Overview

URL www.akhbarjagat.com/uploads/Sports/Boxing/Feb/orderoverview/notepad.php/cdym/gpvqg/?pass=mnzf1r1g1v00uf
IP23.19.132.94
ASNLEASEWEB-USA-PHX
Location United States
Report completed2022-09-22 02:54:32 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-22 2 66377311795.com Sinkholed


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-09-22 00:36:50 UTC 182.61.201.93
mnemonic passive DNS ocsp.globalsign.com (3) 2075 2012-05-25 06:20:55 UTC 2022-09-21 04:23:28 UTC 104.18.20.226
mnemonic passive DNS ia.51.la (2) 59607 2017-10-31 08:01:51 UTC 2022-09-21 12:38:25 UTC 103.143.19.103
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-21 04:18:32 UTC 34.160.144.191
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-21 04:20:37 UTC 34.117.237.239
mnemonic passive DNS pic.picnewsss.com (1) 0 2022-06-14 11:57:58 UTC 2022-09-21 21:52:00 UTC 23.225.139.251 Unknown ranking
mnemonic passive DNS kvemm.com (1) 222018 2021-10-18 01:51:02 UTC 2022-09-21 18:45:31 UTC 104.143.94.110
mnemonic passive DNS yaoji666.oss-cn-hongkong.aliyuncs.com (1) 0 2022-07-12 23:48:19 UTC 2022-09-21 21:22:23 UTC 47.75.19.91 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS facai688.xyz (1) 0 2022-06-01 19:17:43 UTC 2022-09-20 22:33:21 UTC 108.62.14.8 Unknown ranking
mnemonic passive DNS 566ao.com.566dou.com.566ban.com.abz78.xyz (25) 0 2022-09-20 22:33:22 UTC 2022-09-20 22:33:22 UTC 142.91.194.44 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-21 19:08:12 UTC 143.204.55.35
mnemonic passive DNS tj.facai688.xyz (1) 0 2022-06-01 19:17:42 UTC 2022-09-20 22:33:21 UTC 108.62.14.8 Unknown ranking
mnemonic passive DNS hm.baidu.com (4) 8254 2012-05-26 08:38:45 UTC 2022-09-21 06:41:16 UTC 103.235.46.191
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-09-21 04:56:28 UTC 104.18.21.226
mnemonic passive DNS kvhhhh.top (1) 0 2022-02-24 17:36:27 UTC 2022-09-21 03:33:17 UTC 104.21.235.36 Unknown ranking
mnemonic passive DNS 884352.com (1) 0 2021-01-28 20:39:57 UTC 2022-09-21 04:54:52 UTC 47.75.19.14 Unknown ranking
mnemonic passive DNS 66377311795.com (1) 0 2022-08-09 09:37:37 UTC 2022-09-22 02:41:58 UTC 45.61.212.121 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-21 04:20:37 UTC 34.210.107.213
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-21 14:38:57 UTC 34.120.237.76
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-21 19:41:06 UTC 104.18.32.68
mnemonic passive DNS dimg04.c-ctrip.com (1) 139731 2014-05-08 16:11:10 UTC 2022-09-21 21:51:59 UTC 104.110.17.24
mnemonic passive DNS www.akhbarjagat.com (4) 0 No data No data 23.19.132.94 Unknown ranking
mnemonic passive DNS api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2022-09-21 08:14:42 UTC 182.61.201.93
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-21 20:53:10 UTC 93.184.220.29
mnemonic passive DNS rootnetworksdv.ocsp-certum.com (1) 0 2022-06-01 19:17:44 UTC 2022-09-21 23:19:40 UTC 23.36.79.10 Domain (ocsp-certum.com) ranked at: 9356
mnemonic passive DNS js.users.51.la (2) 53024 2012-05-30 15:10:11 UTC 2022-09-21 15:06:50 UTC 103.143.19.103
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-21 04:18:22 UTC 23.36.76.226


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.19.132.94

Date UQ / IDS / BL URL IP
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-21 03:10:07 +0000
0 - 0 - 4 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-19 05:26:22 +0000
0 - 0 - 3 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-19 05:25:46 +0000
0 - 0 - 3 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-18 04:10:28 +0000
0 - 0 - 2 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

Last 5 reports on ASN: LEASEWEB-USA-PHX

Date UQ / IDS / BL URL IP
2022-12-02 01:08:54 +0000
0 - 0 - 1 www.munkakereso.com/excel/eafe28349e97f8b8c62 (...) 23.81.237.225
2022-12-02 01:08:39 +0000
0 - 0 - 2 munkakereso.com/excel/eafe28349e97f8b8c6276db (...) 23.81.237.225
2022-11-25 01:20:07 +0000
0 - 0 - 2 23.81.227.197/ 23.81.227.197
2022-11-23 03:54:36 +0000
0 - 0 - 4 www.cunetong.com/ 23.19.133.213
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

Last 5 reports on domain: akhbarjagat.com

Date UQ / IDS / BL URL IP
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-21 03:10:07 +0000
0 - 0 - 4 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-19 05:26:22 +0000
0 - 0 - 3 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-19 05:25:46 +0000
0 - 0 - 3 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-18 04:10:28 +0000
0 - 0 - 2 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

No other reports with similar screenshot



JavaScript

Executed Scripts (26)


Executed Evals (1)

#1 JavaScript::Eval (size: 462, repeated: 1) - SHA256: a0b595d2246e129c3862e21182936f4eb966da13c113b909b897a779c7ad8fa9

                                        document.write('<title>�3�
        F8 Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="http:/ / facai688.xyz / tz.html "></iframe></div><style type="
        text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');
                                    

Executed Writes (6)

#1 JavaScript::Write (size: 82, repeated: 1) - SHA256: 3129c6cb3e6c985557cb775967d4b4beedc5f979f655dbc4c5750a9d2fc23655

                                        < script type = "text/javascript"
src = "https://js.users.51.la/21340601.js" > < /script>
                                    

#2 JavaScript::Write (size: 242, repeated: 1) - SHA256: 8e49631304ccce36542cea306c29f188ed01f10c2410082c997b1962ef6159d9

                                        < DIV id = 'duilianl'
class = 'duilian' > < a class = 'dlad'
href = '/guang/xjlunbo.html'
target = '_blank' > < img src = '/guang/tupian/ycggzz.png'
height = "120px" > < /a><a class='dlclose' href='javascript:void(0);' onclick='closedl();'>&#20851;&#38381;</a > < /div>
                                    

#3 JavaScript::Write (size: 237, repeated: 1) - SHA256: 3b3ef9e9a2013da9aa733c11d35986da078ac9e48dc185b2c96f2bec3bfe0f5c

                                        < DIV id = 'duilianr'
class = 'duilian' > < a class = 'dlad'
href = 'https://5468.nl/'
target = '_blank' > < img src = '/guang/tupian/xtb1.gif'
height = "120px" > < /a><a class='dlclose' href='javascript:void(0);' onclick='closedl();'>&#20851;&#38381;</a > < /div>
                                    

#4 JavaScript::Write (size: 489, repeated: 1) - SHA256: baecad1344c8c8e74a5a342332a7f500178423c6e3e928b4aaf05cdbac727cb7

                                        < style > .duilian {
    z - index: 9999;
    position: fixed;
    border - bottom: 1 px dashed red;
    border - right: 1 px dashed red;
    border - left: 1 px dashed red;
}.dlclose {
    height: 25 px;line - height: 25 px;text - align: center;display: block;background - color: # fff;color: # f00;
}.dlad {
    display: block;
}@
media screen and(min - width: 768 px) {.dlad img {
        width: 120 px;
    }.duilian {
        top: 310 px;
    }
}@
media screen and(max - width: 767 px) {.dlad img {
        width: 80 px;
    }.duilian {
        top: 310 px;
    }
}
# duilianl {
    float: left;left: 0 px;
}
# duilianr {
    float: right;right: 0 px;
} < /style>
                                    

#5 JavaScript::Write (size: 41, repeated: 1) - SHA256: 686b6de6277140b94ed6e669562d2206f2fcd8c22b88b839a9a10264f7a8e0a9

                                        566 ao.com.566 dou.com.566 ban.com.abz78.xyz
                                    

#6 JavaScript::Write (size: 443, repeated: 1) - SHA256: f905d0e7c2388e6caf64b22eec971777fbfaff831c004e364afe931ccf5c8360

                                        < title > �3� F8 Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="http:/ / facai688.xyz / tz.html "></iframe></div><style type="
text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
                                    


HTTP Transactions (73)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 02:13:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1np0wxUhfzI9h5kYKDUFQTlcIIlW8vJuDJY-9VX7d1q34sUKjr7QCA==
Age: 2428


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    804f8bbb7f556d51a5f52d5ebd5b6eef
Sha1:   922cd7e06df278615a04abb81d811d14596c8180
Sha256: ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7985
Expires: Thu, 22 Sep 2022 05:07:26 GMT
Date: Thu, 22 Sep 2022 02:54:21 GMT
Connection: keep-alive

                                        
                                            GET /uploads/Sports/Boxing/Feb/orderoverview/notepad.php/cdym/gpvqg/?pass=mnzf1r1g1v00uf HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 22 Sep 2022 02:54:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (547), with CRLF line terminators
Size:   743
Md5:    9b4824d4f096012f20cb546d557aff39
Sha1:   a8c144e5f11d0b649f04521b9f8e724d02a4211b
Sha256: 0941e02c9c9f0fdca526e8342391a5af8623a782f459b1994eaf18cbaf09137f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3614
Expires: Thu, 22 Sep 2022 03:54:35 GMT
Date: Thu, 22 Sep 2022 02:54:21 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: p7VHHpM4BepiCbM0h5UzyQdQ6Eealp3ZsCnA4I/Y7/pfFh4SSh8gSb37NmtYY0rTBX+nt9O7YU8=
x-amz-request-id: 97TZVCBD3EXRBH6K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Sep 2022 02:46:03 GMT
age: 498
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 22 Sep 2022 02:54:21 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /common.js HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/Sports/Boxing/Feb/orderoverview/notepad.php/cdym/gpvqg/?pass=mnzf1r1g1v00uf

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 02:54:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size:   736
Md5:    e1937132dc445610755ef97b7ae0bc2f
Sha1:   44eb128036cc75cde0d3cb9d17b0cc0357f7d456
Sha256: 89e6a1c831957332443532e96c9716959189b18cb117ea7006c6b88732329f87
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/Sports/Boxing/Feb/orderoverview/notepad.php/cdym/gpvqg/?pass=mnzf1r1g1v00uf

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 02:54:12 GMT
Content-Length: 364
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   364
Md5:    332865220902257fed0762697b2141a9
Sha1:   acb142d77b029d4187f5f28b9cf259ba0ccdc647
Sha256: ad78816c60cb946980c076109cdd9f82d96c35fca6320bfc960439b856fdd6c8
                                        
                                            GET /tjc.js HTTP/1.1 
Host: tj.facai688.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         108.62.14.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Tue, 20 Sep 2022 03:09:47 GMT
Accept-Ranges: bytes
ETag: "350d2709eccd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:20 GMT
Content-Length: 276


--- Additional Info ---
Magic:  ISO-8859 text, with no line terminators
Size:   276
Md5:    13b6bb69b14edc3b7d3ab85e39bc9e53
Sha1:   b5398f2dbc5d1cbc7d4d4bc93cf80cb7031cbd46
Sha256: 26c4bc793e639fcbefe988ed92a94ef6efba4020aa7a6009e35db11f3ac2304d
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 22 Sep 2022 02:30:29 GMT
Expires: Thu, 22 Sep 2022 02:53:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VaexE8PCAdH8Klv8XOfgIGCPHTMMJSV_IY9bHwPbZvtVIBSlLIfOZA==
Age: 1432


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         182.61.201.93
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Thu, 22 Sep 2022 02:54:21 GMT
Etag: "4078521116"
Expires: Fri, 22 Sep 2023 02:54:21 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CC40B84CC0A7D2853E77911C4A06E446:FG=1; max-age=31536000; expires=Fri, 22-Sep-23 02:54:21 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /tz.html HTTP/1.1 
Host: facai688.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Upgrade-Insecure-Requests: 1

                                         
                                         108.62.14.8
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Tue, 20 Sep 2022 03:09:30 GMT
Accept-Ranges: bytes
ETag: "8a1157669eccd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:20 GMT
Content-Length: 266


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   266
Md5:    ba0fcda109c23ea846742198c54b043f
Sha1:   579cacadba40ddedd4ca1915287538dc6f0f401d
Sha256: 83ec68bb14000873e235bc6b2d5bf5371f81c61c871a3abe9fa34b2f0fd6fab3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2791
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 02:54:22 GMT
Last-Modified: Thu, 22 Sep 2022 02:07:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L6swakSTuN7NkfEjXQRy7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.210.107.213
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2K6tNXQoR++HClECwHH1+RqRdvg=

                                        
                                            GET /s.gif?l=http://www.akhbarjagat.com/uploads/Sports/Boxing/Feb/orderoverview/notepad.php/cdym/gpvqg/?pass=mnzf1r1g1v00uf HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         182.61.201.93
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Thu, 22 Sep 2022 02:54:22 GMT

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 26 Sep 2022 00:37:53 GMT
ETag: "eda8f6100b72113e243a8ab5f9984041e041c9ae"
Last-Modified: Thu, 22 Sep 2022 00:37:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3339
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7c16e7eebb523-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    a21e63363f75ab63ef641c13f71d57bd
Sha1:   eda8f6100b72113e243a8ab5f9984041e041c9ae
Sha256: b45a2db7e98856920fce9790a0c0c1416a83d07c042b1b0ce7f4f24ddd25a8a3
                                        
                                            POST / HTTP/1.1 
Host: rootnetworksdv.ocsp-certum.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.10
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1490
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Thu, 22 Sep 2022 02:54:22 GMT
Connection: keep-alive
X-N: S


--- Additional Info ---
Magic:  data
Size:   1490
Md5:    f854dee64c587c1bf5b49b2b3e26ab78
Sha1:   986f3e26ccc8c884eee31cdb2779f0380b138bb8
Sha256: 417eab2643631bb7886b4f3f3cdf8ad80e64c9cbdfa488ec656f79128ef5ff6e
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 26 Sep 2022 00:37:41 GMT
ETag: "82020c69f66ed866fa807291ee15a15ca7e4183c"
Last-Modified: Thu, 22 Sep 2022 00:37:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7c16faf5fb523-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    da9f9dc9d448e3fd786504605081f72e
Sha1:   82020c69f66ed866fa807291ee15a15ca7e4183c
Sha256: 67db5542b87bb1af185fa313efefea5542cf7ff495855489e2780d5b0a1840e3
                                        
                                            GET / HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://facai688.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.3.33, ASP.NET
Date: Thu, 22 Sep 2022 02:54:21 GMT
Content-Length: 12313


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   12313
Md5:    b4db9d97e8585130c2971f77cfefaea4
Sha1:   562f7a7ae5bf73e9ce3a39ce5d332e28c593e24b
Sha256: 190b797ca3805697a7885f68909317b0c7107d5914e6ff96911b509c86fdb498
                                        
                                            GET /21340601.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Thu, 22 Sep 2022 02:54:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=e7ca02ce3c4cebc17c6; path=/ HWWAFSESTIME=1663815260598; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    2ff318a80195125269380e0a04912fd5
Sha1:   c2346db1a1d365a971fc0059363113c03340e2b0
Sha256: e3e5e1740b559ee77b18767fdd8d33e8886a306d74565c288e132f634c2979e4
                                        
                                            GET /template/default_pc/static/css/bootstrap.min.css HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 16:30:00 GMT
Accept-Ranges: bytes
ETag: "0b4ce92cb36d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:21 GMT
Content-Length: 20869


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   20869
Md5:    d396b7d3ad370ccd36985d7bc35dfbd9
Sha1:   b54349c3f074289bb2183a20d20275c859944f91
Sha256: b07c213229c2b22c54f600793044ac3e8bcc11dbacb997e23a52cdbb64b696b2
                                        
                                            GET /template/default_pc/static/css/swiper.css HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:20 GMT
Accept-Ranges: bytes
ETag: "072bfb87a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:21 GMT
Content-Length: 2844


--- Additional Info ---
Magic:  ASCII text, with very long lines (17459), with CRLF line terminators
Size:   2844
Md5:    73495b6b6735f3cbfb2bd61190ab1e9b
Sha1:   8e91c8f0db49ce355c937b4bf889e2e28d90e474
Sha256: 25503d8d79625393388b2012fcff75ca11a0ff24e99ab2e96b81477d03d5b8e7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11245
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 02:54:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11245
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 02:54:23 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F969d6cdd-691e-480c-aa3f-20d1f7156aa3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13329
x-amzn-requestid: 54887f94-9832-494c-b1c8-0a27ac04b3e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HDmHlQoAMFfLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b854a-5fb778255bce533044676173;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CV7jUyg4kF60YvwbCWKgOsL-jhP_Mw2SMXs6uyWw-Bwbfy-SoOmtWA==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:08:34 GMT
age: 17149
etag: "deb3edfb3995fa43ca3e8dcc2adb09028bd240e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13329
Md5:    935051c999523e0eb4c95bbe470f5708
Sha1:   deb3edfb3995fa43ca3e8dcc2adb09028bd240e3
Sha256: 30efea98cf000c8a0fd6e02b08ab114d4453c2d6f63360a352ebbd0f0bd138a0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:10:59 GMT
age: 85404
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8861
Md5:    a504981ee10d8341b64f19001464ae8a
Sha1:   56f228d7358ba9deef000f53214dc7c1dc358109
Sha256: 0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
                                        
                                            GET /21304457.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Thu, 22 Sep 2022 02:54:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=8c65f44ea84d36b2392; path=/ HWWAFSESTIME=1663815258327; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    9dd130e2d6360f9394d135b73733e123
Sha1:   35370c294542e42c3f0a3b2c9412bdc4e6701df7
Sha256: f7db63a3170b1633f70f5053179bee2ee27634141f46727c9926a6818d2909d0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd80c0b0-1f50-41ad-b183-4804f10ef060.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9877
x-amzn-requestid: 865f77de-c569-4938-9ae9-b79b11ae0804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vF4oIAMF19w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-5111662b354f54bf3c2b77c9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QK9VmdBUjWZRhzyGjcsCBVYrSuxOgpjd-3piCc7DwB021dG53UK6RQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 19201
etag: "8fa5650de8e274f8fc2fb96e13a4976e0fedb6c9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9877
Md5:    b8bb6194dcfc32bf02932f4bbb1dcec0
Sha1:   8fa5650de8e274f8fc2fb96e13a4976e0fedb6c9
Sha256: 45d8af4c39b0bcacd2909b6deec2fc080a6a64936b53ebd7f6309381358bcaa9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d546012-e1d1-4ccd-a38f-d808cdfe4af0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5161
x-amzn-requestid: 9ba63285-4cef-4604-bd12-95a99463e087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0wHYXIAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-1380adf019b16d5a50475cdb;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2L14PporWFOOt2LmcUHgHTaXf8cycYkZ9toEwlKlyeS8jQlP8oX7qw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 19201
etag: "af20ced3f00015ad8ae837d7cf3f39b9f5f0f752"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5161
Md5:    06589b53db5d3d6307e15e354325e252
Sha1:   af20ced3f00015ad8ae837d7cf3f39b9f5f0f752
Sha256: 513daca9889934875f2c453aaed4ce1af32628550a4b2f2b8e69533cb09eda56
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 19201
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8678
Md5:    91c56f0b9810bfdd84e10a626b89e389
Sha1:   15d83e44d568938b6c9c87201e898cedb3edec0a
Sha256: 942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:03 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
age: 16700
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11286
Md5:    9becda6e892a190dbbc63216ae697506
Sha1:   ba3369e1827d8f01ca10acb8648195847dd02ffd
Sha256: d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
                                        
                                            GET /hm.js?95261ac534fe80c3a202f1e9e7b7b02c HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Date: Thu, 22 Sep 2022 02:54:23 GMT
Etag: 48b387d8a8694985893de984c382598d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C08A74AB631CF82B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (628)
Size:   11341
Md5:    b1ec867887f43f5148c6f07f9a6910ef
Sha1:   b0301756ddb0ce0095ae6d1041418cd28669cefb
Sha256: b38f3e99e61ba921fe07f765deb1a6986daeb3071c9946ec8f7d33d9cdcdcfb4
                                        
                                            GET /guang/dibu.js HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 03:36:18 GMT
Accept-Ranges: bytes
ETag: "1f46c4a546cad81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:21 GMT
Content-Length: 732


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   732
Md5:    1e58982db18cfedbba886ad670863dc9
Sha1:   47e4c1de0e96c14d0c47484a9480eac41fbb2a29
Sha256: c08fbaa1f3d97a27705a1f3d117b17090721c1f53e198c80f06a6377cad70014
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/Sports/Boxing/Feb/orderoverview/notepad.php/cdym/gpvqg/?pass=mnzf1r1g1v00uf
Cookie: __tins__21340601=%7B%22sid%22%3A%201663815262977%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201663817062977%7D; __51cke__=; __51laig__=1

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Thu, 22 Sep 2022 02:54:14 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 27 Sep 2022 02:54:14 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            GET /template/default_pc/static/js/function.js HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:38 GMT
Accept-Ranges: bytes
ETag: "a2fee2c37a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 295


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   295
Md5:    edef42c7a7d3068b37c8abd68da1e65f
Sha1:   d3a95e5345ee1409ec1670419954b018d3b87843
Sha256: ecb0bda0eb6a9c3d87e202f0265d0257bba62381e76f250a9fdb69e451fb73e7
                                        
                                            GET /template/default_pc/static/js/jquery.lazyload.min.js HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 06:41:44 GMT
Accept-Ranges: bytes
ETag: "084263a7dbad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 1301


--- Additional Info ---
Magic:  ASCII text, with very long lines (3309), with CRLF line terminators
Size:   1301
Md5:    585fbfa6aa45a49cae543556ec02359d
Sha1:   0ec7b720081212cb60a5ade175601872315720ed
Sha256: 539fb61395056ca67b9509f7d93e2254d21936d623c90b2bcd805af05be44dc5
                                        
                                            GET /template/default_pc/static/js/swiper.js HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:35 GMT
Accept-Ranges: bytes
ETag: "8043b0c17a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 23566


--- Additional Info ---
Magic:  ASCII text, with very long lines (31999), with CRLF line terminators
Size:   23566
Md5:    1f0ab62a78bef11558f885e48158c967
Sha1:   febea63527147b66bd2679340b3d85b9c2ffd7f1
Sha256: 63042ddab6019075987f0bb07730151a3164a17e502a2096890018463c3db8a5
                                        
                                            GET /template/default_pc/static/css/style.css HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 07 Jul 2022 12:06:13 GMT
Accept-Ranges: bytes
ETag: "80a8c3f3f991d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 14400


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   14400
Md5:    42eaf106628c6d050b80a1f5fa147a91
Sha1:   9f3e90a1ff07dc60f2763fbd578cfcb70f6f13ff
Sha256: 4883479ca8e4c5b6383ef28d8c812dabcef69700587b25e4ff08054cf08aaee1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 19:20:03 GMT
Expires: Wed, 28 Sep 2022 19:20:02 GMT
Etag: "b0527a3ffafbcc37547c1361c5b983560b3d2eb7"
Cache-Control: max-age=576938,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e7c17639d5b523-OSL

                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1661303572&si=95261ac534fe80c3a202f1e9e7b7b02c&v=1.2.97&lv=1&sn=12683&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.akhbarjagat.com%2Fuploads%2FSports%2FBoxing%2FFeb%2Forderoverview%2Fnotepad.php%2Fcdym%2Fgpvqg%2F%3Fpass%3Dmnzf1r1g1v00uf&tt=%E8%BE%BD%E9%98%B3%E8%B8%8A%E8%83%BA%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 22 Sep 2022 02:54:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=88701D2F12F241F8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /template/default_pc/static/js/jquery.js HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 06:41:44 GMT
Accept-Ranges: bytes
ETag: "084263a7dbad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 35104


--- Additional Info ---
Magic:  ASCII text, with very long lines (1144), with CRLF line terminators
Size:   35104
Md5:    fad2c2e24db686d57d74d53806d73fc4
Sha1:   603ff8fc7d29af457fe952445e86578ba73cf56c
Sha256: d4e1367cc59e239603c8d2ac84ec2738e40dc86a87cde8f59ea14a61b6067dac
                                        
                                            GET /images/0100v120009ttax9l722D.gif?proc=autoorient HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 402231
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=12199545
expires: Fri, 10 Feb 2023 07:40:09 GMT
date: Thu, 22 Sep 2022 02:54:24 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 240\012- data
Size:   402231
Md5:    6497ef8f223cd0070b904d48ece475e5
Sha1:   7e6dc0a79d9a1feef08b8cfffffb2fef7bf83fc6
Sha256: cfe5826da227b26ad6a5dc15aea3ca217a3ff9bab854cc7b72b40468fb9a73bc
                                        
                                            GET /go1?id=21340601&rt=1663815262977&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%252C%25E8%2589%25B3%25E6%2583%2585&ing=1&ekc=&sid=1663815262977&tt=%25E8%25BE%25BD%25E9%2598%25B3%25E8%25B8%258A%25E8%2583%25BA%25E5%2595%2586%25E8%25B4%25B8%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%252C%25E8%2589%25B3%25E6%2583%2585%25E7%2589%2587%25E7%2599%25BE%25E5%25BA%25A6%25E5%25BD%25B1%25E9%259F%25B3&cu=http%253A%252F%252Fwww.akhbarjagat.com%252Fuploads%252FSports%252FBoxing%252FFeb%252Forderoverview%252Fnotepad.php%252Fcdym%252Fgpvqg%252F%253Fpass%253Dmnzf1r1g1v00uf&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=3d1a75fb71fe3db5bb4; path=/ HWWAFSESTIME=1663815261223; path=/

                                        
                                            GET /guang/tupian/db2.jpg HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:35 GMT
Accept-Ranges: bytes
ETag: "ca8c9773de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 7242


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Size:   7242
Md5:    965360a0c06bf3b95a73ea8e5b079524
Sha1:   c131944c0625fc647c7c7c4d355943dbc2c55c34
Sha256: 82a013f5ff2ecd7a01e01a9a87b1fd491f5b4549b42178b54c06af49f77dfe91
                                        
                                            GET /template/default_pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/template/default_pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: font/x-woff
                                        
Last-Modified: Thu, 25 Mar 2021 13:28:51 GMT
Accept-Ranges: bytes
ETag: "d22bbfcb7a21d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 13408


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size:   13408
Md5:    99af6debcdaba3e7ffe01b4c3cbccacb
Sha1:   4efda64b06cd7c294f6214623bcb634f3def3bd1
Sha256: 1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
                                        
                                            GET /guang/cn/j1.png HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 09 Jun 2022 17:52:32 GMT
Accept-Ranges: bytes
ETag: "7084dbb1297cd81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 64830


--- Additional Info ---
Magic:  PNG image data, 1203 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   64830
Md5:    e06793dd687b7e0736944c34320566c6
Sha1:   040fefea486adfb3cd7ff755a05f2f053c2b5eb5
Sha256: 3d97ec7f920193b6021815cc40c6d8a3385b4b7d2c0f2d31ed9a5f5bcf011b2e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D75C0C3DA4B637D6E395C48AADC981BA882F79742F73560CF7EEBED6DCDAD610"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16596
Expires: Thu, 22 Sep 2022 07:31:00 GMT
Date: Thu, 22 Sep 2022 02:54:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FF818EF7F93F61C13D80BE66449E0CF686C7A3E2796AC2DA6E32322D1F73FFCB"
Last-Modified: Mon, 19 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13662
Expires: Thu, 22 Sep 2022 06:42:06 GMT
Date: Thu, 22 Sep 2022 02:54:24 GMT
Connection: keep-alive

                                        
                                            GET /hm.js?a73c6b3011c388d9ab88e39f4c6115e4 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Date: Thu, 22 Sep 2022 02:54:24 GMT
Etag: 526e4e9969e5ad4929add7e542202219
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B9A2E38F04B090C1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (627)
Size:   11340
Md5:    61a018dd7e08ef3781ed87d066f6b502
Sha1:   79bf2dc7dacd66ca48fe7b51f1edac25f4c960b2
Sha256: f8e5021a1fdfc201f552acaeafd8d60f2e4c0dbcf13600902f1da740fc21a304
                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvemm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.143.94.110
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 22 Sep 2022 02:54:24 GMT
content-length: 162
location: https://kvhhhh.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 02:54:24 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 26 Sep 2022 00:13:29 GMT
ETag: "2f0973d8996ee18192d94520e7125adbfa73cb8b"
Last-Modified: Thu, 22 Sep 2022 00:13:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3261
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7c17babebb4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    6b9e9570cebb8f4bbcb3d49b23d01b7c
Sha1:   2f0973d8996ee18192d94520e7125adbfa73cb8b
Sha256: 661538f1557589678519443e9fb807002fb26e9740a51042b1daed9a119c266b
                                        
                                            GET /guang/cn/cnhf1.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Mon, 30 May 2022 16:09:21 GMT
Accept-Ranges: bytes
ETag: "3ba19f3f74d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 137392


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   137392
Md5:    a112d6f3413ecd31e05d8176fe9d3f6d
Sha1:   0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
Sha256: 38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
                                        
                                            GET /guang/tupian/xtb1.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Sat, 17 Sep 2022 03:35:57 GMT
Accept-Ranges: bytes
ETag: "f65d609946cad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 75259


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   75259
Md5:    03c13356e00c2033df2c88cb919251eb
Sha1:   f3a334a0366ddda6a87034f7d6c889c4d159dc8d
Sha256: 0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 02:54:24 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 26 Sep 2022 00:13:52 GMT
ETag: "db1e5c55f3824d0357c7da5df5483cf1d7863552"
Last-Modified: Thu, 22 Sep 2022 00:13:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7c17c5c6eb523-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    2535629717326902b635c65a934dcdc2
Sha1:   db1e5c55f3824d0357c7da5df5483cf1d7863552
Sha256: c2cb80dad0070bb44f329e6ce4b2e2c92f1401c2b9c35ed21d6e637aca2d1eb5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 02:54:24 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 15:45:16 GMT
Expires: Wed, 28 Sep 2022 15:45:15 GMT
Etag: "92b11ae9f542c59ada9aa906d83ab3c29062594d"
Cache-Control: max-age=564050,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e7c17b2bfbb523-OSL

                                        
                                            GET /guang/name.html HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2022 11:35:17 GMT
Accept-Ranges: bytes
ETag: "3f8d78ff3d77d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 725


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   725
Md5:    38e7bb8113e97854cd5f903a1d4544b2
Sha1:   74d991dc005fd03f295f01de3e588344c34f9d1f
Sha256: 795b6fe5fe8bc70643f3cbf8bb528d5fe87d619106ba41667301f17c96542722
                                        
                                            GET /guang/tupian/db1.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:31:42 GMT
Accept-Ranges: bytes
ETag: "3803ee8dd50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 576176


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   576176
Md5:    574d58e8bb6b81686c1828e77c668368
Sha1:   232294da3a2f0af5170ea493a2a957c49372b892
Sha256: 6414121e84ee3dda2b66d55d58666da4f120f4713c7c9380ddda25ce27d48d60
                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvhhhh.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.36
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 22 Sep 2022 02:54:24 GMT
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Sun, 16 Oct 2022 05:33:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 508844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv%2F96ziBq0gg1%2FivieFKCFjOuHcmrS%2FelQu9EO%2F3T7i4RVX1uOWVbRyQjn3%2B%2FoUNno8WMNPTXptZcPQmGf3AZZqT3vaxJfNlpKwL6nNFy82nQWFIFUvDp7M9Swp5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e7c17c4dd4ca50-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   902313
Md5:    8b4a95ea7cfbb7fb4d2b18efca5145f3
Sha1:   d2966ecbeb7369620cce5dbcd15d0fe591d79648
Sha256: dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
                                        
                                            GET /8b17fd7403f34d279e1a46c3c348684b.gif HTTP/1.1 
Host: 884352.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Thu, 22 Sep 2022 02:54:24 GMT
Content-Length: 82543
Connection: keep-alive
x-oss-request-id: 632BCE605337553734C99419
Accept-Ranges: bytes
ETag: "B8D480A34455FCE5B4F033EC1D6DC73E"
Last-Modified: Fri, 22 Jul 2022 08:07:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5142895331750986007
x-oss-storage-class: Standard
Content-MD5: uNSAo0RV/OW08DPsHW3HPg==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 100\012- data
Size:   82543
Md5:    b8d480a34455fce5b4f033ec1d6dc73e
Sha1:   fefed07cbe0b2ff6c6d0d68e66957308824000dc
Sha256: 55cbdd63feae1f58c730fc95162545c02d9032f499dff5197c11744d7532d184
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=935361628&si=a73c6b3011c388d9ab88e39f4c6115e4&su=http%3A%2F%2Ffacai688.xyz%2F&v=1.2.97&lv=1&sn=12684&r=0&ww=1268&ct=!!&u=https%3A%2F%2F566ao.com.566dou.com.566ban.com.abz78.xyz%2F&tt=%E5%8C%85%E5%AD%90%E8%A7%86%E9%A2%91 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 22 Sep 2022 02:54:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=83FFD355935AF6CA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /guang/aisatupian/hf2.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Tue, 17 May 2022 09:03:47 GMT
Accept-Ranges: bytes
ETag: "861e914cd69d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 103177


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   103177
Md5:    6f54c5d04bc8ea6a4a6ade3f4a6d2a16
Sha1:   d823a0141ec47e0df54a8b0f6591fe24f8bba49a
Sha256: b61676a8595049b19424206055edb1e224e7b192a53c63bbe55b78f1f4f39672
                                        
                                            GET /guang/gundong.css HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/guang/name.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 21:57:16 GMT
Accept-Ranges: bytes
ETag: "046aecc8039d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 79959


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   79959
Md5:    0a071f5e220f737b7f81597c017b7a42
Sha1:   4e90a6dd009d91a0840b7ee6c9e41433c6ceab2b
Sha256: 32f6d52e57c617a3eec55cd8565437304aa8470c958386da2c5a8f308dab3570
                                        
                                            GET /tu-2022290039/960-60.gif HTTP/1.1 
Host: pic.picnewsss.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.139.251
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cache-control: max-age=2592000
date: Wed, 21 Sep 2022 16:36:32 GMT
etag: "1663778192"
expires: Fri, 21 Oct 2022 16:36:32 GMT
last-modified: Wed, 21 Sep 2022 16:36:32 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 254728
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   254728
Md5:    e31747184c41fbcc8d20acaeb3269c67
Sha1:   5b3134d7cc79fd35b8e002f56ed737221808744c
Sha256: 59f4e58c787082d958bfc1839a5f5ad39514def82e300edbd262b6cf7cd235f0
                                        
                                            GET /template/default_pc/static/images/pic.png HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/template/default_pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 25 Mar 2021 13:28:35 GMT
Accept-Ranges: bytes
ETag: "c293f8c17a21d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 2790


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   2790
Md5:    c4c07b5b1da14c19ea0bf0d7ca186190
Sha1:   49cc1b883734ebbf7f14e94ed9ed30c479e0aa0a
Sha256: 14db7f862e75e11f1e4bdf9ab0f490340f67dffd1bc22d5e66587787e3f9d883
                                        
                                            GET /guang/cn/j2.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Sat, 23 Jul 2022 13:55:06 GMT
Accept-Ranges: bytes
ETag: "3469a7d09b9ed81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 213805


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   213805
Md5:    f410f5836079ff0b5cd79587a13c8dfa
Sha1:   f0962f95bcb436be5121eb66b143c04daeaf74db
Sha256: 38563dbaaf4cb7aa5ff89f1fb50ab63a477cf7772b4065c407bf5d246fa8dcb3
                                        
                                            GET /guang/tupian/db3.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:50 GMT
Accept-Ranges: bytes
ETag: "e1b16f7cde50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 1633172


--- Additional Info ---
Magic:  GIF image data, version 89a, 420 x 236\012- data
Size:   1633172
Md5:    03694e6f716c74dd38107a019d62982a
Sha1:   fe0a4653b300e6606a646b9079fdb54f31bf7c21
Sha256: e7c7cf39c6320285a3a0571a4f52e73dd4ce32cd365954ffafb6b78470506975
                                        
                                            GET /guang/tupian/ycggzz.png HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sat, 09 Jul 2022 19:44:48 GMT
Accept-Ranges: bytes
ETag: "133b2659cc93d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 356191


--- Additional Info ---
Magic:  PNG image data, 1279 x 710, 8-bit/color RGBA, non-interlaced\012- data
Size:   356191
Md5:    b6fe09c47a82c5a49b433ee42aa1f94c
Sha1:   35402dd7cdc41ad2e2d1a5ec7adea787dd77c95a
Sha256: 9868eaa7485d514d63f78915d937ce33c5e821fb4f6bb8116b5cdca33226352f
                                        
                                            GET /guang/tupian/db5.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:33:49 GMT
Accept-Ranges: bytes
ETag: "ba7a734de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 1241506


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   1241506
Md5:    beea532c959998eb058f10a18ba9f955
Sha1:   88bceda140f926125b997cf0dfab78e6769ff91d
Sha256: 2243cc29bca53b8a38a23368300a3e1a3b2bab9f53e09fa2adb54a2b2730f878
                                        
                                            GET /go1?id=21304457&rt=1663815263827&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%258C%2585%25E5%25AD%2590%25E8%25A7%2586%25E9%25A2%2591%2520www.baozishiping.com%2520%25E6%25AC%25A2%25E8%25BF%258E%25E6%2582%25A8%25E7%259A%2584&ing=1&ekc=&sid=1663815263827&tt=%25E5%258C%2585%25E5%25AD%2590%25E8%25A7%2586%25E9%25A2%2591&kw=%25E5%258C%2585%25E5%25AD%2590%25E8%25A7%2586%25E9%25A2%2591%2520www.baozishiping.com&cu=https%253A%252F%252F566ao.com.566dou.com.566ban.com.abz78.xyz%252F&pu=http%253A%252F%252Ffacai688.xyz%252F HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Thu, 22 Sep 2022 02:54:25 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=94e8ce083c94a2b5a0c; path=/ HWWAFSESTIME=1663815260324; path=/

                                        
                                            GET /guang/tupian/db6.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:04 GMT
Accept-Ranges: bytes
ETag: "e3fcd760de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:23 GMT
Content-Length: 905505


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   905505
Md5:    3abde39f91e4a75e550b7e50eb25e68a
Sha1:   75e357b027236d81ea4b1002d992117d53212bd8
Sha256: 2ee18fe5f2dec0caa8ddca814b0f318e2574bd52b389bb8a2348356567a7db7d
                                        
                                            GET /gg/960X60.gif HTTP/1.1 
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.91
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Thu, 22 Sep 2022 02:54:24 GMT
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 632BCE601F85633338E7BEBC
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   95856
Md5:    57557d6b489d522d480d9b82ce29db65
Sha1:   da2d3b35f0c9534e84e50310aeafe73173037315
Sha256: 4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
                                        
                                            GET /4fe2b2a7d33f4c66a1aa0bd1ae2b2824.gif HTTP/1.1 
Host: 66377311795.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.121
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62ef736b-f90bb"
Date: Thu, 22 Sep 2022 02:54:25 GMT
Server: nginx
Last-Modified: Sun, 07 Aug 2022 08:10:19 GMT
Accept-Ranges: bytes
X-Cache: MISS from cloud-us2-cdnb-21
Content-Length: 1020091


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   1020091
Md5:    b3aedc862671b2fa2e2922fadaa38add
Sha1:   8134113e40aa47b7b0508e81c447ccea8c10e7c0
Sha256: d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /guang/tupian/db4.gif HTTP/1.1 
Host: 566ao.com.566dou.com.566ban.com.abz78.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ao.com.566dou.com.566ban.com.abz78.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:33:19 GMT
Accept-Ranges: bytes
ETag: "446a2822de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 02:54:22 GMT
Content-Length: 6977151


--- Additional Info ---
Magic:  GIF image data, version 89a, 560 x 314\012- data
Size:   6977151
Md5:    b3249ea7501ed6a862fdf53008a77560
Sha1:   5e94076754237a651ce10e857179efdfec781c7f
Sha256: 1c748a7ae300ca829fcf74eb98b48c9f61643efa7b835d13645d0601d52785bf