urlquery - report: dxoo66.xyz/

Overview

URL	dxoo66.xyz/
IP	23.224.110.70
ASN	CNSERVERS
Location	United States
Report completed	2022-06-26 04:23:59 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-26	2	dxoo66.xyz/	Malware
2022-06-26	2	dxoo66.xyz/Tpl/cl/facai/js/to9.js?1	Malware
2022-06-26	2	dxoo66.xyz/Tpl/cl/facai/js/def.js?711	Malware
2022-06-26	2	dxoo66.xyz/Tpl/cl/facai/js/fun.js?1	Malware
2022-06-26	2	dxoo66.xyz/Tpl/cl/facai/js/mobile.js?1	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Added / Verified	Severity	Host	Comment
2022-06-26	2	dxca3sx9.buzz	Sinkholed
2022-06-26	2	dxca3sx9.buzz	Sinkholed
2022-06-26	2	dxca3sx9.buzz	Sinkholed
2022-06-26	2	dxca3sx9.buzz	Sinkholed
2022-06-26	2	dxca3sx9.buzz	Sinkholed
2022-06-26	2	dxca3sx9.buzz	Sinkholed
2022-06-26	2	dxca3sx9.buzz	Sinkholed
2022-06-26	2	dxca3sx9.buzz	Sinkholed

Files

No files detected

Passive DNS (14)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-25 05:08:04 UTC	35.160.82.219
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-25 10:33:58 UTC	34.120.237.76
[Mnemonic Passive DNS]	ocsp.globalsign.com (2)	2075	2012-05-25 06:20:55 UTC	2022-06-25 05:03:05 UTC	104.18.21.226
[Mnemonic Passive DNS]	mc.yandex.ru (3)	2672	2017-01-29 05:34:36 UTC	2022-06-25 21:17:28 UTC	77.88.21.119
[Mnemonic Passive DNS]	dxoo66.xyz (10)	0	No data	No data	23.224.110.70	Unknown ranking
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-06-25 20:40:55 UTC	93.184.220.29
[Mnemonic Passive DNS]	ocsp.dcocsp.cn (6)	33518	2018-11-07 13:15:36 UTC	2022-06-25 20:28:09 UTC	47.246.44.225
[Mnemonic Passive DNS]	dxca3sx9.buzz (8)	0	No data	No data	23.224.110.71	Unknown ranking
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.7
[Mnemonic Passive DNS]	r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-06-25 05:00:24 UTC	23.36.76.226
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-25 05:05:57 UTC	54.230.111.64
[Mnemonic Passive DNS]	cdn.staticfile.org (3)	46426	2013-08-23 08:51:19 UTC	2022-06-26 01:18:18 UTC	47.246.44.211
[Mnemonic Passive DNS]	hm.baidu.com (1)	8254	2017-01-30 05:28:59 UTC	2022-06-25 13:47:20 UTC	103.235.46.191

Recent reports on same IP/ASN/Domain

No other reports on IP: 23.224.110.70

Last 10 reports on ASN: CNSERVERS

Date	UQ / IDS / BL	URL	IP
2022-08-19 22:14:13 +0000	0 - 0 - 1	x483659.com/	154.84.5.165
2022-08-19 21:19:42 +0000	0 - 0 - 1	x483659.com/	154.84.5.164
2022-08-19 12:36:51 +0000	0 - 0 - 1	xdxym.xyz/	198.16.51.13
2022-08-18 18:42:53 +0000	0 - 0 - 2	htc888.com/	162.209.204.155
2022-08-18 05:23:24 +0000	0 - 0 - 3	35mw.cc/	38.143.11.102
2022-08-18 01:34:57 +0000	0 - 0 - 2	tronchain.top/	154.88.7.27
2022-08-17 18:06:42 +0000	0 - 0 - 2	wjjpmzbuhs1802.top/	172.247.175.2
2022-08-16 17:56:41 +0000	0 - 0 - 1	libiaode.com/	23.224.201.198
2022-08-16 03:58:07 +0000	0 - 0 - 2	visit.bbbmwe.com/Admin/UrlCallbacks/commonLin (...)	185.186.146.32
2022-08-15 15:05:24 +0000	0 - 0 - 3	78m302ad.buzz/	23.224.173.139

No other reports on domain: dxoo66.xyz

JavaScript

Executed Scripts (19)

Executed Evals (10)

#1 JavaScript::Eval (size: 911, repeated: 1) - SHA256: 7179c568dd107256ca7569279673054fb6114a477872e25c7b50bf42fc34d166

                                        var t_urls = ["dxo0u49u.buzz", "dxsf2zj6.buzz", "dxdh0m5t.buzz", "dx72ecpd.buzz", "dxwjvxzg.buzz", "dxqfp5mh.buzz", "dxpswvpc.buzz", "dx5safkb.buzz", "dx7agnbx.buzz", "dxerjw2f.buzz", "dx65ko9o.buzz", "dx4rnofv.buzz", "dx6jv2on.buzz", "dx4v3465.buzz", "dxgt5tc9.buzz", "dxeagnab.buzz", "dxx17p3k.buzz", "dxbpzjl8.buzz", "dxokt0zx.buzz", "dxzojlme.buzz", "dxvljgvj.buzz", "dx8juj2h.buzz", "dx69y6p3.buzz", "dxvupghw.buzz", "dxn0049t.buzz", "dxegeohm.buzz", "dx087ji7.buzz", "dxsn3c7n.buzz", "dxn2w5fo.buzz", "dxca3sx9.buzz", "dxzer6g9.buzz", "dx97hsh5.buzz", "dx2qb8vv.buzz", "dxogui0y.buzz", "dxbrnb8t.buzz", "dxyngmhh.buzz", "dx04xjfl.buzz", "dxvtir76.buzz"];
var t_from = new Date(2022, 5, 11, 15).getTime();
var t_seed = 2;
var t_days = Math.floor(((new Date().getTime() - t_from) * t_seed) / 86400000);
var c_url = t_urls[t_days];
if (c_url == undefined) c_url = t_urls[t_urls.length - 1];
if (window.location.host.toLowerCase().indexOf(c_url) < 0) {
    location.href = "https://" + c_url
}

#2 JavaScript::Eval (size: 7, repeated: 1) - SHA256: 34b3ae893e4c1f4f28be69992357bffa00b34e46c4124b4d4120aa16ddd1e401

                                        qy = eval

#3 JavaScript::Eval (size: 62, repeated: 1) - SHA256: 57486df7568344dd156563d9e56653e19de8ad9bba93d1ad9491ee671dd0cd80

                                        for (af = 4;; af++) {
    if (af > 54) break;
    ee[af] = (ee[af] - ee[af + 1]) & 0xff;
}

#4 JavaScript::Eval (size: 15, repeated: 1) - SHA256: b3f2a921482ab5cc87719b307127016c664b38d3eff973364823a07d861fe8bf

                                        af = eval;
af(fe);

#5 JavaScript::Eval (size: 55, repeated: 1) - SHA256: d3e8a896d76ccd7ae42f55be6e287d8c25acd9e9e4383d132f9002bc785ea096

                                        qy = 4;
while (qy <= 49) {
    oy[qy] = (oy[qy] - oy[qy + 1]) & 0xff;
    qy++;
}

#6 JavaScript::Eval (size: 63, repeated: 1) - SHA256: 0b251b10f26daeb3e8aea46818ebf4c4a4a8a8c395379af0489fa0f3f7ec136d

                                        af = 55;
for (;; af--) {
    if (af < 2) break;
    ee[af] = (ee[af] - ee[af - 1]) & 0xff;
}

#7 JavaScript::Eval (size: 49, repeated: 1) - SHA256: d5e89de17f8f7716b9c41fda04c4da24365c2dadd4545c250feb476bfbf01c03

                                        window.open(ce + "qxc=5k6po2&cazytg=mk" + de, "_self")

#8 JavaScript::Eval (size: 62, repeated: 1) - SHA256: eac0ae1fed9b4ec21ad1f971d2dd36714bc3f3b2fa46363599ff5d59d9a38d77

                                        qy = 4;
for (; qy <= 51; qy++) {
    oy[qy] = (-(((-oy[qy]) & 0xff) ^ 128)) & 0xff;
}

#9 JavaScript::Eval (size: 44, repeated: 1) - SHA256: 37e02068f8515c9df535608c283989a8e96f6b7d559284b8e409878fa6654321

                                        window.open(my + "/?tknqxc=5k6po2" + ny, "_self")

#10 JavaScript::Eval (size: 383, repeated: 1) - SHA256: 84a5b719881496539928e5977eb6b57de871343681bfc45dbc9b6b1c4621c059

                                        var isVivo = /(VivoBrowser)/i.test(navigator.userAgent);
if (isVivo) {
    var clkForVivo = function(b, a) {
            $(b).each(function(c) {
                $(this).click(function(d) {
                    location.href = a[c]
                });
                a.push($(this).attr("href"));
                $(this).attr("href", "#")
            })
        },
        top_hrefs = [],
        tag_hrefs = [],
        swiper_hrefs = [];
    clkForVivo($(".nav a"), top_hrefs);
    clkForVivo($(".rm_bq a"), tag_hrefs);
    clkForVivo($(".swiper_container a"), swiper_hrefs)
};

Executed Writes (9)

#1 JavaScript::Write (size: 848, repeated: 1) - SHA256: 357dcab4240676a1368f36495ca92353828a22174590806eb1487dbad4e87647

                                        < div class = "container x_ban banner_1" >
    < div align = "center" >
    < a href = "https://39409988.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/1191.gif" > < /a><br/ >
    < a href = "https://39273746.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/8.8.7892.gif" > < /a><br/ >
    < a href = "https://52887542.com/?channelCode=dx1"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/4.6.1.gif" > < /a><br/ >
    < a href = "https://42454706.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/aloigjh.gif" > < /a><br/ >
    < a href = "https://39337252.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/dx9.8/4.gif" > < /a> < /div> < /div>

#2 JavaScript::Write (size: 255, repeated: 1) - SHA256: e83a58ea80d1a9e1374c6fba45f15acd878a1ff68c15b8390abbaa7c1b63416d

                                        < a href = "/h/1" > 'F</a>| <a href="/h/2">�</a>| <a href="/h/3">	</a>| <a href="/h/4">-W</a>| <a href="/h/5">	�</a>|<a href="/h/5">'� < /a>|<a href="/h / 5 ">�+</a>|<a href=" / n / 130 ">�G</a>|<a href=" / n / 131 ">�</a>|<a href=" / ">T��dxdz@mail.com</a>

#3 JavaScript::Write (size: 151, repeated: 1) - SHA256: ed5aadbcf18f01276ca48e0c7b25d220e171e89875456bb2f80df3722019f671

                                        < div id = "iphone-tip"
class = "favortip" > < p > < img src = "/images/iphone.png"
style = 'width: 100%;' / > < span class = "close"
class = "close" > X s� < /span></p > < /div>

#4 JavaScript::Write (size: 299, repeated: 1) - SHA256: b4603c4fbcb48ffca768542c0340f9eb179fb63506d27d30842d4268734f4f11

                                        < ul > < li > < a href = "/h/1" > ���� < /a></li > < li > < a href = "/h/2" > �Ƒ < /a></li > < li > < a href = "/h/3" > Ƒ < /a></li > < li > < a href = "/h/4" > -�WU < /a></li > < li > < a href = "/h/5" > ��� < /a></li > < li > < a href = "/h/6" > '���</a></li><li><a href="/h/7">�,�+</a></li><li><a href="/n/130">�s�G</a></li></ul>

#5 JavaScript::Write (size: 455, repeated: 1) - SHA256: 7ea4425966fe5f1e54540f167a11f61e1f81b4a06ef2189bfb50f8330722c55d

                                        < ul > < li > < a href = "https://mgn3xnk3.buzz/"
target = "_blank" > �Ƒ < /a></li >
    < li > < a href = 'https://60152251.com/?channelCode=dx5'
target = "_blank"
onclick = "ym(85791916,'reachGoal','aclk')"
style = 'color:red' > �sr� < /a></li >
    < li > < a href = 'https://39401761.com:9999'
target = "_blank"
onclick = "ym(85791916,'reachGoal','aclk')" > 'w�</a></li> < li > < a href = 'https://39401761.com:9999'
target = "_blank"
onclick = "ym(85791916,'reachGoal','aclk')" > ��i� < /a></li > < /ul>

#6 JavaScript::Write (size: 213, repeated: 1) - SHA256: 7d3a66990c277526e627aef91e4a4d03197105f3750b4d8cd2a54cf07243f621

                                        ~�0@����� dxdz@ mail.com < br / > < a href = "http://dxdz22.club"
style = "color:#0f7884;animation: neon1 1s ease-in-out infinite alternate;"
target = "_blank" > , ��8� b���Ź��� 6�, ��u < /a>

#7 JavaScript::Write (size: 693, repeated: 1) - SHA256: fa0f02dfbb31d559f7b4c2094df6eff7f94632ed33fcf83027d67fbdbdca80d0

                                        < div class = "container x_ban banner_1" >
    < div align = "center" >
    < a href = "https://39409988.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/1191.gif" > < /a><br/ >
    < a href = "https://52887542.com/?channelCode=dx1"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/4.6.1.gif" > < /a><br/ >
    < a href = "https://42524014.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/aloigjh.gif" > < /a><br/ >
    < a href = "https://39273746.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/8.8.7892.gif" > < /a> < /div> < /div>

#8 JavaScript::Write (size: 846, repeated: 1) - SHA256: 52fbea36aa0b30e0c189b24f99cf7f437902bc3bc10f51f6ac43834f100c6319

                                        < div class = "container x_ban banner_1" >
    < div align = "center" >
    < a href = "https://39337252.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/dx9.8/4.gif" > < /a><br/ >
    < a href = "https://52887542.com/?channelCode=dx1"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/4.6.1.gif" > < /a><br/ >
    < a href = "https://42856383.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/aklufht.gif" > < /a><br/ >
    < a href = "https://39273746.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/8.8.7892.gif" > < /a><br/ >
    < a href = "https://39409988.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/1191.gif" > < /a> < /div> < /div>

#9 JavaScript::Write (size: 153, repeated: 1) - SHA256: c10922d153773660a8f869b54b75e2717d7eb43663876b3bb5f729bb5fccc217

                                        < div id = "android-tip"
class = "favortip" > < p > < img src = "/images/android.png"
style = 'width: 100%;' / > < span class = "close"
class = "close" > X s� < /span></p > < /div>

HTTP Transactions (51)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sun, 26 Jun 2022 03:45:57 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: xm9oSNq_L8Y2My7hj4SsiSt016mljEwZ2dPwDRvSP0k5pJtVw67hHw== Age: 2266 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B2CEB864B9C1A231269357C6D1FFC192D76116996A5363EE4A1B4B149AAD447A" Last-Modified: Fri, 24 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2444 Expires: Sun, 26 Jun 2022 05:04:28 GMT Date: Sun, 26 Jun 2022 04:23:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4ee093bb327d344f08701694f6ff84ac Sha1: 15f704888f8f44953533a26728aca3f09e91aa95 Sha256: b2ceb864b9c1a231269357c6d1ffc192d76116996a5363ee4a1b4b149aad447a
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.64 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sun, 26 Jun 2022 02:10:54 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: fu87SZ1GpSCniXzyWCmCmbSWbInKhhL_ZEwz3UMTEMfRm0VwV-k6aQ== age: 7971 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET / HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document, ASCII text, with very long lines (842), with no line terminators Size: 842 Md5: 38d873a5fa22007468791dfef886e344$ 23.224.110.70 HTTP/1.1 200 OK Content-Type: text/html Content-Length: 842 Pragma: no-cache Cache-control: no-store --- Additional Info --- Magic: HTML document text\012- HTML document, ASCII text, with very long lines (842), with no line terminators Size: 842 Md5: 38d873a5fa22007468791dfef886e344 Sha1: 248cd4985a2cd8103789d8b0f126408820953621 Sha256: fe286450abaea84e1ec06e67cd90a3788fdbfb282e9779c4e7644f1980daaf99 Alerts: Blocklists: - fortinet: Malware
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:44 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sun, 26 Jun 2022 04:04:35 GMT Cache-Control: max-age=3600 Expires: Sun, 26 Jun 2022 04:13:50 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 1kI0dyT1SAxC6yMVG5Q7DqaYGDfdu9G4zrwyWTDOLpddpDdOLP97Mg== Age: 3114 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /favicon.ico HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/	$Magic: HTML document text\012- HTML document, ASCII text, with very long lines (899), with no line terminators Size: 899 Md5: ef359d3b2273955625935f878c6cb951$ 23.224.110.70 HTTP/1.1 307 Temporary Redirect Location: /favicon.ico Connection: Close --- Additional Info --- Magic: HTML document text\012- HTML document, ASCII text, with very long lines (899), with no line terminators Size: 899 Md5: ef359d3b2273955625935f878c6cb951 Sha1: f48a4ee4c0ece5464476f9386d29edd88de6d259 Sha256: 8b9117c5cd1078993b76761237be20856fae19ddc69eb2ddb84dc0d73c21ee2b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2758 Cache-Control: 'max-age=158059' Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Sun, 26 Jun 2022 03:37:47 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 3aef152b0353f2b1c3e6aa96c195ef89 Sha1: 9f1ea9ad1eca82ea1263a49e272e017197b3bca0 Sha256: 030af5d0fa2cdf50202fcd3d7d3afab1843178619a219286794b35944e5a9e92
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 7+V13gcn/UO/Xke6zL1uFw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	35.160.82.219 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kRQEVxveHcNmVL8HPbzePZVY6zM= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2	$Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 00b733d44ba3a3c1881908bba41bc2eb$ 23.224.110.70 HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Content-Length: 4286 Last-Modified: Tue, 30 Mar 2021 06:21:43 GMT Connection: keep-alive ETag: "6062c377-10be" Strict-Transport-Security: max-age=31536000 Accept-Ranges: bytes --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 00b733d44ba3a3c1881908bba41bc2eb Sha1: 8a136fb04c86656211fe80137711ac68d605725b Sha256: 4cd2c8b3ba5fe32e8fb256f7a5c71df5ca0ccd8cda698d6251a921cad89a3d99
GET /?tknqxc=5k6po2&cazytg=mklcd3 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2 Upgrade-Insecure-Requests: 1	$Magic: gzip compressed data, from Unix\012- data Size: 3500 Md5: d99ec1c5b2ea7566419251471cf74179$ 23.224.110.70 HTTP/1.1 307 Temporary Redirect Location: /?tknqxc=5k6po2&cazytg=mklcd3 Connection: Close --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 3500 Md5: d99ec1c5b2ea7566419251471cf74179 Sha1: ea21c566da5560c1af63782b68ecac684673b59f Sha256: c953c8bed137d70138858f61762b7a26c3a46861e211333181a5cb5863423d07
GET /Tpl/cl/facai/css/style.css HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Thu, 24 Jun 2021 09:40:02 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"60d452f2-3af4" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (15092), with no line terminators Size: 3586 Md5: 6e59efbd5dcc039313b6aceded0616f8 Sha1: 7307e22c851f2678d13ba08119c3f7adae8b930b Sha256: 0c577bb8613f67dd6175b871c2a45f7c1dde20b63a7e172c59ca89f423226b76
GET /Tpl/cl/facai/css/global.css HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Wed, 02 Jun 2021 09:00:02 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"60b74892-21d5" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (8661), with no line terminators Size: 2624 Md5: 6c640a831d1e4cbfda1d5293ab31a070 Sha1: 363459b92ec06f27beb4ea4ee76ce38f4c7be2b2 Sha256: 412c6d1e0c18bdfc6bf87bd7ca6a2172eb469c856a83a1705455680a55e17a2c
GET /Tpl/cl/facai/js/to9.js?1 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Thu, 23 Jun 2022 15:00:01 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"62b47ff1-4be" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (1214), with no line terminators Size: 780 Md5: d6ccef32b8594b965337cb67ed07de9e Sha1: 5943f4cd05eff26b2f9f873527be9b6e10de28c3 Sha256: 873a4c633cd8af4b485d563892b07bfe110fc935d819c1e130141616d11bc4ff Alerts: Blocklists: - fortinet: Malware
GET /Tpl/cl/facai/js/def.js?711 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Sat, 25 Jun 2022 09:20:01 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"62b6d341-194a" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 text, with CRLF line terminators Size: 2012 Md5: ca6dfeaadbf4dba4b139ba5b80cc4c95 Sha1: 789ee19f3ce5348d8afc6062997614acb8cff3f4 Sha256: 99e4b9d9822707754cb4ac49ccd89986b4a7c428643d78faad1040d208ed2976 Alerts: Blocklists: - fortinet: Malware
GET /Tpl/cl/facai/js/fun.js?1 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Sat, 25 Jun 2022 09:20:01 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"62b6d341-11eb" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (630), with CRLF line terminators Size: 2062 Md5: 4148ecce1372ca6d00d124e6d72ff1ef Sha1: 1666bebcf753a7f6ce11b05885e7608260ae1f80 Sha256: 749a8363c85e97e56e9fbd23d3c35f025becd08be8b4b95c447060c801cfea6a Alerts: Blocklists: - fortinet: Malware
GET /Tpl/cl/facai/js/mobile.js?1 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Wed, 21 Apr 2021 08:20:01 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"607fe031-875" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: Unicode text, UTF-8 text, with CRLF line terminators Size: 846 Md5: 0f9c281973ae4dae89499230914fe9e9 Sha1: fe5d3e146726c064d14f3ba6d2a979c14bf0ac58 Sha256: 103e3b33cafa6f097c4e8b4ba764ede9f09479fb612646bd0d39a871352f436e Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[1,0] Age: 763 X-Cache: HIT TCP_MEM_HIT dirn:6:234744640 X-Swift-SaveTime: Sun, 26 Jun 2022 04:12:06 GMT X-Swift-CacheTime: 3537 Timing-Allow-Origin: * EagleId: 2ff62c9616562174262313709e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[22,21,200-0,M], cache8.se1[23,0] Age: 763 X-Cache: MISS TCP_REFRESH_MISS dirn:-2:-2 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT X-Swift-CacheTime: 2837 Timing-Allow-Origin: * EagleId: 2ff62c9c16562174262321756e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[22,21,200-0,C], cache8.se1[22,0] Age: 763 X-Cache: HIT TCP_MEM_HIT dirn:-2:-2 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT X-Swift-CacheTime: 2837 Timing-Allow-Origin: * EagleId: 2ff62c9c16562174262331757e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9AA877408591F45A57E1500AA48800D9000079D802C5165B60CB0FAEA6271D23" Last-Modified: Thu, 23 Jun 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21593 Expires: Sun, 26 Jun 2022 10:23:39 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a3fd2b73ce3d3d2b25e48824ae0db82d Sha1: c3d876244e482b59623a99c7c1b338cf36d06f98 Sha256: 9aa877408591f45a57e1500aa48800d9000079d802c5165b60cb0faea6271d23
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14401 Expires: Sun, 26 Jun 2022 08:23:47 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14401 Expires: Sun, 26 Jun 2022 08:23:47 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14401 Expires: Sun, 26 Jun 2022 08:23:47 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14401 Expires: Sun, 26 Jun 2022 08:23:47 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b0ee740-4328-49dd-9720-d9dace8825da.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9802 Md5: 1fcf1924aacdc3bb8f8866e933cdcebd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9802 x-amzn-requestid: 19934ef1-46e6-4ad5-8763-188d129554af x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTC42Eo7oAMFZNA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b77e9e-3ff575667599c13c28850149;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 21:31:10 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: lG4ieDoRomBT5h3opsUNKZRdlFzfqd48LtOU7Uhbt4iya6c_USyq_g== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 21:56:46 GMT etag: "fc8b0060534b2be4ad7feb743faac01a901833c5" content-type: image/jpeg age: 23220 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9802 Md5: 1fcf1924aacdc3bb8f8866e933cdcebd Sha1: fc8b0060534b2be4ad7feb743faac01a901833c5 Sha256: 930356a728210d8ff3eeee4e5de206b45faf6eb8f1d019c4dfb7b5d6856d4603
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be9300c-078e-4144-97d1-66404ae8a421.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9333 Md5: e2e6a2c176d5fe91201e8e0aed4ea480$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9333 x-amzn-requestid: 3328c7d3-2281-4aab-ad6f-d4c5fcef0015 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TycnzGxGIAMFxAA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aa7498-7221500c66e9f6f277f46b5e;Sampled=0 x-amzn-remapped-date: Thu, 16 Jun 2022 00:08:56 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: pY8lMpenUUg1a8DveekBckp7a5sVe0uethM8C8T0Y33okZfJn9CPiw== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 01:13:13 GMT age: 11433 etag: "15d8a2eed57ca34447101b4375deebdbf3d1d42d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9333 Md5: e2e6a2c176d5fe91201e8e0aed4ea480 Sha1: 15d8a2eed57ca34447101b4375deebdbf3d1d42d Sha256: 71ff76b27bec49293c76706a852109414a5dc1307996adcaa9ccad149939abb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fc97984-e417-4488-b42b-8616b0aed701.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6996 Md5: 4c594aed88673de434d2d3d3f03cb889$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6996 x-amzn-requestid: 2c7d1949-f3a6-4775-8fde-f54beb6d15b9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTZMAEJWoAMFzUQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7a24c-66f9ebdf7afa3eb833e0d4d9;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 00:03:24 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Y6vQpjOkKAFqnsNht0IrYDjMGZV61pu8dIev08c9EDP-iCuqvom8Kw== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:23:12 GMT age: 14434 etag: "e05b201ac00410eb4eef50a97a90c384b6ec1ae3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6996 Md5: 4c594aed88673de434d2d3d3f03cb889 Sha1: e05b201ac00410eb4eef50a97a90c384b6ec1ae3 Sha256: fbd980441f4c7f324c98d9c37f46226d6529efe2390d95190cfc053d46c2dc30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F078fb16a-ed33-4dc3-8f0d-fa2af1b1a290.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11483 Md5: 1e0d05753e633912c3b1d61427a2384e$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11483 x-amzn-requestid: 31728949-c166-4867-b377-2d9ac07fb6e0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTDsuEZdoAMFWIA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b77fea-0ba36d817950cc271cc3e3dc;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 21:36:42 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: -TUpVxLspf9nL6sVtRnSSKCKJLkik7UM85tJ47P7QnTBhXSOCFDttQ== via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 21:42:44 GMT etag: "53b0cb739723cc34657019cde118b003970cbb86" content-type: image/jpeg age: 24062 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11483 Md5: 1e0d05753e633912c3b1d61427a2384e Sha1: 53b0cb739723cc34657019cde118b003970cbb86 Sha256: f84afe24d5c52db107a9767c445709223d112ff7adccf296e0e2d79899f73310
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ff72090-4b18-499c-8212-e2f1af088e7f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10673 Md5: b6c9dfeb2b4564b316e05bcb5043bb61$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10673 x-amzn-requestid: a4275eb6-556e-46b0-8d78-c8091771c4fc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTDEcGbJoAMF9pQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b77ee9-65e9ac0176485ba22dba5fee;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 21:32:25 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: LVfoyw2X-Mm3TxA9cUSsS6SEkdFV1OLC1rkgsdpL4GeP_EfY43LJDA== via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 21:42:44 GMT etag: "37d9509385a934940a54d80c78efaffcb62dcdaa" content-type: image/jpeg age: 24062 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10673 Md5: b6c9dfeb2b4564b316e05bcb5043bb61 Sha1: 37d9509385a934940a54d80c78efaffcb62dcdaa Sha256: ff2b53150eb96b296b1581fc3e27c05b523bf00b2ebb13f9798b25831dd3f55f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad0e66ab-2eff-4b07-97d4-8aef2204d2e6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8532 Md5: 30b326f3c723aedd3fb906437551f1fd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8532 x-amzn-requestid: 9b0563f7-5fd3-43da-a797-27eb920fa991 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTaUMH3dIAMFbQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7a41a-619921a50891057a26b9152b;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 00:11:06 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: ptVEdOZi80qs7Q6vdcl9vI6UMfVRcILdl7hRKnGEtTbtNrHoXTGVyQ== via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:24:19 GMT age: 14367 etag: "9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8532 Md5: 30b326f3c723aedd3fb906437551f1fd Sha1: 9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea Sha256: a498f7da0e1349370b0ad28d0d2690977201f201f55715f52c7086e874470f5b
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[1,0] Age: 764 X-Cache: HIT TCP_MEM_HIT dirn:6:234744640 X-Swift-SaveTime: Sun, 26 Jun 2022 04:12:06 GMT X-Swift-CacheTime: 3537 Timing-Allow-Origin: * EagleId: 2ff62c9616562174270294092e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0] Age: 764 X-Cache: HIT TCP_MEM_HIT dirn:1:380112504 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT X-Swift-CacheTime: 2837 Timing-Allow-Origin: * EagleId: 2ff62c9c16562174270352173e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0] Age: 764 X-Cache: HIT TCP_MEM_HIT dirn:1:380112504 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT X-Swift-CacheTime: 2837 Timing-Allow-Origin: * EagleId: 2ff62c9c16562174270422179e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
GET /jquery/1.9.1/jquery.min.js HTTP/1.1 Host: cdn.staticfile.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	47.246.44.211 HTTP/1.1 200 OK Content-Type: application/javascript Server: Tengine Content-Length: 33048 Connection: keep-alive Date: Sat, 25 Jun 2022 13:03:26 GMT Access-Control-Allow-Origin: * Access-Control-Expose-Headers: X-Log, X-Reqid Access-Control-Max-Age: 2592000 Cache-Control: public, max-age=31536000 Etag: "Fq5J5WmZ2CgCcnRV8LqDtjrNkKIr.gz" Vary: Accept-Encoding X-Reqid: hO0AAADNqYTA3vsW X-Svr: IO X-Qiniu-Zone: 0 X-Log: X-Log Accept-Ranges: bytes Content-Disposition: inline; filename="jquery.min.js"; filename=utf-8''jquery.min.js Content-Transfer-Encoding: binary Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT Ali-Swift-Global-Savetime: 1656162206 Via: cache19.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache4.se1[0,0,200-0,H], cache2.se1[1,0] Content-Encoding: gzip Age: 55221 X-Cache: HIT TCP_MEM_HIT dirn:4:394332311 X-Swift-SaveTime: Sat, 25 Jun 2022 13:05:52 GMT X-Swift-CacheTime: 86254 Timing-Allow-Origin: EagleId: 2ff62c9616562174270444099e --- Additional Info --- Magic: ASCII text, with very long lines (32089) Size: 33048 Md5: b62f98af3e87ce6dd2086c675d2fedb4 Sha1: 8033663932da0f119c58375535965f9214e62d3a Sha256: 2ba720376dfe19ee7b312d867f790ab7284f8a1b7d43701aef5742cad7894904
GET /jquery.lazyload/1.8.3/jquery.lazyload.min.js HTTP/1.1 Host: cdn.staticfile.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	47.246.44.211 HTTP/1.1 200 OK Content-Type: application/javascript Server: Tengine Content-Length: 1148 Connection: keep-alive Date: Sun, 26 Jun 2022 03:55:50 GMT Access-Control-Allow-Origin: * Access-Control-Expose-Headers: X-Log, X-Reqid Access-Control-Max-Age: 2592000 Cache-Control: public, max-age=31536000 Etag: "Fj3Kk5kHuM1dBuxAyD_kKbxqbuOZ.gz" Vary: Accept-Encoding X-Reqid: ClsAAAA8PR1zD_wW X-Svr: IO X-Qiniu-Zone: 0 X-Log: X-Log X-M-Log: QNM:xs474;QNM3/304 X-M-Reqid: FzMAABC8Qzpy9lMW X-Qnm-Cache: Hit Accept-Ranges: bytes Content-Disposition: inline; filename="jquery.lazyload.min.js"; filename=utf-8' 'jquery.lazyload.min.js Content-Transfer-Encoding: binary Last-Modified: Tue, 16 Feb 2016 04:24:37 GMT Ali-Swift-Global-Savetime: 1656215750 Via: cache20.l2de2[0,0,304-0,H], cache19.l2de2[1,0], cache2.se1[90,89,200-0,H], cache3.se1[91,0] Content-Encoding: gzip Age: 1677 X-Cache: HIT TCP_REFRESH_HIT dirn:11:38030415 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:47 GMT X-Swift-CacheTime: 84723 Timing-Allow-Origin: EagleId: 2ff62c9716562174270551741e --- Additional Info --- Magic: ASCII text, with very long lines (2913) Size: 1148 Md5: b98e3196b379e11f887f4d0c9bd096a9 Sha1: 2369455e72b6147adb449ccf8661a17f09634a06 Sha256: c2e6df40dbf5a47d286afb63f81fae5cb569db478c4dec5f3385492689d52abd
GET /Swiper/5.2.1/js/swiper.min.js HTTP/1.1 Host: cdn.staticfile.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	47.246.44.211 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: Tengine Content-Length: 35314 Connection: keep-alive Date: Sun, 26 Jun 2022 04:00:10 GMT Access-Control-Allow-Origin: * Access-Control-Expose-Headers: X-Log, X-Reqid Access-Control-Max-Age: 2592000 Cache-Control: public, max-age=31536000 Etag: "FumVdqBRPRwd_E6HMP9q10YJ66j0.gz" Vary: Accept-Encoding X-Reqid: IRkAAADvGL-vD_wW X-Svr: IO X-Qiniu-Zone: 0 X-Log: X-Log Accept-Ranges: bytes Content-Disposition: inline; filename="swiper.min.js"; filename=utf-8''swiper.min.js Content-Md5: zV6QI5Z6DNF6djPJqsp0ig== Content-Transfer-Encoding: binary Last-Modified: Mon, 10 Aug 2020 04:12:19 GMT Ali-Swift-Global-Savetime: 1656216010 Via: cache20.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache2.se1[89,89,200-0,H], cache1.se1[91,0] X-M-Log: QNM:xs470;QNM3:1/304 X-M-Reqid: HBMAACZJCYMs5K0W X-Qnm-Cache: Hit Content-Encoding: gzip Age: 1417 X-Cache: HIT TCP_REFRESH_HIT dirn:3:28130648 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:47 GMT X-Swift-CacheTime: 84983 Timing-Allow-Origin: EagleId: 2ff62c9516562174270478741e --- Additional Info --- Magic: ASCII text, with very long lines (65280) Size: 35314 Md5: f72728d0d7bc63f899391502e9fbe6cd Sha1: b57bed3a1b0120f6a222632a3b4e98ed16042e09 Sha256: 479ec48a03db723b9055613bc6f353c0bf4ade4c54bf519978d0d935c1dfe999
GET /images/dxblank.png HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data Size: 4968 Md5: 93b08aba8d55e05345a85f2725bd74ac$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:46 GMT content-type: image/png content-length: 4968 last-modified: Tue, 30 Mar 2021 06:21:43 GMT etag: "6062c377-1368" expires: Tue, 26 Jul 2022 04:23:46 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data Size: 4968 Md5: 93b08aba8d55e05345a85f2725bd74ac Sha1: 43230d7623c7b82bb78161dd3966f0efa59b0050 Sha256: bc277cdcb703f22c5c0d47ca62ea68583b12412d267abeb9b7bacfd55955dd7d Alerts: Blocklists: - quad9: Sinkholed
GET /images/zuzb.png HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data Size: 6731 Md5: 0afd4268a4c21b29f65f4aef89bf8959$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:47 GMT content-type: image/png content-length: 6731 last-modified: Wed, 09 Jun 2021 15:30:01 GMT etag: "60c0de79-1a4b" expires: Tue, 26 Jul 2022 04:23:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data Size: 6731 Md5: 0afd4268a4c21b29f65f4aef89bf8959 Sha1: 1e969e1cef38d74fbf1349f44e0ae429b407e4a2 Sha256: 1cf36095c6f52b900381fa323be9bd0cd99c608b0979d95d922d84899e672ebc Alerts: Blocklists: - quad9: Sinkholed
GET /images/kdqp.jpg HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Picasa], progressive, precision 8, 256x256, components 3\012- data Size: 15469 Md5: e880ac75ba877b981a5127d2875de34a$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:47 GMT content-type: image/jpeg content-length: 15469 last-modified: Fri, 20 Aug 2021 12:40:01 GMT etag: "611fa2a1-3c6d" expires: Tue, 26 Jul 2022 04:23:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Picasa], progressive, precision 8, 256x256, components 3\012- data Size: 15469 Md5: e880ac75ba877b981a5127d2875de34a Sha1: 9b9340c773d86e139d8a42cdff9fb3b9471666eb Sha256: 68bd6c4b7c39a14e614c7cfc619b65f371c4cbc4d4dbe65c97eddef51a9b60c9 Alerts: Blocklists: - quad9: Sinkholed
GET /images/fav.png HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 150 x 90, 8-bit/color RGBA, non-interlaced\012- data Size: 5539 Md5: 5c54b66f5f2b3a506ffd416e68d03c96$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:47 GMT content-type: image/png content-length: 5539 last-modified: Wed, 31 Mar 2021 06:50:02 GMT etag: "60641b9a-15a3" expires: Tue, 26 Jul 2022 04:23:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 150 x 90, 8-bit/color RGBA, non-interlaced\012- data Size: 5539 Md5: 5c54b66f5f2b3a506ffd416e68d03c96 Sha1: 1e0528f689ecdbe97d9d0dc16c4a12c8782f52d3 Sha256: 93aa6c1119b45e38dbbecf053a9de6584896264b5485f8fa328f9735f3ec8bf7 Alerts: Blocklists: - quad9: Sinkholed
GET /Tpl/cl/facai/js/def.js?711 HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:46 GMT content-type: application/javascript last-modified: Sat, 25 Jun 2022 09:20:01 GMT vary: Accept-Encoding etag: W/"62b6d341-194a" expires: Sun, 26 Jun 2022 16:23:46 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 16975 Md5: dcfa7fe1047816fd4a9d1cdb9f89f9fe Sha1: fd20a02e25543f853df7ebd909e3d48a870010a3 Sha256: 8d78893b2d2a4cd5aa4dcb214f1678105ad0f584b42e09dc609a716f03895ff6 Alerts: Blocklists: - quad9: Sinkholed
GET /Tpl/cl/facai/js/mobile.js?1 HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:46 GMT content-type: application/javascript last-modified: Wed, 21 Apr 2021 08:20:01 GMT vary: Accept-Encoding etag: W/"607fe031-875" expires: Sun, 26 Jun 2022 16:23:46 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 33179 Md5: a45736b0254e8805072054426ff182ef Sha1: 30145ba569f109f775c056be056243dae687f94e Sha256: 4598cf0d58ae9365a4520cabe7ff3159a2aab5d0a53fe4065eb8650a516dae89 Alerts: Blocklists: - quad9: Sinkholed
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Jun 2022 04:23:48 GMT Content-Length: 1432 Connection: keep-alive Expires: Thu, 30 Jun 2022 01:55:02 GMT ETag: "49845bd21a4a5b72eaba41dd39a6df12657b53f1" Last-Modified: Sun, 26 Jun 2022 01:55:02 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2098 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 72132b71dab8b511-OSL --- Additional Info --- Magic: data Size: 1432 Md5: 3e54f97ed8edd1b0524aab86d7eb4f3b Sha1: 49845bd21a4a5b72eaba41dd39a6df12657b53f1 Sha256: c65217dc0932bc5df74c70aee6dc476592a389854443267091f91ff66467191e
POST /gseccovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Jun 2022 04:23:48 GMT Content-Length: 940 Connection: keep-alive Expires: Thu, 30 Jun 2022 03:22:26 GMT ETag: "589db70e4a7a60463e2ef87aa9840aed3b2b1615" Last-Modified: Sun, 26 Jun 2022 03:22:26 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 5 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 72132b721aeab511-OSL --- Additional Info --- Magic: data Size: 940 Md5: 76ffa824ac9517b966c4ce77246b5580 Sha1: 589db70e4a7a60463e2ef87aa9840aed3b2b1615 Sha256: fcbe748804f7e6ab2aaf71f5d3f74e6a7c38fa658d9dd635bee61041b5517c9c
GET /favicon.ico HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Cookie: showFav=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 00b733d44ba3a3c1881908bba41bc2eb$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:48 GMT content-type: image/x-icon content-length: 4286 last-modified: Tue, 30 Mar 2021 06:21:43 GMT etag: "6062c377-10be" strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 00b733d44ba3a3c1881908bba41bc2eb Sha1: 8a136fb04c86656211fe80137711ac68d605725b Sha256: 4cd2c8b3ba5fe32e8fb256f7a5c71df5ca0ccd8cda698d6251a921cad89a3d99 Alerts: Blocklists: - quad9: Sinkholed
GET /metrika/tag.js HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	77.88.21.119 HTTP/2 200 OK content-length: 71574 date: Sun, 26 Jun 2022 04:23:48 GMT access-control-allow-origin: * etag: "62b5603e-11796" expires: Sun, 26 Jun 2022 05:23:48 GMT last-modified: Fri, 24 Jun 2022 09:57:02 GMT cache-control: max-age=3600 content-encoding: br content-type: application/javascript strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (724) Size: 71574 Md5: 84db7368f8dfdd00c69c1c3311646dd6 Sha1: 04c38e40d23b78538024f11898ab73df3f873ea8 Sha256: 3be14de7ae02579d93ea94473d02c74ebe2c0e01abbae2f1f69a81755a9558ca
GET /metrika/advert.gif HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 77.88.21.119 HTTP/2 200 OK content-length: 43 date: Sun, 26 Jun 2022 04:23:50 GMT access-control-allow-origin: * etag: "62b5603e-2b" expires: Sun, 26 Jun 2022 05:23:50 GMT accept-ranges: bytes last-modified: Fri, 24 Jun 2022 09:57:02 GMT cache-control: max-age=3600 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/85791916/1?wmode=7&page-url=https%3A%2F%2Fdxca3sx9.buzz%2F&page-ref=http%3A%2F%2Fdxoo66.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A1258%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A585973535551%3Ahid%3A909874570%3Az%3A0%3Ai%3A20220626042349%3Aet%3A1656217429%3Ac%3A1%3Arn%3A177189209%3Arqn%3A1%3Au%3A1656217429750558707%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656217426190%3Ads%3A20%2C520%2C162%2C4%2C%2C0%2C%2C503%2C17%2C%2C%2C%2C1262%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656217429%3At%3A%E5%A4%A7%E8%B1%A1%E8%A7%86%E9%A2%91_dxdz22.top%E5%9B%9E%E5%AE%B6%E5%AF%BC%E8%88%AA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://dxca3sx9.buzz Referer: https://dxca3sx9.buzz/ Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JSON data\012- , ASCII text, with very long lines (311), with no line terminators Size: 311 Md5: 954655bde9aa963d1e1bf3ab3acc2a2c$ 77.88.21.119 HTTP/2 200 OK content-length: 311 date: Sun, 26 Jun 2022 04:23:50 GMT x-content-type-options: nosniff access-control-allow-origin: https://dxca3sx9.buzz access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sun, 26-Jun-2022 04:23:50 GMT last-modified: Sun, 26-Jun-2022 04:23:50 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 content-type: application/json; charset=utf-8 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (311), with no line terminators Size: 311 Md5: 954655bde9aa963d1e1bf3ab3acc2a2c Sha1: fd5f889e99d8684fe48c13b706b8d983db26b314 Sha256: 7d15884deb41a6e79b7851611f447d7d5472c8967045850748b5ae6a1468fa1a
GET /Tpl/cl/facai/js/fun.js?1 HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:46 GMT content-type: application/javascript last-modified: Sat, 25 Jun 2022 09:20:01 GMT vary: Accept-Encoding etag: W/"62b6d341-11eb" expires: Sun, 26 Jun 2022 16:23:46 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (633), with CRLF, LF line terminators Size: 13354 Md5: 8aa2a39ad3f722007cae47422929c181 Sha1: 8441cc00cf5e7ccc74ad5678e1514cea0c909edd Sha256: a8d9de8d9fa264f022c186cc15dbd7cae2cefffd48d86725cc8a3952de5247a2 Alerts: Blocklists: - quad9: Sinkholed
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=66278303&si=5e6af107115f0560259fb62a984483bd&su=http%3A%2F%2Fdxoo66.xyz%2F&v=1.2.94&lv=1&sn=16910&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fdxca3sx9.buzz%2F&tt=%E5%A4%A7%E8%B1%A1%E8%A7%86%E9%A2%91_dxdz22.top%E5%9B%9E%E5%AE%B6%E5%AF%BC%E8%88%AA HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3$ 103.235.46.191 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: private, max-age=0, no-cache Content-Length: 43 Date: Sun, 26 Jun 2022 04:23:50 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=55BE1A98ED9E7941; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sun, 26 Jun 2022 03:45:57 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: xm9oSNq_L8Y2My7hj4SsiSt016mljEwZ2dPwDRvSP0k5pJtVw67hHw== Age: 2266 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B2CEB864B9C1A231269357C6D1FFC192D76116996A5363EE4A1B4B149AAD447A" Last-Modified: Fri, 24 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2444 Expires: Sun, 26 Jun 2022 05:04:28 GMT Date: Sun, 26 Jun 2022 04:23:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4ee093bb327d344f08701694f6ff84ac Sha1: 15f704888f8f44953533a26728aca3f09e91aa95 Sha256: b2ceb864b9c1a231269357c6d1ffc192d76116996a5363ee4a1b4b149aad447a
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.64 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sun, 26 Jun 2022 02:10:54 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: fu87SZ1GpSCniXzyWCmCmbSWbInKhhL_ZEwz3UMTEMfRm0VwV-k6aQ== age: 7971 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET / HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document, ASCII text, with very long lines (842), with no line terminators Size: 842 Md5: 38d873a5fa22007468791dfef886e344$ 23.224.110.70 HTTP/1.1 200 OK Content-Type: text/html Content-Length: 842 Pragma: no-cache Cache-control: no-store --- Additional Info --- Magic: HTML document text\012- HTML document, ASCII text, with very long lines (842), with no line terminators Size: 842 Md5: 38d873a5fa22007468791dfef886e344 Sha1: 248cd4985a2cd8103789d8b0f126408820953621 Sha256: fe286450abaea84e1ec06e67cd90a3788fdbfb282e9779c4e7644f1980daaf99 Alerts: Blocklists: - fortinet: Malware
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:44 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sun, 26 Jun 2022 04:04:35 GMT Cache-Control: max-age=3600 Expires: Sun, 26 Jun 2022 04:13:50 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 1kI0dyT1SAxC6yMVG5Q7DqaYGDfdu9G4zrwyWTDOLpddpDdOLP97Mg== Age: 3114 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /favicon.ico HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/	$Magic: HTML document text\012- HTML document, ASCII text, with very long lines (899), with no line terminators Size: 899 Md5: ef359d3b2273955625935f878c6cb951$ 23.224.110.70 HTTP/1.1 307 Temporary Redirect Location: /favicon.ico Connection: Close --- Additional Info --- Magic: HTML document text\012- HTML document, ASCII text, with very long lines (899), with no line terminators Size: 899 Md5: ef359d3b2273955625935f878c6cb951 Sha1: f48a4ee4c0ece5464476f9386d29edd88de6d259 Sha256: 8b9117c5cd1078993b76761237be20856fae19ddc69eb2ddb84dc0d73c21ee2b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2758 Cache-Control: 'max-age=158059' Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Sun, 26 Jun 2022 03:37:47 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 3aef152b0353f2b1c3e6aa96c195ef89 Sha1: 9f1ea9ad1eca82ea1263a49e272e017197b3bca0 Sha256: 030af5d0fa2cdf50202fcd3d7d3afab1843178619a219286794b35944e5a9e92
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 7+V13gcn/UO/Xke6zL1uFw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	35.160.82.219 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kRQEVxveHcNmVL8HPbzePZVY6zM= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2	$Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 00b733d44ba3a3c1881908bba41bc2eb$ 23.224.110.70 HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Content-Length: 4286 Last-Modified: Tue, 30 Mar 2021 06:21:43 GMT Connection: keep-alive ETag: "6062c377-10be" Strict-Transport-Security: max-age=31536000 Accept-Ranges: bytes --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 00b733d44ba3a3c1881908bba41bc2eb Sha1: 8a136fb04c86656211fe80137711ac68d605725b Sha256: 4cd2c8b3ba5fe32e8fb256f7a5c71df5ca0ccd8cda698d6251a921cad89a3d99
GET /?tknqxc=5k6po2&cazytg=mklcd3 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2 Upgrade-Insecure-Requests: 1	$Magic: gzip compressed data, from Unix\012- data Size: 3500 Md5: d99ec1c5b2ea7566419251471cf74179$ 23.224.110.70 HTTP/1.1 307 Temporary Redirect Location: /?tknqxc=5k6po2&cazytg=mklcd3 Connection: Close --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 3500 Md5: d99ec1c5b2ea7566419251471cf74179 Sha1: ea21c566da5560c1af63782b68ecac684673b59f Sha256: c953c8bed137d70138858f61762b7a26c3a46861e211333181a5cb5863423d07
GET /Tpl/cl/facai/css/style.css HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Thu, 24 Jun 2021 09:40:02 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"60d452f2-3af4" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (15092), with no line terminators Size: 3586 Md5: 6e59efbd5dcc039313b6aceded0616f8 Sha1: 7307e22c851f2678d13ba08119c3f7adae8b930b Sha256: 0c577bb8613f67dd6175b871c2a45f7c1dde20b63a7e172c59ca89f423226b76
GET /Tpl/cl/facai/css/global.css HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Wed, 02 Jun 2021 09:00:02 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"60b74892-21d5" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (8661), with no line terminators Size: 2624 Md5: 6c640a831d1e4cbfda1d5293ab31a070 Sha1: 363459b92ec06f27beb4ea4ee76ce38f4c7be2b2 Sha256: 412c6d1e0c18bdfc6bf87bd7ca6a2172eb469c856a83a1705455680a55e17a2c
GET /Tpl/cl/facai/js/to9.js?1 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Thu, 23 Jun 2022 15:00:01 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"62b47ff1-4be" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (1214), with no line terminators Size: 780 Md5: d6ccef32b8594b965337cb67ed07de9e Sha1: 5943f4cd05eff26b2f9f873527be9b6e10de28c3 Sha256: 873a4c633cd8af4b485d563892b07bfe110fc935d819c1e130141616d11bc4ff Alerts: Blocklists: - fortinet: Malware
GET /Tpl/cl/facai/js/def.js?711 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Sat, 25 Jun 2022 09:20:01 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"62b6d341-194a" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 text, with CRLF line terminators Size: 2012 Md5: ca6dfeaadbf4dba4b139ba5b80cc4c95 Sha1: 789ee19f3ce5348d8afc6062997614acb8cff3f4 Sha256: 99e4b9d9822707754cb4ac49ccd89986b4a7c428643d78faad1040d208ed2976 Alerts: Blocklists: - fortinet: Malware
GET /Tpl/cl/facai/js/fun.js?1 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Sat, 25 Jun 2022 09:20:01 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"62b6d341-11eb" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (630), with CRLF line terminators Size: 2062 Md5: 4148ecce1372ca6d00d124e6d72ff1ef Sha1: 1666bebcf753a7f6ce11b05885e7608260ae1f80 Sha256: 749a8363c85e97e56e9fbd23d3c35f025becd08be8b4b95c447060c801cfea6a Alerts: Blocklists: - fortinet: Malware
GET /Tpl/cl/facai/js/mobile.js?1 HTTP/1.1 Host: dxoo66.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3	23.224.110.70 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 26 Jun 2022 04:23:45 GMT Last-Modified: Wed, 21 Apr 2021 08:20:01 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"607fe031-875" Expires: Sun, 26 Jun 2022 16:23:45 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip --- Additional Info --- Magic: Unicode text, UTF-8 text, with CRLF line terminators Size: 846 Md5: 0f9c281973ae4dae89499230914fe9e9 Sha1: fe5d3e146726c064d14f3ba6d2a979c14bf0ac58 Sha256: 103e3b33cafa6f097c4e8b4ba764ede9f09479fb612646bd0d39a871352f436e Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[1,0] Age: 763 X-Cache: HIT TCP_MEM_HIT dirn:6:234744640 X-Swift-SaveTime: Sun, 26 Jun 2022 04:12:06 GMT X-Swift-CacheTime: 3537 Timing-Allow-Origin: * EagleId: 2ff62c9616562174262313709e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[22,21,200-0,M], cache8.se1[23,0] Age: 763 X-Cache: MISS TCP_REFRESH_MISS dirn:-2:-2 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT X-Swift-CacheTime: 2837 Timing-Allow-Origin: * EagleId: 2ff62c9c16562174262321756e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[22,21,200-0,C], cache8.se1[22,0] Age: 763 X-Cache: HIT TCP_MEM_HIT dirn:-2:-2 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT X-Swift-CacheTime: 2837 Timing-Allow-Origin: * EagleId: 2ff62c9c16562174262331757e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9AA877408591F45A57E1500AA48800D9000079D802C5165B60CB0FAEA6271D23" Last-Modified: Thu, 23 Jun 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21593 Expires: Sun, 26 Jun 2022 10:23:39 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a3fd2b73ce3d3d2b25e48824ae0db82d Sha1: c3d876244e482b59623a99c7c1b338cf36d06f98 Sha256: 9aa877408591f45a57e1500aa48800d9000079d802c5165b60cb0faea6271d23
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14401 Expires: Sun, 26 Jun 2022 08:23:47 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14401 Expires: Sun, 26 Jun 2022 08:23:47 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14401 Expires: Sun, 26 Jun 2022 08:23:47 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14401 Expires: Sun, 26 Jun 2022 08:23:47 GMT Date: Sun, 26 Jun 2022 04:23:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b0ee740-4328-49dd-9720-d9dace8825da.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9802 Md5: 1fcf1924aacdc3bb8f8866e933cdcebd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9802 x-amzn-requestid: 19934ef1-46e6-4ad5-8763-188d129554af x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTC42Eo7oAMFZNA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b77e9e-3ff575667599c13c28850149;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 21:31:10 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: lG4ieDoRomBT5h3opsUNKZRdlFzfqd48LtOU7Uhbt4iya6c_USyq_g== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 21:56:46 GMT etag: "fc8b0060534b2be4ad7feb743faac01a901833c5" content-type: image/jpeg age: 23220 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9802 Md5: 1fcf1924aacdc3bb8f8866e933cdcebd Sha1: fc8b0060534b2be4ad7feb743faac01a901833c5 Sha256: 930356a728210d8ff3eeee4e5de206b45faf6eb8f1d019c4dfb7b5d6856d4603
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be9300c-078e-4144-97d1-66404ae8a421.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9333 Md5: e2e6a2c176d5fe91201e8e0aed4ea480$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9333 x-amzn-requestid: 3328c7d3-2281-4aab-ad6f-d4c5fcef0015 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TycnzGxGIAMFxAA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aa7498-7221500c66e9f6f277f46b5e;Sampled=0 x-amzn-remapped-date: Thu, 16 Jun 2022 00:08:56 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: pY8lMpenUUg1a8DveekBckp7a5sVe0uethM8C8T0Y33okZfJn9CPiw== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 01:13:13 GMT age: 11433 etag: "15d8a2eed57ca34447101b4375deebdbf3d1d42d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9333 Md5: e2e6a2c176d5fe91201e8e0aed4ea480 Sha1: 15d8a2eed57ca34447101b4375deebdbf3d1d42d Sha256: 71ff76b27bec49293c76706a852109414a5dc1307996adcaa9ccad149939abb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fc97984-e417-4488-b42b-8616b0aed701.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6996 Md5: 4c594aed88673de434d2d3d3f03cb889$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6996 x-amzn-requestid: 2c7d1949-f3a6-4775-8fde-f54beb6d15b9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTZMAEJWoAMFzUQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7a24c-66f9ebdf7afa3eb833e0d4d9;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 00:03:24 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Y6vQpjOkKAFqnsNht0IrYDjMGZV61pu8dIev08c9EDP-iCuqvom8Kw== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:23:12 GMT age: 14434 etag: "e05b201ac00410eb4eef50a97a90c384b6ec1ae3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6996 Md5: 4c594aed88673de434d2d3d3f03cb889 Sha1: e05b201ac00410eb4eef50a97a90c384b6ec1ae3 Sha256: fbd980441f4c7f324c98d9c37f46226d6529efe2390d95190cfc053d46c2dc30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F078fb16a-ed33-4dc3-8f0d-fa2af1b1a290.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11483 Md5: 1e0d05753e633912c3b1d61427a2384e$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11483 x-amzn-requestid: 31728949-c166-4867-b377-2d9ac07fb6e0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTDsuEZdoAMFWIA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b77fea-0ba36d817950cc271cc3e3dc;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 21:36:42 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: -TUpVxLspf9nL6sVtRnSSKCKJLkik7UM85tJ47P7QnTBhXSOCFDttQ== via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 21:42:44 GMT etag: "53b0cb739723cc34657019cde118b003970cbb86" content-type: image/jpeg age: 24062 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11483 Md5: 1e0d05753e633912c3b1d61427a2384e Sha1: 53b0cb739723cc34657019cde118b003970cbb86 Sha256: f84afe24d5c52db107a9767c445709223d112ff7adccf296e0e2d79899f73310
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ff72090-4b18-499c-8212-e2f1af088e7f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10673 Md5: b6c9dfeb2b4564b316e05bcb5043bb61$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10673 x-amzn-requestid: a4275eb6-556e-46b0-8d78-c8091771c4fc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTDEcGbJoAMF9pQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b77ee9-65e9ac0176485ba22dba5fee;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 21:32:25 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: LVfoyw2X-Mm3TxA9cUSsS6SEkdFV1OLC1rkgsdpL4GeP_EfY43LJDA== via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 21:42:44 GMT etag: "37d9509385a934940a54d80c78efaffcb62dcdaa" content-type: image/jpeg age: 24062 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10673 Md5: b6c9dfeb2b4564b316e05bcb5043bb61 Sha1: 37d9509385a934940a54d80c78efaffcb62dcdaa Sha256: ff2b53150eb96b296b1581fc3e27c05b523bf00b2ebb13f9798b25831dd3f55f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad0e66ab-2eff-4b07-97d4-8aef2204d2e6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8532 Md5: 30b326f3c723aedd3fb906437551f1fd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8532 x-amzn-requestid: 9b0563f7-5fd3-43da-a797-27eb920fa991 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTaUMH3dIAMFbQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7a41a-619921a50891057a26b9152b;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 00:11:06 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: ptVEdOZi80qs7Q6vdcl9vI6UMfVRcILdl7hRKnGEtTbtNrHoXTGVyQ== via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:24:19 GMT age: 14367 etag: "9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8532 Md5: 30b326f3c723aedd3fb906437551f1fd Sha1: 9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea Sha256: a498f7da0e1349370b0ad28d0d2690977201f201f55715f52c7086e874470f5b
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[1,0] Age: 764 X-Cache: HIT TCP_MEM_HIT dirn:6:234744640 X-Swift-SaveTime: Sun, 26 Jun 2022 04:12:06 GMT X-Swift-CacheTime: 3537 Timing-Allow-Origin: * EagleId: 2ff62c9616562174270294092e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0] Age: 764 X-Cache: HIT TCP_MEM_HIT dirn:1:380112504 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT X-Swift-CacheTime: 2837 Timing-Allow-Origin: * EagleId: 2ff62c9c16562174270352173e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	47.246.44.225 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Sun, 26 Jun 2022 04:11:03 GMT Ali-Swift-Global-Savetime: 1656216663 Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0] Age: 764 X-Cache: HIT TCP_MEM_HIT dirn:1:380112504 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT X-Swift-CacheTime: 2837 Timing-Allow-Origin: * EagleId: 2ff62c9c16562174270422179e --- Additional Info --- Magic: data Size: 471 Md5: e85cc255315fa4b22ac6d345047eeac1 Sha1: df2754d84719b1d1ba91d99adf03ca7e6d86a3c0 Sha256: d119b8d867b0d2bff44ad75ed3ad0c00f1e28a6718a1d153842e8746c1674890
GET /jquery/1.9.1/jquery.min.js HTTP/1.1 Host: cdn.staticfile.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	47.246.44.211 HTTP/1.1 200 OK Content-Type: application/javascript Server: Tengine Content-Length: 33048 Connection: keep-alive Date: Sat, 25 Jun 2022 13:03:26 GMT Access-Control-Allow-Origin: * Access-Control-Expose-Headers: X-Log, X-Reqid Access-Control-Max-Age: 2592000 Cache-Control: public, max-age=31536000 Etag: "Fq5J5WmZ2CgCcnRV8LqDtjrNkKIr.gz" Vary: Accept-Encoding X-Reqid: hO0AAADNqYTA3vsW X-Svr: IO X-Qiniu-Zone: 0 X-Log: X-Log Accept-Ranges: bytes Content-Disposition: inline; filename="jquery.min.js"; filename=utf-8''jquery.min.js Content-Transfer-Encoding: binary Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT Ali-Swift-Global-Savetime: 1656162206 Via: cache19.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache4.se1[0,0,200-0,H], cache2.se1[1,0] Content-Encoding: gzip Age: 55221 X-Cache: HIT TCP_MEM_HIT dirn:4:394332311 X-Swift-SaveTime: Sat, 25 Jun 2022 13:05:52 GMT X-Swift-CacheTime: 86254 Timing-Allow-Origin: EagleId: 2ff62c9616562174270444099e --- Additional Info --- Magic: ASCII text, with very long lines (32089) Size: 33048 Md5: b62f98af3e87ce6dd2086c675d2fedb4 Sha1: 8033663932da0f119c58375535965f9214e62d3a Sha256: 2ba720376dfe19ee7b312d867f790ab7284f8a1b7d43701aef5742cad7894904
GET /jquery.lazyload/1.8.3/jquery.lazyload.min.js HTTP/1.1 Host: cdn.staticfile.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	47.246.44.211 HTTP/1.1 200 OK Content-Type: application/javascript Server: Tengine Content-Length: 1148 Connection: keep-alive Date: Sun, 26 Jun 2022 03:55:50 GMT Access-Control-Allow-Origin: * Access-Control-Expose-Headers: X-Log, X-Reqid Access-Control-Max-Age: 2592000 Cache-Control: public, max-age=31536000 Etag: "Fj3Kk5kHuM1dBuxAyD_kKbxqbuOZ.gz" Vary: Accept-Encoding X-Reqid: ClsAAAA8PR1zD_wW X-Svr: IO X-Qiniu-Zone: 0 X-Log: X-Log X-M-Log: QNM:xs474;QNM3/304 X-M-Reqid: FzMAABC8Qzpy9lMW X-Qnm-Cache: Hit Accept-Ranges: bytes Content-Disposition: inline; filename="jquery.lazyload.min.js"; filename=utf-8' 'jquery.lazyload.min.js Content-Transfer-Encoding: binary Last-Modified: Tue, 16 Feb 2016 04:24:37 GMT Ali-Swift-Global-Savetime: 1656215750 Via: cache20.l2de2[0,0,304-0,H], cache19.l2de2[1,0], cache2.se1[90,89,200-0,H], cache3.se1[91,0] Content-Encoding: gzip Age: 1677 X-Cache: HIT TCP_REFRESH_HIT dirn:11:38030415 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:47 GMT X-Swift-CacheTime: 84723 Timing-Allow-Origin: EagleId: 2ff62c9716562174270551741e --- Additional Info --- Magic: ASCII text, with very long lines (2913) Size: 1148 Md5: b98e3196b379e11f887f4d0c9bd096a9 Sha1: 2369455e72b6147adb449ccf8661a17f09634a06 Sha256: c2e6df40dbf5a47d286afb63f81fae5cb569db478c4dec5f3385492689d52abd
GET /Swiper/5.2.1/js/swiper.min.js HTTP/1.1 Host: cdn.staticfile.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	47.246.44.211 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: Tengine Content-Length: 35314 Connection: keep-alive Date: Sun, 26 Jun 2022 04:00:10 GMT Access-Control-Allow-Origin: * Access-Control-Expose-Headers: X-Log, X-Reqid Access-Control-Max-Age: 2592000 Cache-Control: public, max-age=31536000 Etag: "FumVdqBRPRwd_E6HMP9q10YJ66j0.gz" Vary: Accept-Encoding X-Reqid: IRkAAADvGL-vD_wW X-Svr: IO X-Qiniu-Zone: 0 X-Log: X-Log Accept-Ranges: bytes Content-Disposition: inline; filename="swiper.min.js"; filename=utf-8''swiper.min.js Content-Md5: zV6QI5Z6DNF6djPJqsp0ig== Content-Transfer-Encoding: binary Last-Modified: Mon, 10 Aug 2020 04:12:19 GMT Ali-Swift-Global-Savetime: 1656216010 Via: cache20.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache2.se1[89,89,200-0,H], cache1.se1[91,0] X-M-Log: QNM:xs470;QNM3:1/304 X-M-Reqid: HBMAACZJCYMs5K0W X-Qnm-Cache: Hit Content-Encoding: gzip Age: 1417 X-Cache: HIT TCP_REFRESH_HIT dirn:3:28130648 X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:47 GMT X-Swift-CacheTime: 84983 Timing-Allow-Origin: EagleId: 2ff62c9516562174270478741e --- Additional Info --- Magic: ASCII text, with very long lines (65280) Size: 35314 Md5: f72728d0d7bc63f899391502e9fbe6cd Sha1: b57bed3a1b0120f6a222632a3b4e98ed16042e09 Sha256: 479ec48a03db723b9055613bc6f353c0bf4ade4c54bf519978d0d935c1dfe999
GET /images/dxblank.png HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data Size: 4968 Md5: 93b08aba8d55e05345a85f2725bd74ac$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:46 GMT content-type: image/png content-length: 4968 last-modified: Tue, 30 Mar 2021 06:21:43 GMT etag: "6062c377-1368" expires: Tue, 26 Jul 2022 04:23:46 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data Size: 4968 Md5: 93b08aba8d55e05345a85f2725bd74ac Sha1: 43230d7623c7b82bb78161dd3966f0efa59b0050 Sha256: bc277cdcb703f22c5c0d47ca62ea68583b12412d267abeb9b7bacfd55955dd7d Alerts: Blocklists: - quad9: Sinkholed
GET /images/zuzb.png HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data Size: 6731 Md5: 0afd4268a4c21b29f65f4aef89bf8959$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:47 GMT content-type: image/png content-length: 6731 last-modified: Wed, 09 Jun 2021 15:30:01 GMT etag: "60c0de79-1a4b" expires: Tue, 26 Jul 2022 04:23:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data Size: 6731 Md5: 0afd4268a4c21b29f65f4aef89bf8959 Sha1: 1e969e1cef38d74fbf1349f44e0ae429b407e4a2 Sha256: 1cf36095c6f52b900381fa323be9bd0cd99c608b0979d95d922d84899e672ebc Alerts: Blocklists: - quad9: Sinkholed
GET /images/kdqp.jpg HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Picasa], progressive, precision 8, 256x256, components 3\012- data Size: 15469 Md5: e880ac75ba877b981a5127d2875de34a$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:47 GMT content-type: image/jpeg content-length: 15469 last-modified: Fri, 20 Aug 2021 12:40:01 GMT etag: "611fa2a1-3c6d" expires: Tue, 26 Jul 2022 04:23:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Picasa], progressive, precision 8, 256x256, components 3\012- data Size: 15469 Md5: e880ac75ba877b981a5127d2875de34a Sha1: 9b9340c773d86e139d8a42cdff9fb3b9471666eb Sha256: 68bd6c4b7c39a14e614c7cfc619b65f371c4cbc4d4dbe65c97eddef51a9b60c9 Alerts: Blocklists: - quad9: Sinkholed
GET /images/fav.png HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 150 x 90, 8-bit/color RGBA, non-interlaced\012- data Size: 5539 Md5: 5c54b66f5f2b3a506ffd416e68d03c96$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:47 GMT content-type: image/png content-length: 5539 last-modified: Wed, 31 Mar 2021 06:50:02 GMT etag: "60641b9a-15a3" expires: Tue, 26 Jul 2022 04:23:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 150 x 90, 8-bit/color RGBA, non-interlaced\012- data Size: 5539 Md5: 5c54b66f5f2b3a506ffd416e68d03c96 Sha1: 1e0528f689ecdbe97d9d0dc16c4a12c8782f52d3 Sha256: 93aa6c1119b45e38dbbecf053a9de6584896264b5485f8fa328f9735f3ec8bf7 Alerts: Blocklists: - quad9: Sinkholed
GET /Tpl/cl/facai/js/def.js?711 HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:46 GMT content-type: application/javascript last-modified: Sat, 25 Jun 2022 09:20:01 GMT vary: Accept-Encoding etag: W/"62b6d341-194a" expires: Sun, 26 Jun 2022 16:23:46 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 16975 Md5: dcfa7fe1047816fd4a9d1cdb9f89f9fe Sha1: fd20a02e25543f853df7ebd909e3d48a870010a3 Sha256: 8d78893b2d2a4cd5aa4dcb214f1678105ad0f584b42e09dc609a716f03895ff6 Alerts: Blocklists: - quad9: Sinkholed
GET /Tpl/cl/facai/js/mobile.js?1 HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:46 GMT content-type: application/javascript last-modified: Wed, 21 Apr 2021 08:20:01 GMT vary: Accept-Encoding etag: W/"607fe031-875" expires: Sun, 26 Jun 2022 16:23:46 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 33179 Md5: a45736b0254e8805072054426ff182ef Sha1: 30145ba569f109f775c056be056243dae687f94e Sha256: 4598cf0d58ae9365a4520cabe7ff3159a2aab5d0a53fe4065eb8650a516dae89 Alerts: Blocklists: - quad9: Sinkholed
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Jun 2022 04:23:48 GMT Content-Length: 1432 Connection: keep-alive Expires: Thu, 30 Jun 2022 01:55:02 GMT ETag: "49845bd21a4a5b72eaba41dd39a6df12657b53f1" Last-Modified: Sun, 26 Jun 2022 01:55:02 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2098 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 72132b71dab8b511-OSL --- Additional Info --- Magic: data Size: 1432 Md5: 3e54f97ed8edd1b0524aab86d7eb4f3b Sha1: 49845bd21a4a5b72eaba41dd39a6df12657b53f1 Sha256: c65217dc0932bc5df74c70aee6dc476592a389854443267091f91ff66467191e
POST /gseccovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Jun 2022 04:23:48 GMT Content-Length: 940 Connection: keep-alive Expires: Thu, 30 Jun 2022 03:22:26 GMT ETag: "589db70e4a7a60463e2ef87aa9840aed3b2b1615" Last-Modified: Sun, 26 Jun 2022 03:22:26 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 5 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 72132b721aeab511-OSL --- Additional Info --- Magic: data Size: 940 Md5: 76ffa824ac9517b966c4ce77246b5580 Sha1: 589db70e4a7a60463e2ef87aa9840aed3b2b1615 Sha256: fcbe748804f7e6ab2aaf71f5d3f74e6a7c38fa658d9dd635bee61041b5517c9c
GET /favicon.ico HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Cookie: showFav=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 00b733d44ba3a3c1881908bba41bc2eb$ 23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:48 GMT content-type: image/x-icon content-length: 4286 last-modified: Tue, 30 Mar 2021 06:21:43 GMT etag: "6062c377-10be" strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 00b733d44ba3a3c1881908bba41bc2eb Sha1: 8a136fb04c86656211fe80137711ac68d605725b Sha256: 4cd2c8b3ba5fe32e8fb256f7a5c71df5ca0ccd8cda698d6251a921cad89a3d99 Alerts: Blocklists: - quad9: Sinkholed
GET /metrika/tag.js HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	77.88.21.119 HTTP/2 200 OK content-length: 71574 date: Sun, 26 Jun 2022 04:23:48 GMT access-control-allow-origin: * etag: "62b5603e-11796" expires: Sun, 26 Jun 2022 05:23:48 GMT last-modified: Fri, 24 Jun 2022 09:57:02 GMT cache-control: max-age=3600 content-encoding: br content-type: application/javascript strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (724) Size: 71574 Md5: 84db7368f8dfdd00c69c1c3311646dd6 Sha1: 04c38e40d23b78538024f11898ab73df3f873ea8 Sha256: 3be14de7ae02579d93ea94473d02c74ebe2c0e01abbae2f1f69a81755a9558ca
GET /metrika/advert.gif HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41$ 77.88.21.119 HTTP/2 200 OK content-length: 43 date: Sun, 26 Jun 2022 04:23:50 GMT access-control-allow-origin: * etag: "62b5603e-2b" expires: Sun, 26 Jun 2022 05:23:50 GMT accept-ranges: bytes last-modified: Fri, 24 Jun 2022 09:57:02 GMT cache-control: max-age=3600 content-type: image/gif strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: df3e567d6f16d040326c7a0ea29a4f41 Sha1: ea7df583983133b62712b5e73bffbcd45cc53736 Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/85791916/1?wmode=7&page-url=https%3A%2F%2Fdxca3sx9.buzz%2F&page-ref=http%3A%2F%2Fdxoo66.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A1258%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A585973535551%3Ahid%3A909874570%3Az%3A0%3Ai%3A20220626042349%3Aet%3A1656217429%3Ac%3A1%3Arn%3A177189209%3Arqn%3A1%3Au%3A1656217429750558707%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656217426190%3Ads%3A20%2C520%2C162%2C4%2C%2C0%2C%2C503%2C17%2C%2C%2C%2C1262%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656217429%3At%3A%E5%A4%A7%E8%B1%A1%E8%A7%86%E9%A2%91_dxdz22.top%E5%9B%9E%E5%AE%B6%E5%AF%BC%E8%88%AA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 Host: mc.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://dxca3sx9.buzz Referer: https://dxca3sx9.buzz/ Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JSON data\012- , ASCII text, with very long lines (311), with no line terminators Size: 311 Md5: 954655bde9aa963d1e1bf3ab3acc2a2c$ 77.88.21.119 HTTP/2 200 OK content-length: 311 date: Sun, 26 Jun 2022 04:23:50 GMT x-content-type-options: nosniff access-control-allow-origin: https://dxca3sx9.buzz access-control-allow-credentials: true pragma: no-cache x-xss-protection: 1; mode=block expires: Sun, 26-Jun-2022 04:23:50 GMT last-modified: Sun, 26-Jun-2022 04:23:50 GMT cache-control: private, no-cache, no-store, must-revalidate, max-age=0 content-type: application/json; charset=utf-8 strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (311), with no line terminators Size: 311 Md5: 954655bde9aa963d1e1bf3ab3acc2a2c Sha1: fd5f889e99d8684fe48c13b706b8d983db26b314 Sha256: 7d15884deb41a6e79b7851611f447d7d5472c8967045850748b5ae6a1468fa1a
GET /Tpl/cl/facai/js/fun.js?1 HTTP/1.1 Host: dxca3sx9.buzz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	23.224.110.71 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 04:23:46 GMT content-type: application/javascript last-modified: Sat, 25 Jun 2022 09:20:01 GMT vary: Accept-Encoding etag: W/"62b6d341-11eb" expires: Sun, 26 Jun 2022 16:23:46 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (633), with CRLF, LF line terminators Size: 13354 Md5: 8aa2a39ad3f722007cae47422929c181 Sha1: 8441cc00cf5e7ccc74ad5678e1514cea0c909edd Sha256: a8d9de8d9fa264f022c186cc15dbd7cae2cefffd48d86725cc8a3952de5247a2 Alerts: Blocklists: - quad9: Sinkholed
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=66278303&si=5e6af107115f0560259fb62a984483bd&su=http%3A%2F%2Fdxoo66.xyz%2F&v=1.2.94&lv=1&sn=16910&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fdxca3sx9.buzz%2F&tt=%E5%A4%A7%E8%B1%A1%E8%A7%86%E9%A2%91_dxdz22.top%E5%9B%9E%E5%AE%B6%E5%AF%BC%E8%88%AA HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dxca3sx9.buzz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3$ 103.235.46.191 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: private, max-age=0, no-cache Content-Length: 43 Date: Sun, 26 Jun 2022 04:23:50 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=55BE1A98ED9E7941; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda