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=2&ihn=0&md=0&ns=prompt&np=undefined&pj=0&top=0&left=0&id=10245&rid=3281e8c70be469f3188e2da18b9c4e5b&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn= IP 119.36.90.133:0 ASN #4837 CHINA UNICOM China169 Backbone Requested by https://www.rswuma5.buzz/ Certificate IssuerZeroSSL Subject.xn--wbs26e.net Fingerprint3A:50:97:7D:39:3F:08:EC:AB:51:49:F6:C5:B5:F2:8C:D2:9A:0A:56 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT File type ASCII text, with very long lines (347) Size 12 kB (11506 bytes) Hash cc4625c4b6c26788f481c04d3e794aa6 38aa69d640052b1eee5ad3f18c02befd730293aa 16d1dad0ffeb5b7a1a7dc433cd4054a9d4577ba7804c326039642593b163294c HTTP Headers GET /bid?url=https%3A%2F%2Fwww.rswuma5.buzz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:50:52&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=0&cpn=48&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=2&ihn=0&md=0&ns=prompt&np=undefined&pj=0&top=0&left=0&id=10245&rid=3281e8c70be469f3188e2da18b9c4e5b&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn= HTTP/1.1 Host: jiekou.xn--wbs26e.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: Byte-nginx content-type: application/json access-control-allow-credentials: true access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE access-control-allow-origin: age: 0 content-encoding: br set-cookie: geo=%E6%8C%AA%E5%A8%81%2F%2F; Path=/; Max-Age=259200; Secure; SameSite=None oid=892374ed-fd54-11ee-9632-0259c9a47bae; Path=/; Max-Age=31104000; Secure; SameSite=None vary: Accept-Encoding via: cache108.sxmp,cache06.hbxtcu x-bdcdn-cache-status: TCP_MISS,TCP_MISS x-request-id: 961d1e122ba791f75eee56667205b4c8 x-request-ip: 91.90.42.154 x-response-cache: miss x-response-cinfo: 91.90.42.154 x-tt-trace-tag: id=5 date: Thu, 18 Apr 2024 07:23:21 GMT X-Firefox-Spdy: h2

	www.rswuma5.buzz/upload/site/20240313-1/7816ed4b8ceb57a88200974d2b0b23a1.png	172.67.154.99	200 OK	26 kB
URL GET HTTP/3 www.rswuma5.buzz/upload/site/20240313-1/7816ed4b8ceb57a88200974d2b0b23a1.png IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type PNG image data, 271 x 83, 8-bit/color RGBA, non-interlaced Size 26 kB (26285 bytes) Hash 36843bd19da0ea82b2356c0a4f558b42 e2ec5d9b419768b7174d6058133918f9f16920c9 5ab50e577c7d6e510537c3d6f790a39ed4366c6ae6f221948ebcd7b8f5989986 HTTP Headers `GET /upload/site/20240313-1/7816ed4b8ceb57a88200974d2b0b23a1.png HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: image/png content-length: 26285 last-modified: Tue, 12 Mar 2024 16:17:20 GMT etag: "65f08010-66ad" expires: Fri, 17 May 2024 21:18:11 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 36301 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BDakSXRlR6CKKD5d2andYUtmQJcTJbl%2BqVLDl6AHSwvNQX2aCOPjEasGfN9UAleDgXgZJ3vJLpBtRZPDtThEmDp7WeRtA5Xll3mHU7qV3Bcde1h1mHqq91tbeWW4VBfCQvt"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87cdc975689-OSL alt-svc: h3=":443"; ma=86400

	www.rswuma5.buzz/template/fld-hui/js/main.min.js	172.67.154.99	200 OK	479 kB
URL GET HTTP/3 www.rswuma5.buzz/template/fld-hui/js/main.min.js IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type Size 479 kB (479424 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /template/fld-hui/js/main.min.js HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: application/javascript last-modified: Mon, 08 Jan 2024 10:59:06 GMT vary: Accept-Encoding etag: W/"659bd57a-750c0" expires: Thu, 18 Apr 2024 09:18:11 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 36301 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppH7Oaz2UXY0OxnIrAtU%2Bu5U450dFYXJz9vXEtuOJd5P0WCWDRxT5PYmCqLMAFjlKYUmYYCrLl2CsAf%2Fv27VdIb9tLmu6fEAjOsR2HajEjp5%2BDzaCiKSn%2FeakpIi9%2F02YO5c"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e87d3d195689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	www.rswuma5.buzz/template/fld-hui/css/jquery.fancybox-metal.css?1	172.67.154.99	200 OK	5.8 kB
URL GET HTTP/3 www.rswuma5.buzz/template/fld-hui/css/jquery.fancybox-metal.css?1 IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type ASCII text, with very long lines (6095), with no line terminators Size 5.8 kB (5764 bytes) Hash faab895fca0a52b98a806ed936999634 dd8c85681c4423b8e92de6a0b549b052059a4914 9cde378061e9cab682e623bd18bdee5f99685e45618d552873782157a7837198 HTTP Headers `GET /template/fld-hui/css/jquery.fancybox-metal.css?1 HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: text/css last-modified: Mon, 08 Jan 2024 10:59:05 GMT vary: Accept-Encoding etag: W/"659bd579-1684" expires: Thu, 18 Apr 2024 09:18:10 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 36302 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRYvyUKsMM%2BaqoswAkavrFLH4fOS4UiQI6rY1KYRVLiOFQHnUgx9D7kbRv9vpB3DbXnD51ASBhRyFuZ2tJnevUsdMsE%2Fa885h9xq7J0Gi6MLh5rWaw6WJjsBO1t27El2rlIr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e87ccc8c5689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	www.rswuma5.buzz/static/js/home.js	172.67.154.99	200 OK	38 kB
URL GET HTTP/3 www.rswuma5.buzz/static/js/home.js IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type Size 38 kB (38309 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /static/js/home.js HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: application/javascript last-modified: Tue, 24 Aug 2021 06:28:32 GMT vary: Accept-Encoding etag: W/"61249190-95a5" expires: Thu, 18 Apr 2024 09:18:10 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 36302 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bd6X0LQgsZjcqS7ISQuRid9woz7olBrHSFZtQMEGFZSGk%2F3jnXiU9eyZtYw0MenSbYxA9yleiO1qHXuulIzGlGbBLoY2NMxTvpRWRSXYMpEscdbn%2B27DZaavJJxGkTb3Mgs"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e87cdc945689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	img-js.xn--15q617acha879f.com/w	188.114.96.1	200 OK	22 B
URL POST HTTP/2 img-js.xn--15q617acha879f.com/w IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectxn--15q617acha879f.com FingerprintE9:1B:6D:BD:16:CB:84:9F:B2:B5:A1:88:D7:48:1B:80:66:86:3C:DF ValiditySun, 14 Apr 2024 17:14:15 GMT - Sat, 13 Jul 2024 17:14:14 GMT File type ASCII text, with no line terminators Size 22 B (22 bytes) Hash 241e80d2b382f439094fb22eb80e20e2 a116e2df9b3901db3a097ddbfd6ea31b2e357458 74bf058e89f4d51e6a860fbabee81248f6f69a70ce57ed93188f85298c1cc5b9 HTTP Headers `POST /w HTTP/1.1 Host: img-js.xn--15q617acha879f.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 907 Origin: https://www.rswuma5.buzz DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 07:23:23 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: https://www.rswuma5.buzz access-control-allow-methods: GET,POST,OPTIONS access-control-allow-headers: Content-type,x-tt-w access-control-allow-credentials: true set-cookie: bmwt="HUQFRFxGV1FXVVJUU1ZWVVZWVUpGRBREXEZTUlBRUxs="; Path=/ cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e25rJSovvh%2ByVlkK8uYGKGI3j5%2BBpeYfCSBmd7zzthOaOhOvRYu902inXQC3naXfyesQh9cowc1X8TmekT%2BhrgQZrGDUb9pCyAffxoG%2BEqR7XkXfzXlXsh2q1bC3Z%2B8O4tLHc5PRGYAhaMJMjvS0yQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e8ba8fb55689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.rswuma5.buzz/template/fld-hui/js/jquery.min.js	172.67.154.99	200 OK	146 kB
URL GET HTTP/3 www.rswuma5.buzz/template/fld-hui/js/jquery.min.js IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type JavaScript source, ASCII text, with very long lines (522) Size 146 kB (146063 bytes) Hash 8be9cef8a4f454be76c10e60deaf6244 193972ed6a0d264946a38075d465ce1ad4c3b389 f3bf1dfc30c3d03223733bf3f8db208eac938252d5bd7fcd67443e3868815066 HTTP Headers `GET /template/fld-hui/js/jquery.min.js HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: application/javascript last-modified: Mon, 08 Jan 2024 10:59:06 GMT vary: Accept-Encoding etag: W/"659bd57a-23a8f" expires: Thu, 18 Apr 2024 09:18:10 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 36302 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXRd1zFJ0xp%2BArfwely9q1ZIO9UJJC6jCn6H8VXuIU%2F1kRVBQ6ZOaAZ10EAtBoTt%2BEa6r8c0QoAODzZH5%2BrKSVgJz4X2eFiE3okpi6UrfPudkrpZ662M3jWPGJpZwLQ5wQiS"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8762e87ccc8e5689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	www.rswuma5.buzz/template/fld-hui/images/search.svg	172.67.154.99	200 OK	3.1 kB
URL GET HTTP/3 www.rswuma5.buzz/template/fld-hui/images/search.svg IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type SVG Scalable Vector Graphics image Size 3.1 kB (3139 bytes) Hash 245883cf09247af2859230e7dd7436f9 1578665972ddbee56559c1667b1690fa657c2ef6 a0a22ad7a635bb8d69f2a00ff909164bdb68ffa25c4b7a2c17aae8981159341d HTTP Headers `GET /template/fld-hui/images/search.svg HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/template/fld-hui/css/black-mini.css Cookie: kt_tcookie=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:13 GMT content-type: image/svg+xml last-modified: Mon, 08 Jan 2024 10:59:06 GMT etag: W/"659bd57a-c43" cache-control: max-age=14400 cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHpbmidO8812RrogvOxewipZbHeC1%2FPE10xchb2xVOrCCWdH2xRPMp9qUtrrM2SFmhxI3h5w0wzLrshUtbSWf%2F8pqJJL6DUgL7xdnq3pVTaIoa%2F4cgTM1BebDl1em3FzsyOD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e88038f55689-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	img-js.xn--wbs26e.net/js/wl2.js	111.47.131.100	200 OK	88 kB
URL GET HTTP/2 img-js.xn--wbs26e.net/js/wl2.js IP 111.47.131.100:443 ASN #9808 China Mobile Communications Group Co., Ltd. Requested by https://www.rswuma5.buzz/ Certificate IssuerZeroSSL Subject.xn--wbs26e.net Fingerprint3A:50:97:7D:39:3F:08:EC:AB:51:49:F6:C5:B5:F2:8C:D2:9A:0A:56 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT File type Size 88 kB (88013 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /js/wl2.js HTTP/1.1 Host: img-js.xn--wbs26e.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.rswuma5.buzz DNT: 1 Connection: keep-alive Referer: https://www.rswuma5.buzz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Byte-nginx content-type: text/plain content-length: 88013 accept-ranges: bytes access-control-allow-origin: * age: 126 cache-control: max-age=3600 etag: "657abbc9-157cd" last-modified: Thu, 14 Dec 2023 08:24:41 GMT x-bdcdn-cache-status: TCP_HIT x-request-id: 553476eea41bc44834d7b58fb67cf244 x-request-ip: 91.90.42.154 x-response-cache: edge_hit x-response-cinfo: 91.90.42.154 x-tt-trace-tag: id=5 date: Thu, 18 Apr 2024 07:23:21 GMT via: cache09.xycm X-Firefox-Spdy: h2`

	www.rswuma5.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	172.67.154.99	200 OK	1.2 kB
URL GET HTTP/3 www.rswuma5.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.154.99:443 ASN #13335 CLOUDFLARENET Requested by https://www.rswuma5.buzz/ Certificate IssuerLet's Encrypt Subjectrswuma5.buzz FingerprintC5:49:70:4F:6E:D6:47:48:85:62:58:22:26:46:78:A9:09:B0:DD:F2 ValidityThu, 28 Mar 2024 08:09:31 GMT - Wed, 26 Jun 2024 08:09:30 GMT File type HTML document, ASCII text, with very long lines (1271), with no line terminators Size 1.2 kB (1239 bytes) Hash 40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c HTTP Headers `GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 Host: www.rswuma5.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.rswuma5.buzz/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 18 Apr 2024 07:23:12 GMT content-type: application/javascript last-modified: Tue, 16 Apr 2024 15:45:04 GMT etag: W/"661e9d00-4d7" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1t9pEgyFz8jAcaHRxyecNqfv4NkSClAMLz%2Fwqp0KHiu92boup4GwYqNyrkgK1RfkRBjsyV4CMYXjBWTIeGqDXggotH9tjwlG%2BgSZ7VgMSh4i%2BRY3e89OLUhVEKE7igjsUuQ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8762e87d3d145689-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Sat, 20 Apr 2024 07:23:12 GMT cache-control: max-age=172800, public content-encoding: gzip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML