| 42gjm.xyz/mexq |  23.225.32.155 | 301 Moved Permanently | 162 B |
IP23.225.32.155:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /mexq HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:21:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://42gjm.xyz/mexq
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7c60904d097cde276e4e5632cef1b9f1 4f805026462589345d85e8df2d18eafba6237504 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3668
Expires: Sat, 26 Nov 2022 05:22:21 GMT
Date: Sat, 26 Nov 2022 04:21:13 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash10730f388c028d64e19b8a48d414768f e43b104e57e5ea7ff8568835776858cf2ede6f00 f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4324
Cache-Control: max-age=112925
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:21:13 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:43:18 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8c63b226725ca6e92e3ef586ac19e603 d21ae42a1927501e5293ff3564f52b49f6b0decc 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 26 Nov 2022 05:59:29 GMT
Date: Sat, 26 Nov 2022 04:21:13 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4d7e4eed097b9c4e5d509419f1cfc85a 290bb3d428a7c6330e2e3d73a952b16f820896c8 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 04:17:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 223
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4GFqsKjazpvshztRcydohYGXaQPR0ojA6rpFE/fo63N8w0bi/A+D1FoPNC+lUtLnkwVlwUSQ9sw=
x-amz-request-id: 8H4FCJP3Z5QTYEHC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 03:41:03 GMT
age: 2410
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 04:08:54 GMT
cache-control: public,max-age=3600
age: 739
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashdf06e70fc8a35facf1d8db463d18e231 fa8a2975566cc792898f870e48ae7518d3657326 4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3546
Cache-Control: max-age=107084
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:21:13 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:05:57 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 34.215.94.42 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.215.94.42:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P9N+ZDA9RQSO72Dx5cYcmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NViupddeZ3FKACKbsug6kjqd1JQ=
|
|
| 42gjm.xyz/js/js.js | 23.224.105.228 | 200 OK | 1.2 kB |
IP23.224.105.228:0
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash56c5b8016de29e8e66964b5eff3fdf0b e83777a720f9341964fcf50445098b5bcc512e3b 0e7930d08bd8ccacf3132077048f58bc5c84d19bd59a7d93e0c952adccb7c50a
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/js.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
content-length: 1186
last-modified: Fri, 28 Oct 2022 04:43:05 GMT
etag: "635b5dd9-4a2"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/cfg.js | 23.224.105.228 | 200 OK | 1.9 kB |
IP23.224.105.228:0
File typeASCII text, with CRLF line terminators Hashf20cb0583e473d74e57a7d71c40b3f64 bf4c182d0214a99d06570adf0ff419c15d38212f dcbf012674b46676193bb96cc43c34ce8a7d1fdc9237eb0ed36fcec6e66d9f1a
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/cfg.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
content-length: 1896
last-modified: Fri, 25 Nov 2022 11:55:03 GMT
etag: "6380ad17-768"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/index.js | 23.224.105.228 | 200 OK | 549 B |
IP23.224.105.228:0
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hasha4d400a80fe0b02b9097a8a5a740f9d9 a0bf7bc13fc3a9b6bd6687a17f6bf76edfacc902 01b8cca45e9cf7aa62352e69cb567e87495e048f83195cb5e47f3db57786b7cd
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/index.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
content-length: 549
last-modified: Fri, 28 Oct 2022 04:43:05 GMT
etag: "635b5dd9-225"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/Tpl/x1/logo-s.png | 23.224.105.228 | 200 OK | 4.9 kB |
URL HTTP/242gjm.xyz/Tpl/x1/logo-s.png IP23.224.105.228:0
File typePNG image data, 130 x 40, 8-bit/color RGB, non-interlaced\012- data Hash780441a7526f3f7bc1bffb388c7d64ef cc3347c0778ecdba0fa0dea89ffd1107aa43caf2 13cd6986ae45bfba8251f6399310f8c4f94c5264a29321f4270b9c3f48c791db
GET /Tpl/x1/logo-s.png HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: image/png
content-length: 4878
last-modified: Fri, 28 Oct 2022 04:43:06 GMT
etag: "635b5dda-130e"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/Tpl/x1/cat.png | 23.224.105.228 | 200 OK | 15 kB |
IP23.224.105.228:0
File typePNG image data, 22 x 20, 8-bit/color RGBA, non-interlaced\012- data Hash1cc57b964f1a62c9833324d480053198 5f28ff66c0f8ef83e896b3ea77c680065439a322 ebe324c2c41a3d8d25b9a97a34fd22778ce993ef8fa50cd587f37b701da8c264
GET /Tpl/x1/cat.png HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: image/png
content-length: 14992
last-modified: Fri, 28 Oct 2022 04:43:06 GMT
etag: "635b5dda-3a90"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/cookie.js | 23.224.105.228 | 200 OK | 2.4 kB |
IP23.224.105.228:0
Hash6a03d97ef3c0c2af25173f367da6d3b0 2d689478fab5f3d86e45aca0e6345ea5eafdb178 24c7009e8cbd0e9ee4c82320cdfe3de0c42373ee9d603a9c242afb3e3f6692cd
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/cookie.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
content-length: 2427
last-modified: Fri, 28 Oct 2022 04:43:05 GMT
etag: "635b5dd9-97b"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/tj.js | 23.224.105.228 | 200 OK | 1.5 kB |
IP23.224.105.228:0
File typeHTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash070a680b8ac0a95eae1aa2b7a8c9f5a2 86fa118f827a61d4ccbc0f979bda43229a7433c9 4e097e0b9d39e8746a19ae011ce52abab4b26292c8bfc53bfb2200d7558a0661
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/tj.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
content-length: 1545
last-modified: Fri, 28 Oct 2022 04:43:05 GMT
etag: "635b5dd9-609"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/mobile.js | 23.224.105.228 | 200 OK | 3.8 kB |
IP23.224.105.228:0
Hash9e2d4cf271f1ed5f9b41ce8108cafb25 b0157b4a3b37221d7783af918397c12cb8443231 5b7de9a13c6c91059394808a063bd6aef0f71f939378e89ce83ccfbe71e1f1c2
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/mobile.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
content-length: 3750
last-modified: Fri, 28 Oct 2022 04:43:05 GMT
etag: "635b5dd9-ea6"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9847
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 04:21:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9847
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 04:21:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9847
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 04:21:15 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg | 34.120.237.76 | 200 OK | 4.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash841a4b110022a99ddea6f7bf66df0fa1 126771b86638108050cf57c0d12faa27f80f0edb 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:04:28 GMT
age: 83807
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3b1c6878914466cfece680fa7cb73502 47fac81a2dd809df5c42ca1362f71d553572d2b1 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 22930
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5088223f5973e3cd56f03f50a1e84b79 0b6c9b51d10762a4747286ab5b1c2354fa39c622 8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LDrq5UcFhG63XFZhmeS5Z_mEkwrvuQ2bLfT8hV9I3E1s1lJLZF5Dww==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
age: 23691
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8a82cc688f934411a894427bd493c429 fd67260f92d7faee2360956e8d2ed50a00c1dbcf fbd1a487dac7233861d173e711218d3e3402bc71f538025c540b93696309dc67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12319
x-amzn-requestid: 6973e196-9eb3-4aea-9c60-b8e2158641ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOoGkgIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813590-62965d4c607d4f0a060265d9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZUiheZX0bPmTE4Zf5_sGeCDjBt4KrAGDyGF_a_3x4pqjR-K4mMSYEg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
age: 23691
etag: "fd67260f92d7faee2360956e8d2ed50a00c1dbcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash56d1528e942a2aa2a7f3f6a85f71e277 475980dd8b123ad0acdd54c441271bacad56489f 01f9bd707598d6cb869856ad01d1087f5abc8298727805f61266f6e823814cb8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10209
x-amzn-requestid: e6cf9a8b-bbdc-4978-a186-ffc82b369066
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWINF69oAMF5RA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813701-35f60a7425e3617e672916c9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:43:29 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NpYcqTynn1gdtbZInm4lBnTo9N6ev2jp0Rn6ozMhQlh8kVJ9orQWnw==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:35:20 GMT
age: 20755
etag: "475980dd8b123ad0acdd54c441271bacad56489f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9443750de7962c9e235cbb6dbda24df0 05de7f68103849bd0cd80a704ef97685d0150800 d84e37f9bfd9888a385364c52cdc0d817aa680ee0a83e579ca1f1083f1131468
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12505
x-amzn-requestid: a89c780f-e1a4-451e-842b-656ba43958be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOeHzfIAMFpGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358f-3478b6c81d94ec65388bd3da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5zG4aexCKPFQiK74gstk7S4kWT20BfHdu07UOz955omfjsCulbFUyA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
age: 23691
etag: "05de7f68103849bd0cd80a704ef97685d0150800"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/js.js | 23.225.30.43 | 200 OK | 1.2 kB |
URL HTTP/2www.99isex86.xyz/js/js.js IP23.225.30.43:0
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash56c5b8016de29e8e66964b5eff3fdf0b e83777a720f9341964fcf50445098b5bcc512e3b 0e7930d08bd8ccacf3132077048f58bc5c84d19bd59a7d93e0c952adccb7c50a
GET /js/js.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 1186
last-modified: Fri, 28 Oct 2022 04:49:06 GMT
etag: "635b5f42-4a2"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/cfg.js | 23.225.30.43 | 200 OK | 1.9 kB |
URL HTTP/2www.99isex86.xyz/js/cfg.js IP23.225.30.43:0
File typeASCII text, with CRLF line terminators Hashf20cb0583e473d74e57a7d71c40b3f64 bf4c182d0214a99d06570adf0ff419c15d38212f dcbf012674b46676193bb96cc43c34ce8a7d1fdc9237eb0ed36fcec6e66d9f1a
GET /js/cfg.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 1896
last-modified: Fri, 25 Nov 2022 11:55:02 GMT
etag: "6380ad16-768"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/jquery.js | 23.225.30.43 | 200 OK | 5.5 kB |
URL HTTP/2www.99isex86.xyz/js/jquery.js IP23.225.30.43:0
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (305), with CRLF line terminators Hashaedefc27ba3917c08ad782ec7743e59b 7d756f60de73c62c8bba2da80508af08af0326a7 bb784dace7492c0b39676489923539cbca8da0a5868749d225569a17cb534d19
GET /js/jquery.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 5472
last-modified: Fri, 28 Oct 2022 04:49:06 GMT
etag: "635b5f42-1560"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/index.js | 23.225.30.43 | 200 OK | 549 B |
URL HTTP/2www.99isex86.xyz/js/index.js IP23.225.30.43:0
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hasha4d400a80fe0b02b9097a8a5a740f9d9 a0bf7bc13fc3a9b6bd6687a17f6bf76edfacc902 01b8cca45e9cf7aa62352e69cb567e87495e048f83195cb5e47f3db57786b7cd
GET /js/index.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 549
last-modified: Fri, 28 Oct 2022 04:49:06 GMT
etag: "635b5f42-225"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/menu.js | 23.225.30.43 | 200 OK | 8.7 kB |
URL HTTP/2www.99isex86.xyz/js/menu.js IP23.225.30.43:0
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash9356aafad52f4b90436ff8ed1dca50ed 1aac8248d75fca1ed2f543d8d64b087be9ea57dc 72a51d513d5cef3f9ace07109ed9c4c5d0c9cf1780b13e6c88b7f3d4b0b2d9bb
GET /js/menu.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 8729
last-modified: Fri, 25 Nov 2022 11:55:02 GMT
etag: "6380ad16-2219"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.cn/ |  47.246.44.205 | 200 OK | 471 B |
IP47.246.44.205:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Hasha21533ac3854010fedd23df70f0e7cb1 3fb90aab9f22fbd08a1b39a9eb9360cf7637615f 236c39585a3d9ae6e330962b17dde677cf2241194e1415ec5aaa691f7084c514
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 26 Nov 2022 04:21:15 GMT
Last-Modified: Fri, 25 Nov 2022 12:37:09 GMT
ETag: "6380b6f5-1d7"
Expires: Sun, 27 Nov 2022 12:37:09 GMT
Cache-Control: max-age=116154
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669436475
Via: cache25.l2de2[193,193,200-0,M], cache25.l2de2[195,0], cache1.se1[215,214,200-0,M], cache1.se1[217,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 26 Nov 2022 04:21:15 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516694364757033211e
|
|
| cdn.staticfile.org/jquery_lazyload/1.9.3/jquery.lazyload.js | 47.246.44.211 | 200 OK | 2.3 kB |
URL HTTP/1.1cdn.staticfile.org/jquery_lazyload/1.9.3/jquery.lazyload.js IP47.246.44.211:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Hash822c287d0a83f5cf192f218c1287d211 cda5940ec072cd6096d8de5693a25cf6deeb9d26 7c88c79523a4b28513402047f5ae4fad2003187cec605aea6e4573ea9f6b3e9f
GET /jquery_lazyload/1.9.3/jquery.lazyload.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 2306
Connection: keep-alive
Date: Fri, 25 Nov 2022 04:42:48 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FvPAC_OyeIYvE6HHrDzyPiwaejPd.gz"
Vary: Accept-Encoding
X-Reqid: zLQAAABD35c5uioX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.lazyload.js"; filename*=utf-8''jquery.lazyload.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:26:31 GMT
Ali-Swift-Global-Savetime: 1669351368
Via: cache10.l2de2[0,0,304-0,H], cache14.l2de2[1,0], cache8.se1[0,0,200-0,H], cache4.se1[1,0]
X-M-Log: QNM:jjh1507;QNM3/304
X-M-Reqid: zmYAAIoB-6Is760W
X-Qnm-Cache: Hit
Content-Encoding: gzip
Age: 85107
X-Cache: HIT TCP_MEM_HIT dirn:11:117854391
X-Swift-SaveTime: Fri, 25 Nov 2022 05:00:07 GMT
X-Swift-CacheTime: 85361
Timing-Allow-Origin: *
EagleId: 2ff62c9816694364759313108e
|
|
| www.99isex86.xyz/js/shangshan_dasiqq315.js | 23.225.30.43 | 200 OK | 15 kB |
URL HTTP/2www.99isex86.xyz/js/shangshan_dasiqq315.js IP23.225.30.43:0
File typeASCII text, with very long lines (316) Hashecede6478c75382e5d881a6fa097be3e 74a5f0eed83ca5515a5f74a5db45e87a5af9c5ea e8bd7148a4b791c474880b93601f9f31691304d4009bc436a136e5948af1d26f
GET /js/shangshan_dasiqq315.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 15139
last-modified: Fri, 25 Nov 2022 11:55:02 GMT
etag: "6380ad16-3b23"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/xiashan_dasiqq315.js | 23.225.30.43 | 200 OK | 16 kB |
URL HTTP/2www.99isex86.xyz/js/xiashan_dasiqq315.js IP23.225.30.43:0
File typeASCII text, with very long lines (317), with CRLF line terminators Hashb7ed70945b424f7f7c42604c2a17333f b2025267a01646babcdd348380392acc44e16150 7d1b6ec1f73ae2a56cadc6c7a78473ed998b4793a594e1c217dac46a402ebd51
GET /js/xiashan_dasiqq315.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 15971
last-modified: Fri, 25 Nov 2022 11:55:02 GMT
etag: "6380ad16-3e63"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/analysis.min.js | 23.225.30.43 | 200 OK | 4.7 kB |
URL HTTP/2www.99isex86.xyz/js/analysis.min.js IP23.225.30.43:0
File typeASCII text, with very long lines (4360) Hashe299c4939a4a10246a4d4dfaea635c95 f6285a077bcad4e2c38f2db010a2ebac44bb02a6 6107efd2c283c35f3dbcc7298163583a69c62ac066a5a235aa9768f1d2bd5a9d
GET /js/analysis.min.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 4697
last-modified: Fri, 28 Oct 2022 04:49:06 GMT
etag: "635b5f42-1259"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/cookie.js | 23.225.30.43 | 200 OK | 2.4 kB |
URL HTTP/2www.99isex86.xyz/js/cookie.js IP23.225.30.43:0
Hash6a03d97ef3c0c2af25173f367da6d3b0 2d689478fab5f3d86e45aca0e6345ea5eafdb178 24c7009e8cbd0e9ee4c82320cdfe3de0c42373ee9d603a9c242afb3e3f6692cd
GET /js/cookie.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 2427
last-modified: Fri, 28 Oct 2022 04:49:06 GMT
etag: "635b5f42-97b"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/tj.js | 23.225.30.43 | 200 OK | 1.5 kB |
URL HTTP/2www.99isex86.xyz/js/tj.js IP23.225.30.43:0
File typeHTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash070a680b8ac0a95eae1aa2b7a8c9f5a2 86fa118f827a61d4ccbc0f979bda43229a7433c9 4e097e0b9d39e8746a19ae011ce52abab4b26292c8bfc53bfb2200d7558a0661
GET /js/tj.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 1545
last-modified: Fri, 28 Oct 2022 04:49:06 GMT
etag: "635b5f42-609"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/js/mobile.js | 23.225.30.43 | 200 OK | 3.8 kB |
URL HTTP/2www.99isex86.xyz/js/mobile.js IP23.225.30.43:0
Hash9e2d4cf271f1ed5f9b41ce8108cafb25 b0157b4a3b37221d7783af918397c12cb8443231 5b7de9a13c6c91059394808a063bd6aef0f71f939378e89ce83ccfbe71e1f1c2
GET /js/mobile.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 3750
last-modified: Fri, 28 Oct 2022 04:49:06 GMT
etag: "635b5f42-ea6"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.cn/ | 47.246.44.205 | 200 OK | 471 B |
IP47.246.44.205:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Hasha21533ac3854010fedd23df70f0e7cb1 3fb90aab9f22fbd08a1b39a9eb9360cf7637615f 236c39585a3d9ae6e330962b17dde677cf2241194e1415ec5aaa691f7084c514
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 26 Nov 2022 04:21:15 GMT
Last-Modified: Fri, 25 Nov 2022 12:37:09 GMT
ETag: "6380b6f5-1d7"
Expires: Sun, 27 Nov 2022 12:37:09 GMT
Cache-Control: max-age=116154
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669436476
Via: cache21.l2de2[278,278,200-0,M], cache21.l2de2[279,0], cache4.se1[300,299,200-0,M], cache4.se1[301,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 26 Nov 2022 04:21:16 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816694364757053036e
|
|
| cdn.staticfile.org/jquery/2.1.0/jquery.js | 47.246.44.211 | 200 OK | 73 kB |
URL HTTP/1.1cdn.staticfile.org/jquery/2.1.0/jquery.js IP47.246.44.211:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Hashdee143aa77f3113a6e6272cedb92b6f9 3f3552454b7ee0d98504008e00729ef25b426a9c ed428ca37999f3a24d11e0f6d62e5c7783c280c76e3b971a9fd7c4a167540d9b
GET /jquery/2.1.0/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 72725
Connection: keep-alive
Date: Fri, 25 Nov 2022 06:52:08 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "Fg_j5Wfgd2Im7pgya6jK52gGg8ES.gz"
Vary: Accept-Encoding
X-Reqid: Iy4AAACXvXFIwSoX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1669359128
Via: cache23.l2de2[0,0,304-0,H], cache14.l2de2[1,0], cache5.se1[0,0,200-0,H], cache5.se1[1,0]
Content-Encoding: gzip
Age: 77348
X-Cache: HIT TCP_MEM_HIT dirn:4:55535142
X-Swift-SaveTime: Fri, 25 Nov 2022 09:53:33 GMT
X-Swift-CacheTime: 75515
Timing-Allow-Origin: *
EagleId: 2ff62c9916694364760166883e
|
|
| www.99isex86.xyz/js/pop_layer.js | 23.225.30.43 | 200 OK | 11 kB |
URL HTTP/2www.99isex86.xyz/js/pop_layer.js IP23.225.30.43:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10942), with no line terminators Hash44b292e6cfceb3952fdd268f209a2750 c051033206b0e268c66ce8830b58e2f5995c7eac 363f8137cb67407f438345174f9af5e0e3f828366ff98e74cbcd9c54128a9151
GET /js/pop_layer.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: application/javascript
content-length: 11196
last-modified: Fri, 25 Nov 2022 11:55:02 GMT
etag: "6380ad16-2bbc"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashe388353a642bc503beff27c23339e2b5 7849301df8cbfa3f9c019b1d4033b66e0f44c4bd 5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=G-1E7KLDCG3P | 142.250.74.168 | 200 OK | 77 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-1E7KLDCG3P IP142.250.74.168:0
File typeASCII text, with very long lines (21484) Hash470dea65b14be0ecda259418b7fc21cf 3f6224733fcbbc39302a07157faea392b52254cb 8797cc43456e19238ffc4ff1e09abfcd302f282ec5bf156c44487e00a1aae44a
GET /gtag/js?id=G-1E7KLDCG3P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 04:21:16 GMT
expires: Sat, 26 Nov 2022 04:21:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hasha0111a2443450172e5d2b48d350a8f57 75e89d4cd001303e66a93880f96d6c47e7d665ab c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.99isex86.xyz/js/notice.js | 23.225.30.43 | 200 OK | 3.4 kB |
URL HTTP/2www.99isex86.xyz/js/notice.js IP23.225.30.43:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2760), with CRLF line terminators Hashebd0ab918965e39474567dcc477e606b d992382bf8ff7e326bd521dd1a616a7514a04471 c03deced144f07e7a68ec2c67e3f5d6f0b709f6bad9d25ea01f706e55fe13ac0
GET /js/notice.js HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Cookie: guid=0fab3f67208c80f4ae0e2a9847c2684f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:16 GMT
content-type: application/javascript
content-length: 3397
last-modified: Fri, 28 Oct 2022 04:49:06 GMT
etag: "635b5f42-d45"
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/xiashan_dasiqq315.js | 23.224.105.228 | 200 OK | 2.0 kB |
URL HTTP/242gjm.xyz/js/xiashan_dasiqq315.js IP23.224.105.228:0
Hasha076e4fad0c8137d4412aa4fb9414afa d4773e0a27d402e43ecde74e351cd8ec9a977796 1cc052b55b9779fac12387fb8fc6b3b33e78726928125e23819251eee6d66e77
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/xiashan_dasiqq315.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 11:55:03 GMT
vary: Accept-Encoding
etag: W/"6380ad17-3e63"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/c56c46e0cb3f7d57da817eb1eff613a2_w720_h450_s67.jpg |  101.33.29.231 | 200 OK | 48 kB |
URL HTTP/2pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/c56c46e0cb3f7d57da817eb1eff613a2_w720_h450_s67.jpg IP101.33.29.231:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x450, components 3\012- data Hashcb015749a594392f5de368dcb9fe9ea0 c03c4fec1993a67185a5f6f65fdb97fc6c74853f 1e4228375bc3b64dab29923298b37cf2de32ab43078673642cd4550fe0ad6733
GET /user/f12e34626eb511eca06352540025c377/common/c56c46e0cb3f7d57da817eb1eff613a2_w720_h450_s67.jpg HTTP/1.1
Host: pic1.afdiancdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: cb015749a594392f5de368dcb9fe9ea0
server: tencent-ci
content-type: image/jpeg
x-delay: 38077 us
x-info: real data
x-datasrc: 7
size: 47812
x-reqid: MTY2OTIzNDQyNl8wXzM2NjlEREVFQjA3MDRDN0Y4NEVCRjY2RkQ5OTBBREZC
x-rtflag: 1
timing-allow-origin: *
access-control-allow-origin: *
date: Wed, 23 Nov 2022 20:13:46 GMT
accept-ranges: bytes
last-modified: Sun, 17 Apr 2022 15:02:16 GMT
cache-control: max-age=2592000
content-length: 47812
x-nws-log-uuid: 11972402956514419431
x-cache-lookup: Cache Hit, Hit From Inner Cluster
X-Firefox-Spdy: h2
|
|
| ocsp.trust-provider.cn/ | 47.246.44.205 | 200 OK | 600 B |
IP47.246.44.205:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Hash1fe74c1424ab2e932698dddf34dc47ef 26f120d6e02f6fb2ad715f478e270ba98250f7e7 93a0a5787ef19beeedc5d27b56207dbd6e0811a0b66ab29a7bdf555ecee20f13
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 26 Nov 2022 04:11:12 GMT
last-modified: Thu, 24 Nov 2022 18:32:26 GMT
expires: Thu, 01 Dec 2022 18:32:25 GMT
etag: "26f120d6e02f6fb2ad715f478e270ba98250f7e7"
cache-control: max-age=604051,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 76ffc75b2d799131-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1669435872
via: cache8.l2de2[0,0,304-0,H], cache9.l2de2[0,0], cache2.se1[82,82,200-0,H], cache2.se1[84,0], cache2.se1[86,0]
age: 604
x-cache: HIT TCP_REFRESH_HIT dirn:6:410751052
x-swift-savetime: Sat, 26 Nov 2022 04:21:16 GMT
x-swift-cachetime: 1196
timing-allow-origin: *, *
eagleid: 2ff62c9616694364765946533e, 2ff62c9616694364765946533e
|
|
| ocsp.trust-provider.cn/ | 47.246.44.205 | 200 OK | 600 B |
IP47.246.44.205:0 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Hash1fe74c1424ab2e932698dddf34dc47ef 26f120d6e02f6fb2ad715f478e270ba98250f7e7 93a0a5787ef19beeedc5d27b56207dbd6e0811a0b66ab29a7bdf555ecee20f13
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 26 Nov 2022 04:11:12 GMT
last-modified: Thu, 24 Nov 2022 18:32:26 GMT
expires: Thu, 01 Dec 2022 18:32:25 GMT
etag: "26f120d6e02f6fb2ad715f478e270ba98250f7e7"
cache-control: max-age=604051,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 76ffc75b2d799131-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1669435872
via: cache8.l2de2[0,0,304-0,H], cache9.l2de2[0,0], cache2.se1[82,82,200-0,C], cache2.se1[83,0], cache4.se1[85,0]
age: 604
x-cache: HIT TCP_MEM_HIT dirn:6:410751052
x-swift-savetime: Sat, 26 Nov 2022 04:21:16 GMT
x-swift-cachetime: 1196
timing-allow-origin: *, *
eagleid: 2ff62c9816694364765973376e, 2ff62c9816694364765973376e
|
|
| pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/06d7d2f71b1c365e25e120c9bccf7580_w720_h450_s50.jpg | 101.33.29.231 | 200 OK | 36 kB |
URL HTTP/2pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/06d7d2f71b1c365e25e120c9bccf7580_w720_h450_s50.jpg IP101.33.29.231:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x450, components 3\012- data Hashaf71a3518576b652c8c7315a84c9b8e9 2cb544cbee06494d7fae320e2213037bd951e7fd 4839e1de244c95c1cf2b37394783ceed39b9a57f3c0372261b0a1d6682a01dd0
GET /user/f12e34626eb511eca06352540025c377/common/06d7d2f71b1c365e25e120c9bccf7580_w720_h450_s50.jpg HTTP/1.1
Host: pic1.afdiancdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: af71a3518576b652c8c7315a84c9b8e9
server: tencent-ci
content-type: image/jpeg
x-delay: 50628 us
x-info: real data
x-datasrc: 7
size: 36170
x-reqid: MTY2OTM5NzExN18wX0MwNDhBMTJFMkRDNjQwMjlCOTEzRUU0RUJBNjMxQTBG
x-rtflag: 1
timing-allow-origin: *
access-control-allow-origin: *
date: Fri, 25 Nov 2022 17:25:17 GMT
accept-ranges: bytes
last-modified: Sun, 17 Apr 2022 15:01:53 GMT
cache-control: max-age=2592000
content-length: 36170
x-nws-log-uuid: 2415520633126675920
x-cache-lookup: Cache Hit, Hit From Inner Cluster
X-Firefox-Spdy: h2
|
|
| pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/27a9fc7d5dda787a3bbac00e47b75b6d_w720_h450_s74.jpg | 101.33.29.231 | 200 OK | 52 kB |
URL HTTP/2pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/27a9fc7d5dda787a3bbac00e47b75b6d_w720_h450_s74.jpg IP101.33.29.231:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x450, components 3\012- data Hasha6453a73589f15098856b81bee4bef81 791ff5fd39908c8822365631268e13a076a5655a 8fe6081dd642c6c08127a1ee71382fe6cf01e7cf5ed76d925d3ce1d836017244
GET /user/f12e34626eb511eca06352540025c377/common/27a9fc7d5dda787a3bbac00e47b75b6d_w720_h450_s74.jpg HTTP/1.1
Host: pic1.afdiancdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: a6453a73589f15098856b81bee4bef81
server: tencent-ci
content-type: image/jpeg
x-delay: 51399 us
x-info: real data
x-datasrc: 7
size: 52387
x-reqid: MTY2OTI4NDA1OV8wXzg1RTExMUE0Q0EwRTQxQzBCRTdCQ0Y2RDZCMDNFOTc4
x-rtflag: 1
timing-allow-origin: *
access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:52:31 GMT
accept-ranges: bytes
last-modified: Sun, 17 Apr 2022 15:01:29 GMT
cache-control: max-age=2592000
content-length: 52387
x-nws-log-uuid: 13187222735397547164
x-cache-lookup: Cache Hit, Hit From Inner Cluster
X-Firefox-Spdy: h2
|
|
| zerossl.ocsp.sectigo.com/ |  104.18.32.68 | 200 OK | 728 B |
URL HTTP/1.1zerossl.ocsp.sectigo.com/ IP104.18.32.68:0
Hashda2f842f093aa7a298cf6351a39ab0ab 6bdc532679a35c602ca15b589f8c5a6f81e8ad79 5474bed575a1cbf4df4fc563f1141c98ef735cc9cc383365e71607094dd36539
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 04:21:16 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:12:10 GMT
Expires: Fri, 02 Dec 2022 08:12:09 GMT
Etag: "6bdc532679a35c602ca15b589f8c5a6f81e8ad79"
Cache-Control: max-age=531652,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ffd61b2c9cb523-OSL
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash51bf1fb43ddbb69c9e8f67b4a7e2096d 8c8428f73b405635c3d1c19eeb40ac01d835ee9a cba13887860e84d6a758753875a6f4956ba6a8ab7f7a1160953a7167dcb33a29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 04:21:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:21:18 GMT
Expires: Tue, 29 Nov 2022 22:21:17 GMT
Etag: "8c8428f73b405635c3d1c19eeb40ac01d835ee9a"
Cache-Control: max-age=323400,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ffd61b5c7fb4f9-OSL
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash51bf1fb43ddbb69c9e8f67b4a7e2096d 8c8428f73b405635c3d1c19eeb40ac01d835ee9a cba13887860e84d6a758753875a6f4956ba6a8ab7f7a1160953a7167dcb33a29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 04:21:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:21:18 GMT
Expires: Tue, 29 Nov 2022 22:21:17 GMT
Etag: "8c8428f73b405635c3d1c19eeb40ac01d835ee9a"
Cache-Control: max-age=323400,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ffd61b5f0d1c06-OSL
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash51bf1fb43ddbb69c9e8f67b4a7e2096d 8c8428f73b405635c3d1c19eeb40ac01d835ee9a cba13887860e84d6a758753875a6f4956ba6a8ab7f7a1160953a7167dcb33a29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 04:21:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:21:18 GMT
Expires: Tue, 29 Nov 2022 22:21:17 GMT
Etag: "8c8428f73b405635c3d1c19eeb40ac01d835ee9a"
Cache-Control: max-age=323400,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ffd61b8995fab4-OSL
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash51bf1fb43ddbb69c9e8f67b4a7e2096d 8c8428f73b405635c3d1c19eeb40ac01d835ee9a cba13887860e84d6a758753875a6f4956ba6a8ab7f7a1160953a7167dcb33a29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 04:21:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:21:18 GMT
Expires: Tue, 29 Nov 2022 22:21:17 GMT
Etag: "8c8428f73b405635c3d1c19eeb40ac01d835ee9a"
Cache-Control: max-age=323400,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ffd61b8e63b51e-OSL
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash51bf1fb43ddbb69c9e8f67b4a7e2096d 8c8428f73b405635c3d1c19eeb40ac01d835ee9a cba13887860e84d6a758753875a6f4956ba6a8ab7f7a1160953a7167dcb33a29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 04:21:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:21:18 GMT
Expires: Tue, 29 Nov 2022 22:21:17 GMT
Etag: "8c8428f73b405635c3d1c19eeb40ac01d835ee9a"
Cache-Control: max-age=323399,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ffd61c8fdf0b51-OSL
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-1E7KLDCG3P>m=2oeb90&_p=2040255419&cid=847109296.1669436476&ul=en-us&sr=1280x1024&_s=1&sid=1669436475&sct=1&seg=0&dl=https%3A%2F%2Fwww.99isex86.xyz%2Findex.html&dr=https%3A%2F%2F42gjm.xyz%2F&dt=992TV%E5%BF%AB%E6%A8%82%E8%A6%96%E9%A0%BB_%E5%9C%A8%E7%B7%9A%E5%95%AA%E5%95%AA_%E5%85%8D%E8%B2%BB%E7%BE%9E%E7%BE%9E%E8%A6%96%E9%A0%BB-992TV&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-1E7KLDCG3P>m=2oeb90&_p=2040255419&cid=847109296.1669436476&ul=en-us&sr=1280x1024&_s=1&sid=1669436475&sct=1&seg=0&dl=https%3A%2F%2Fwww.99isex86.xyz%2Findex.html&dr=https%3A%2F%2F42gjm.xyz%2F&dt=992TV%E5%BF%AB%E6%A8%82%E8%A6%96%E9%A0%BB_%E5%9C%A8%E7%B7%9A%E5%95%AA%E5%95%AA_%E5%85%8D%E8%B2%BB%E7%BE%9E%E7%BE%9E%E8%A6%96%E9%A0%BB-992TV&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-1E7KLDCG3P>m=2oeb90&_p=2040255419&cid=847109296.1669436476&ul=en-us&sr=1280x1024&_s=1&sid=1669436475&sct=1&seg=0&dl=https%3A%2F%2Fwww.99isex86.xyz%2Findex.html&dr=https%3A%2F%2F42gjm.xyz%2F&dt=992TV%E5%BF%AB%E6%A8%82%E8%A6%96%E9%A0%BB_%E5%9C%A8%E7%B7%9A%E5%95%AA%E5%95%AA_%E5%85%8D%E8%B2%BB%E7%BE%9E%E7%BE%9E%E8%A6%96%E9%A0%BB-992TV&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.99isex86.xyz
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.99isex86.xyz
date: Sat, 26 Nov 2022 04:21:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| tongjisum.com/matomo.php?action_name=992TV%E5%BF%AB%E6%A8%82%E8%A6%96%E9%A0%BB_%E5%9C%A8%E7%B7%9A%E5%95%AA%E5%95%AA_%E5%85%8D%E8%B2%BB%E7%BE%9E%E7%BE%9E%E8%A6%96%E9%A0%BB-992TV&idsite=2&rec=1&r=016568&h=4&m=21&s=16&url=https%3A%2F%2Fwww.99isex86.xyz%2Findex.html&urlref=https%3A%2F%2F42gjm.xyz%2F&_id=d0c7f180475ab0f9&_idn=1&send_image=0&_refts=1669436476&_ref=https%3A%2F%2F42gjm.xyz%2F&cookie=1&res=1280x1024&pv_id=R0McG3&pf_net=518&pf_srv=153&pf_tfr=2&pf_dm1=1031&uadata=%7B%7D | 104.219.215.53 | 204 No Content | 0 B |
URL HTTP/2tongjisum.com/matomo.php?action_name=992TV%E5%BF%AB%E6%A8%82%E8%A6%96%E9%A0%BB_%E5%9C%A8%E7%B7%9A%E5%95%AA%E5%95%AA_%E5%85%8D%E8%B2%BB%E7%BE%9E%E7%BE%9E%E8%A6%96%E9%A0%BB-992TV&idsite=2&rec=1&r=016568&h=4&m=21&s=16&url=https%3A%2F%2Fwww.99isex86.xyz%2Findex.html&urlref=https%3A%2F%2F42gjm.xyz%2F&_id=d0c7f180475ab0f9&_idn=1&send_image=0&_refts=1669436476&_ref=https%3A%2F%2F42gjm.xyz%2F&cookie=1&res=1280x1024&pv_id=R0McG3&pf_net=518&pf_srv=153&pf_tfr=2&pf_dm1=1031&uadata=%7B%7D IP104.219.215.53:0 ASN#398823 PEGTECHINC-AP-02
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=992TV%E5%BF%AB%E6%A8%82%E8%A6%96%E9%A0%BB_%E5%9C%A8%E7%B7%9A%E5%95%AA%E5%95%AA_%E5%85%8D%E8%B2%BB%E7%BE%9E%E7%BE%9E%E8%A6%96%E9%A0%BB-992TV&idsite=2&rec=1&r=016568&h=4&m=21&s=16&url=https%3A%2F%2Fwww.99isex86.xyz%2Findex.html&urlref=https%3A%2F%2F42gjm.xyz%2F&_id=d0c7f180475ab0f9&_idn=1&send_image=0&_refts=1669436476&_ref=https%3A%2F%2F42gjm.xyz%2F&cookie=1&res=1280x1024&pv_id=R0McG3&pf_net=518&pf_srv=153&pf_tfr=2&pf_dm1=1031&uadata=%7B%7D HTTP/1.1
Host: tongjisum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://www.99isex86.xyz
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 04:21:17 GMT
x-powered-by: PHP/8.1.12
content-encoding: none
access-control-allow-origin: https://www.99isex86.xyz
access-control-allow-credentials: true
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| p0.meituan.net/csc/37e16cff8291d86688685ede653a4f1051736.jpg | 211.152.136.42 | 200 OK | 37 kB |
URL HTTP/2p0.meituan.net/csc/37e16cff8291d86688685ede653a4f1051736.jpg IP211.152.136.42:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 720x450, components 3\012- data Hashaca5445375f9ca96046ae1d342036de0 23a3830f0d86d3dc0faf2bc3e70de11db0aa4fda 16bdf00cfbf23b0dc43f3ffa311fd2bf0c1cc07dc54e1bfc1b1979a627c33b45
GET /csc/37e16cff8291d86688685ede653a4f1051736.jpg HTTP/1.1
Host: p0.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 13 Jan 2023 12:54:32 GMT
server: openresty
date: Thu, 24 Nov 2022 06:55:40 GMT
content-type: image/jpeg
m-traceid: 3n2f74k4ctogpxpdxn1b
age: 842468
timing-allow-origin: *
cache-control: max-age=5184000
content-length: 37222
accept-ranges: bytes
x-nws-log-uuid: 6550480986659303406
x-cache-lookup: Cache Hit
access-control-allow-origin: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/index.html | 23.225.30.43 | 200 OK | 60 kB |
URL HTTP/2www.99isex86.xyz/index.html IP23.225.30.43:0
Hashf68ded4edf5af885d6d9a369a72b9c7d beaed964d0e807208854fbb4f98f90529be6a93f 19699bd4d18413cf7c18c2c560c61f4d6675a1cc5e67fdb13721131fc0ee8b13
GET /index.html HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: text/html
last-modified: Fri, 25 Nov 2022 16:05:03 GMT
vary: Accept-Encoding
etag: W/"6380e7af-9ac7"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/892.mp4.gif.jpg | 23.225.30.131 | 200 OK | 22 kB |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/892.mp4.gif.jpg IP23.225.30.131:0
Hashcc1addae75fd15c1e66a2cccbb680c46 b3d279c5401b83b75e6610aeef83f2f4ffdf26d5 85c6f0930f600134e3bf9f74f4fa4bb54196e627839454bab4088a33fab2b912
GET /Uploads/vod/2022-11-26/892.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Mon, 08 Aug 2022 04:14:43 GMT
vary: Accept-Encoding
etag: W/"62f08db3-555b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/game/jc_01-h5-10.png?2 | 23.225.30.131 | 200 OK | 41 kB |
URL HTTP/2992i2230.com/game/jc_01-h5-10.png?2 IP23.225.30.131:0
Hashdd5ca0e3509f37c1105b9f52b4ce7a8d c010663c1081d789846fc863466e6eae5233afac e1001a0aa37d169c712633f0351d2960ff44d6db4c585342eefd15182bf81001
GET /game/jc_01-h5-10.png?2 HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/png
last-modified: Mon, 29 Jun 2020 15:27:13 GMT
vary: Accept-Encoding
etag: W/"5efa0851-8e63"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/game/jc_01-h5-11.png?2 | 23.225.30.131 | 200 OK | 49 kB |
URL HTTP/2992i2230.com/game/jc_01-h5-11.png?2 IP23.225.30.131:0
Hashf04cd19f80f68c449edf3ecbd72a7762 30184369911ac32cd46dc86718cf32e3b5578a10 83592a48018b405fe170910ff0a9662e680df454985a09dc33e446832d8c5c35
GET /game/jc_01-h5-11.png?2 HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/png
last-modified: Mon, 29 Jun 2020 15:27:17 GMT
vary: Accept-Encoding
etag: W/"5efa0855-ae3c"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/901.mp4.gif.jpg | 23.225.30.131 | 200 OK | 20 kB |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/901.mp4.gif.jpg IP23.225.30.131:0
Hash5a31438019ddeb9332dc16652020953f 0e08528728ad1ab71f5009b03827732255325b9c ab00c4c76ae612aa6450beacdb0e61d689a055f13059edbd5ee3a49e0066af35
GET /Uploads/vod/2022-11-26/901.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Mon, 08 Aug 2022 04:14:43 GMT
vary: Accept-Encoding
etag: W/"62f08db3-4c79"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/Tpl/x1/logo-l.png | 23.225.30.43 | 200 OK | 0 B |
URL HTTP/2www.99isex86.xyz/Tpl/x1/logo-l.png IP23.225.30.43:0
GET /Tpl/x1/logo-l.png HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/Tpl/x1/1e3.css?v=9
Cookie: guid=0fab3f67208c80f4ae0e2a9847c2684f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:16 GMT
content-type: image/png
last-modified: Fri, 28 Oct 2022 04:49:09 GMT
vary: Accept-Encoding
etag: W/"635b5f45-10c9"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/Tpl/x1/logo-s.png | 23.225.30.43 | 200 OK | 0 B |
URL HTTP/2www.99isex86.xyz/Tpl/x1/logo-s.png IP23.225.30.43:0
GET /Tpl/x1/logo-s.png HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: image/png
last-modified: Fri, 28 Oct 2022 04:49:09 GMT
vary: Accept-Encoding
etag: W/"635b5f45-130e"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/game/jc-02-h5-1.png?2 | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/game/jc-02-h5-1.png?2 IP23.225.30.131:0
GET /game/jc-02-h5-1.png?2 HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/png
last-modified: Mon, 29 Jun 2020 15:27:06 GMT
vary: Accept-Encoding
etag: W/"5efa084a-417e"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-10-10/301.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-10-10/301.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-10-10/301.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Mon, 10 Oct 2022 06:59:59 GMT
vary: Accept-Encoding
etag: W/"6343c2ef-83b4"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/1121.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/1121.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/1121.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:35 GMT
vary: Accept-Encoding
etag: W/"616eb84f-3e62"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-25/1002.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-25/1002.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-25/1002.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:39 GMT
vary: Accept-Encoding
etag: W/"616eb853-4b33"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/analysis.min.js | 23.224.105.228 | 200 OK | 0 B |
URL HTTP/242gjm.xyz/js/analysis.min.js IP23.224.105.228:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/analysis.min.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
last-modified: Fri, 28 Oct 2022 04:43:05 GMT
vary: Accept-Encoding
etag: W/"635b5dd9-1259"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/getIp.php | 23.224.105.228 | 200 OK | 0 B |
IP23.224.105.228:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /getIp.php HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.0.33
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/images/iphone.png | 23.225.30.43 | 200 OK | 0 B |
URL HTTP/2www.99isex86.xyz/images/iphone.png IP23.225.30.43:0
GET /images/iphone.png HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Cookie: guid=0fab3f67208c80f4ae0e2a9847c2684f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:16 GMT
content-type: image/png
last-modified: Fri, 28 Oct 2022 04:49:19 GMT
vary: Accept-Encoding
etag: W/"635b5f4f-7e4d"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/game/jc_01-h5-9.png?2 | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/game/jc_01-h5-9.png?2 IP23.225.30.131:0
GET /game/jc_01-h5-9.png?2 HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/png
last-modified: Mon, 29 Jun 2020 15:27:31 GMT
vary: Accept-Encoding
etag: W/"5efa0863-a6ff"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/1131.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/1131.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/1131.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:35 GMT
vary: Accept-Encoding
etag: W/"616eb84f-5109"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/getIp.php | 23.225.30.43 | 200 OK | 0 B |
URL HTTP/2www.99isex86.xyz/getIp.php IP23.225.30.43:0
GET /getIp.php HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.0.33
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/images/live_weixin.png | 23.225.30.43 | 200 OK | 0 B |
URL HTTP/2www.99isex86.xyz/images/live_weixin.png IP23.225.30.43:0
GET /images/live_weixin.png HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Cookie: guid=0fab3f67208c80f4ae0e2a9847c2684f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:16 GMT
content-type: image/png
last-modified: Fri, 28 Oct 2022 04:49:19 GMT
vary: Accept-Encoding
etag: W/"635b5f4f-8203"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/Tpl/x1/cat.png | 23.225.30.43 | 200 OK | 0 B |
URL HTTP/2www.99isex86.xyz/Tpl/x1/cat.png IP23.225.30.43:0
GET /Tpl/x1/cat.png HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: image/png
last-modified: Fri, 28 Oct 2022 04:49:09 GMT
vary: Accept-Encoding
etag: W/"635b5f45-3a90"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-10-27/303.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-10-27/303.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-10-27/303.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Wed, 26 Oct 2022 15:59:14 GMT
vary: Accept-Encoding
etag: W/"63595952-84f2"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/1001.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/1001.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/1001.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:33 GMT
vary: Accept-Encoding
etag: W/"616eb84d-4b31"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/game/jc-02-h5-2.png?2 | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/game/jc-02-h5-2.png?2 IP23.225.30.131:0
GET /game/jc-02-h5-2.png?2 HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/png
last-modified: Mon, 29 Jun 2020 15:27:10 GMT
vary: Accept-Encoding
etag: W/"5efa084e-476e"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/menu.js | 23.224.105.228 | 200 OK | 0 B |
IP23.224.105.228:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/menu.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 11:55:03 GMT
vary: Accept-Encoding
etag: W/"6380ad17-2219"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/game/jc_01-h5-8.png?2 | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/game/jc_01-h5-8.png?2 IP23.225.30.131:0
GET /game/jc_01-h5-8.png?2 HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/png
last-modified: Mon, 29 Jun 2020 15:27:28 GMT
vary: Accept-Encoding
etag: W/"5efa0860-7b6e"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/1002.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/1002.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/1002.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:34 GMT
vary: Accept-Encoding
etag: W/"616eb84e-3ed4"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/game/jc_01-h5-13.png?2 | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/game/jc_01-h5-13.png?2 IP23.225.30.131:0
GET /game/jc_01-h5-13.png?2 HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/png
last-modified: Mon, 29 Jun 2020 15:27:24 GMT
vary: Accept-Encoding
etag: W/"5efa085c-98f4"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/jquery.js | 23.224.105.228 | 200 OK | 0 B |
IP23.224.105.228:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/jquery.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
last-modified: Fri, 28 Oct 2022 04:43:05 GMT
vary: Accept-Encoding
etag: W/"635b5dd9-1560"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/891.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/891.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/891.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Mon, 08 Aug 2022 04:14:43 GMT
vary: Accept-Encoding
etag: W/"62f08db3-486b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-25/912.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-25/912.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-25/912.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:43 GMT
vary: Accept-Encoding
etag: W/"616eb857-4a91"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/game/jc_01-h5-12.png?2 | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/game/jc_01-h5-12.png?2 IP23.225.30.131:0
GET /game/jc_01-h5-12.png?2 HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/png
last-modified: Mon, 29 Jun 2020 15:27:21 GMT
vary: Accept-Encoding
etag: W/"5efa0859-a791"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/Tpl/x1/1e3.css?v=9 | 23.224.105.228 | 200 OK | 0 B |
URL HTTP/242gjm.xyz/Tpl/x1/1e3.css?v=9 IP23.224.105.228:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /Tpl/x1/1e3.css?v=9 HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 04:43:06 GMT
vary: Accept-Encoding
etag: W/"635b5dda-1b5c5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/1141.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/1141.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/1141.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:36 GMT
vary: Accept-Encoding
etag: W/"616eb850-4ac0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/mexq | 23.224.105.228 | 200 OK | 0 B |
IP23.224.105.228:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /mexq HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:13 GMT
content-type: text/html
last-modified: Fri, 25 Nov 2022 16:05:03 GMT
vary: Accept-Encoding
etag: W/"6380e7af-9ac7"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/911.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/911.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/911.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:37 GMT
vary: Accept-Encoding
etag: W/"616eb851-3ec9"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/pop_layer.js | 23.224.105.228 | 200 OK | 0 B |
URL HTTP/242gjm.xyz/js/pop_layer.js IP23.224.105.228:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/pop_layer.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 11:55:03 GMT
vary: Accept-Encoding
etag: W/"6380ad17-2bbc"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-08/304.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-08/304.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-08/304.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 08 Nov 2022 10:08:03 GMT
vary: Accept-Encoding
etag: W/"636a2a83-82fa"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/912.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/912.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/912.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:38 GMT
vary: Accept-Encoding
etag: W/"616eb852-3525"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/1111.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/1111.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/1111.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Tue, 19 Oct 2021 12:21:35 GMT
vary: Accept-Encoding
etag: W/"616eb84f-4585"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 42gjm.xyz/js/shangshan_dasiqq315.js | 23.224.105.228 | 200 OK | 0 B |
URL HTTP/242gjm.xyz/js/shangshan_dasiqq315.js IP23.224.105.228:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /js/shangshan_dasiqq315.js HTTP/1.1
Host: 42gjm.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42gjm.xyz/mexq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:14 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 11:55:03 GMT
vary: Accept-Encoding
etag: W/"6380ad17-3b23"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tongjisum.com/matomo.js | 104.219.215.53 | 200 OK | 0 B |
IP104.219.215.53:0 ASN#398823 PEGTECHINC-AP-02
GET /matomo.js HTTP/1.1
Host: tongjisum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:16 GMT
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 00:11:55 GMT
vary: Accept-Encoding
etag: W/"6351e3cb-10132"
expires: Sat, 26 Nov 2022 05:21:16 GMT
pragma: public
cache-control: max-age=3600, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-11-26/893.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-11-26/893.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-11-26/893.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Mon, 08 Aug 2022 04:14:43 GMT
vary: Accept-Encoding
etag: W/"62f08db3-4989"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.99isex86.xyz/Tpl/x1/1e3.css?v=9 | 23.225.30.43 | 200 OK | 0 B |
URL HTTP/2www.99isex86.xyz/Tpl/x1/1e3.css?v=9 IP23.225.30.43:0
GET /Tpl/x1/1e3.css?v=9 HTTP/1.1
Host: www.99isex86.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:21:15 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 04:49:09 GMT
vary: Accept-Encoding
etag: W/"635b5f45-1b5c5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 992i2230.com/Uploads/vod/2022-10-27/302.mp4.gif.jpg | 23.225.30.131 | 200 OK | 0 B |
URL HTTP/2992i2230.com/Uploads/vod/2022-10-27/302.mp4.gif.jpg IP23.225.30.131:0
GET /Uploads/vod/2022-10-27/302.mp4.gif.jpg HTTP/1.1
Host: 992i2230.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99isex86.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:19:30 GMT
content-type: image/jpeg
last-modified: Wed, 26 Oct 2022 15:58:36 GMT
vary: Accept-Encoding
etag: W/"6359592c-97c7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|