Overview

URL dxoo66.xyz/
IP23.224.110.70
ASNCNSERVERS
Location United States
Report completed2022-06-26 04:23:59 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-26 2 dxoo66.xyz/ Malware
2022-06-26 2 dxoo66.xyz/Tpl/cl/facai/js/to9.js?1 Malware
2022-06-26 2 dxoo66.xyz/Tpl/cl/facai/js/def.js?711 Malware
2022-06-26 2 dxoo66.xyz/Tpl/cl/facai/js/fun.js?1 Malware
2022-06-26 2 dxoo66.xyz/Tpl/cl/facai/js/mobile.js?1 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-06-26 2 dxca3sx9.buzz Sinkholed
2022-06-26 2 dxca3sx9.buzz Sinkholed
2022-06-26 2 dxca3sx9.buzz Sinkholed
2022-06-26 2 dxca3sx9.buzz Sinkholed
2022-06-26 2 dxca3sx9.buzz Sinkholed
2022-06-26 2 dxca3sx9.buzz Sinkholed
2022-06-26 2 dxca3sx9.buzz Sinkholed
2022-06-26 2 dxca3sx9.buzz Sinkholed


Files

No files detected



Passive DNS (14)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-25 05:08:04 UTC 35.160.82.219
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-25 10:33:58 UTC 34.120.237.76
[Mnemonic Passive DNS] ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-06-25 05:03:05 UTC 104.18.21.226
[Mnemonic Passive DNS] mc.yandex.ru (3) 2672 2017-01-29 05:34:36 UTC 2022-06-25 21:17:28 UTC 77.88.21.119
[Mnemonic Passive DNS] dxoo66.xyz (10) 0 No data No data 23.224.110.70 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-25 20:40:55 UTC 93.184.220.29
[Mnemonic Passive DNS] ocsp.dcocsp.cn (6) 33518 2018-11-07 13:15:36 UTC 2022-06-25 20:28:09 UTC 47.246.44.225
[Mnemonic Passive DNS] dxca3sx9.buzz (8) 0 No data No data 23.224.110.71 Unknown ranking
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-06-25 05:00:24 UTC 23.36.76.226
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-25 05:05:57 UTC 54.230.111.64
[Mnemonic Passive DNS] cdn.staticfile.org (3) 46426 2013-08-23 08:51:19 UTC 2022-06-26 01:18:18 UTC 47.246.44.211
[Mnemonic Passive DNS] hm.baidu.com (1) 8254 2017-01-30 05:28:59 UTC 2022-06-25 13:47:20 UTC 103.235.46.191


Recent reports on same IP/ASN/Domain

No other reports on IP: 23.224.110.70


Last 10 reports on ASN: CNSERVERS

Date UQ / IDS / BL URL IP
2022-08-19 22:14:13 +0000
0 - 0 - 1 x483659.com/ 154.84.5.165
2022-08-19 21:19:42 +0000
0 - 0 - 1 x483659.com/ 154.84.5.164
2022-08-19 12:36:51 +0000
0 - 0 - 1 xdxym.xyz/ 198.16.51.13
2022-08-18 18:42:53 +0000
0 - 0 - 2 htc888.com/ 162.209.204.155
2022-08-18 05:23:24 +0000
0 - 0 - 3 35mw.cc/ 38.143.11.102
2022-08-18 01:34:57 +0000
0 - 0 - 2 tronchain.top/ 154.88.7.27
2022-08-17 18:06:42 +0000
0 - 0 - 2 wjjpmzbuhs1802.top/ 172.247.175.2
2022-08-16 17:56:41 +0000
0 - 0 - 1 libiaode.com/ 23.224.201.198
2022-08-16 03:58:07 +0000
0 - 0 - 2 visit.bbbmwe.com/Admin/UrlCallbacks/commonLin (...) 185.186.146.32
2022-08-15 15:05:24 +0000
0 - 0 - 3 78m302ad.buzz/ 23.224.173.139

No other reports on domain: dxoo66.xyz



JavaScript

Executed Scripts (19)


Executed Evals (10)

#1 JavaScript::Eval (size: 911, repeated: 1) - SHA256: 7179c568dd107256ca7569279673054fb6114a477872e25c7b50bf42fc34d166

                                        var t_urls = ["dxo0u49u.buzz", "dxsf2zj6.buzz", "dxdh0m5t.buzz", "dx72ecpd.buzz", "dxwjvxzg.buzz", "dxqfp5mh.buzz", "dxpswvpc.buzz", "dx5safkb.buzz", "dx7agnbx.buzz", "dxerjw2f.buzz", "dx65ko9o.buzz", "dx4rnofv.buzz", "dx6jv2on.buzz", "dx4v3465.buzz", "dxgt5tc9.buzz", "dxeagnab.buzz", "dxx17p3k.buzz", "dxbpzjl8.buzz", "dxokt0zx.buzz", "dxzojlme.buzz", "dxvljgvj.buzz", "dx8juj2h.buzz", "dx69y6p3.buzz", "dxvupghw.buzz", "dxn0049t.buzz", "dxegeohm.buzz", "dx087ji7.buzz", "dxsn3c7n.buzz", "dxn2w5fo.buzz", "dxca3sx9.buzz", "dxzer6g9.buzz", "dx97hsh5.buzz", "dx2qb8vv.buzz", "dxogui0y.buzz", "dxbrnb8t.buzz", "dxyngmhh.buzz", "dx04xjfl.buzz", "dxvtir76.buzz"];
var t_from = new Date(2022, 5, 11, 15).getTime();
var t_seed = 2;
var t_days = Math.floor(((new Date().getTime() - t_from) * t_seed) / 86400000);
var c_url = t_urls[t_days];
if (c_url == undefined) c_url = t_urls[t_urls.length - 1];
if (window.location.host.toLowerCase().indexOf(c_url) < 0) {
    location.href = "https://" + c_url
}
                                    

#2 JavaScript::Eval (size: 7, repeated: 1) - SHA256: 34b3ae893e4c1f4f28be69992357bffa00b34e46c4124b4d4120aa16ddd1e401

                                        qy = eval
                                    

#3 JavaScript::Eval (size: 62, repeated: 1) - SHA256: 57486df7568344dd156563d9e56653e19de8ad9bba93d1ad9491ee671dd0cd80

                                        for (af = 4;; af++) {
    if (af > 54) break;
    ee[af] = (ee[af] - ee[af + 1]) & 0xff;
}
                                    

#4 JavaScript::Eval (size: 15, repeated: 1) - SHA256: b3f2a921482ab5cc87719b307127016c664b38d3eff973364823a07d861fe8bf

                                        af = eval;
af(fe);
                                    

#5 JavaScript::Eval (size: 55, repeated: 1) - SHA256: d3e8a896d76ccd7ae42f55be6e287d8c25acd9e9e4383d132f9002bc785ea096

                                        qy = 4;
while (qy <= 49) {
    oy[qy] = (oy[qy] - oy[qy + 1]) & 0xff;
    qy++;
}
                                    

#6 JavaScript::Eval (size: 63, repeated: 1) - SHA256: 0b251b10f26daeb3e8aea46818ebf4c4a4a8a8c395379af0489fa0f3f7ec136d

                                        af = 55;
for (;; af--) {
    if (af < 2) break;
    ee[af] = (ee[af] - ee[af - 1]) & 0xff;
}
                                    

#7 JavaScript::Eval (size: 49, repeated: 1) - SHA256: d5e89de17f8f7716b9c41fda04c4da24365c2dadd4545c250feb476bfbf01c03

                                        window.open(ce + "qxc=5k6po2&cazytg=mk" + de, "_self")
                                    

#8 JavaScript::Eval (size: 62, repeated: 1) - SHA256: eac0ae1fed9b4ec21ad1f971d2dd36714bc3f3b2fa46363599ff5d59d9a38d77

                                        qy = 4;
for (; qy <= 51; qy++) {
    oy[qy] = (-(((-oy[qy]) & 0xff) ^ 128)) & 0xff;
}
                                    

#9 JavaScript::Eval (size: 44, repeated: 1) - SHA256: 37e02068f8515c9df535608c283989a8e96f6b7d559284b8e409878fa6654321

                                        window.open(my + "/?tknqxc=5k6po2" + ny, "_self")
                                    

#10 JavaScript::Eval (size: 383, repeated: 1) - SHA256: 84a5b719881496539928e5977eb6b57de871343681bfc45dbc9b6b1c4621c059

                                        var isVivo = /(VivoBrowser)/i.test(navigator.userAgent);
if (isVivo) {
    var clkForVivo = function(b, a) {
            $(b).each(function(c) {
                $(this).click(function(d) {
                    location.href = a[c]
                });
                a.push($(this).attr("href"));
                $(this).attr("href", "#")
            })
        },
        top_hrefs = [],
        tag_hrefs = [],
        swiper_hrefs = [];
    clkForVivo($(".nav a"), top_hrefs);
    clkForVivo($(".rm_bq a"), tag_hrefs);
    clkForVivo($(".swiper_container a"), swiper_hrefs)
};
                                    

Executed Writes (9)

#1 JavaScript::Write (size: 848, repeated: 1) - SHA256: 357dcab4240676a1368f36495ca92353828a22174590806eb1487dbad4e87647

                                        < div class = "container x_ban banner_1" >
    < div align = "center" >
    < a href = "https://39409988.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/1191.gif" > < /a><br/ >
    < a href = "https://39273746.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/8.8.7892.gif" > < /a><br/ >
    < a href = "https://52887542.com/?channelCode=dx1"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/4.6.1.gif" > < /a><br/ >
    < a href = "https://42454706.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/aloigjh.gif" > < /a><br/ >
    < a href = "https://39337252.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/dx9.8/4.gif" > < /a> < /div> < /div>
                                    

#2 JavaScript::Write (size: 255, repeated: 1) - SHA256: e83a58ea80d1a9e1374c6fba45f15acd878a1ff68c15b8390abbaa7c1b63416d

                                        < a href = "/h/1" > 'F</a>| <a href="/h/2">�</a>| <a href="/h/3">	</a>| <a href="/h/4">-W</a>| <a href="/h/5">	�</a>|<a href="/h/5">'� < /a>|<a href="/h / 5 ">�+</a>|<a href=" / n / 130 ">�G</a>|<a href=" / n / 131 ">�</a>|<a href=" / ">T��dxdz@mail.com</a>
                                    

#3 JavaScript::Write (size: 151, repeated: 1) - SHA256: ed5aadbcf18f01276ca48e0c7b25d220e171e89875456bb2f80df3722019f671

                                        < div id = "iphone-tip"
class = "favortip" > < p > < img src = "/images/iphone.png"
style = 'width: 100%;' / > < span class = "close"
class = "close" > X s� < /span></p > < /div>
                                    

#4 JavaScript::Write (size: 299, repeated: 1) - SHA256: b4603c4fbcb48ffca768542c0340f9eb179fb63506d27d30842d4268734f4f11

                                        < ul > < li > < a href = "/h/1" > ���� < /a></li > < li > < a href = "/h/2" > �Ƒ < /a></li > < li > < a href = "/h/3" > Ƒ < /a></li > < li > < a href = "/h/4" > -�WU < /a></li > < li > < a href = "/h/5" > ��� < /a></li > < li > < a href = "/h/6" > '���</a></li><li><a href="/h/7">�,�+</a></li><li><a href="/n/130">�s�G</a></li></ul>
                                    

#5 JavaScript::Write (size: 455, repeated: 1) - SHA256: 7ea4425966fe5f1e54540f167a11f61e1f81b4a06ef2189bfb50f8330722c55d

                                        < ul > < li > < a href = "https://mgn3xnk3.buzz/"
target = "_blank" > �Ƒ < /a></li >
    < li > < a href = 'https://60152251.com/?channelCode=dx5'
target = "_blank"
onclick = "ym(85791916,'reachGoal','aclk')"
style = 'color:red' > �sr� < /a></li >
    < li > < a href = 'https://39401761.com:9999'
target = "_blank"
onclick = "ym(85791916,'reachGoal','aclk')" > 'w�</a></li> < li > < a href = 'https://39401761.com:9999'
target = "_blank"
onclick = "ym(85791916,'reachGoal','aclk')" > ��i� < /a></li > < /ul>
                                    

#6 JavaScript::Write (size: 213, repeated: 1) - SHA256: 7d3a66990c277526e627aef91e4a4d03197105f3750b4d8cd2a54cf07243f621

                                        ~�0@����� dxdz@ mail.com < br / > < a href = "http://dxdz22.club"
style = "color:#0f7884;animation: neon1 1s ease-in-out infinite alternate;"
target = "_blank" > , ��8� b���Ź��� 6�, ��u < /a>
                                    

#7 JavaScript::Write (size: 693, repeated: 1) - SHA256: fa0f02dfbb31d559f7b4c2094df6eff7f94632ed33fcf83027d67fbdbdca80d0

                                        < div class = "container x_ban banner_1" >
    < div align = "center" >
    < a href = "https://39409988.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/1191.gif" > < /a><br/ >
    < a href = "https://52887542.com/?channelCode=dx1"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/4.6.1.gif" > < /a><br/ >
    < a href = "https://42524014.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/aloigjh.gif" > < /a><br/ >
    < a href = "https://39273746.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/8.8.7892.gif" > < /a> < /div> < /div>
                                    

#8 JavaScript::Write (size: 846, repeated: 1) - SHA256: 52fbea36aa0b30e0c189b24f99cf7f437902bc3bc10f51f6ac43834f100c6319

                                        < div class = "container x_ban banner_1" >
    < div align = "center" >
    < a href = "https://39337252.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/dx9.8/4.gif" > < /a><br/ >
    < a href = "https://52887542.com/?channelCode=dx1"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/4.6.1.gif" > < /a><br/ >
    < a href = "https://42856383.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/aklufht.gif" > < /a><br/ >
    < a href = "https://39273746.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/8.8.7892.gif" > < /a><br/ >
    < a href = "https://39409988.com:9999"
onclick = "ym(85791916,'reachGoal','aclk')"
target = "_blank" > < img src = "https://39881354.com:58080/1191.gif" > < /a> < /div> < /div>
                                    

#9 JavaScript::Write (size: 153, repeated: 1) - SHA256: c10922d153773660a8f869b54b75e2717d7eb43663876b3bb5f729bb5fccc217

                                        < div id = "android-tip"
class = "favortip" > < p > < img src = "/images/android.png"
style = 'width: 100%;' / > < span class = "close"
class = "close" > X s� < /span></p > < /div>
                                    


HTTP Transactions (51)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 26 Jun 2022 03:45:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xm9oSNq_L8Y2My7hj4SsiSt016mljEwZ2dPwDRvSP0k5pJtVw67hHw==
Age: 2266


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B2CEB864B9C1A231269357C6D1FFC192D76116996A5363EE4A1B4B149AAD447A"
Last-Modified: Fri, 24 Jun 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2444
Expires: Sun, 26 Jun 2022 05:04:28 GMT
Date: Sun, 26 Jun 2022 04:23:44 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 26 Jun 2022 02:10:54 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fu87SZ1GpSCniXzyWCmCmbSWbInKhhL_ZEwz3UMTEMfRm0VwV-k6aQ==
age: 7971
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET / HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.224.110.70
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 842
Pragma: no-cache
Cache-control: no-store


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (842), with no line terminators
Size:   842
Md5:    38d873a5fa22007468791dfef886e344
Sha1:   248cd4985a2cd8103789d8b0f126408820953621
Sha256: fe286450abaea84e1ec06e67cd90a3788fdbfb282e9779c4e7644f1980daaf99

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 26 Jun 2022 04:04:35 GMT
Cache-Control: max-age=3600
Expires: Sun, 26 Jun 2022 04:13:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1kI0dyT1SAxC6yMVG5Q7DqaYGDfdu9G4zrwyWTDOLpddpDdOLP97Mg==
Age: 3114


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/

                                         
                                         23.224.110.70
HTTP/1.1 307 Temporary Redirect
                                        
Location: /favicon.ico
Connection: Close


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (899), with no line terminators
Size:   899
Md5:    ef359d3b2273955625935f878c6cb951
Sha1:   f48a4ee4c0ece5464476f9386d29edd88de6d259
Sha256: 8b9117c5cd1078993b76761237be20856fae19ddc69eb2ddb84dc0d73c21ee2b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2758
Cache-Control: 'max-age=158059'
Date: Sun, 26 Jun 2022 04:23:45 GMT
Last-Modified: Sun, 26 Jun 2022 03:37:47 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7+V13gcn/UO/Xke6zL1uFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.160.82.219
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kRQEVxveHcNmVL8HPbzePZVY6zM=

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/?tknqxc=5k6po2

                                         
                                         23.224.110.70
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:23:45 GMT
Content-Length: 4286
Last-Modified: Tue, 30 Mar 2021 06:21:43 GMT
Connection: keep-alive
ETag: "6062c377-10be"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    00b733d44ba3a3c1881908bba41bc2eb
Sha1:   8a136fb04c86656211fe80137711ac68d605725b
Sha256: 4cd2c8b3ba5fe32e8fb256f7a5c71df5ca0ccd8cda698d6251a921cad89a3d99
                                        
                                            GET /?tknqxc=5k6po2&cazytg=mklcd3 HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/?tknqxc=5k6po2
Upgrade-Insecure-Requests: 1

                                         
                                         23.224.110.70
HTTP/1.1 307 Temporary Redirect
                                        
Location: /?tknqxc=5k6po2&cazytg=mklcd3
Connection: Close


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   3500
Md5:    d99ec1c5b2ea7566419251471cf74179
Sha1:   ea21c566da5560c1af63782b68ecac684673b59f
Sha256: c953c8bed137d70138858f61762b7a26c3a46861e211333181a5cb5863423d07
                                        
                                            GET /Tpl/cl/facai/css/style.css HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3

                                         
                                         23.224.110.70
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:23:45 GMT
Last-Modified: Thu, 24 Jun 2021 09:40:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60d452f2-3af4"
Expires: Sun, 26 Jun 2022 16:23:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (15092), with no line terminators
Size:   3586
Md5:    6e59efbd5dcc039313b6aceded0616f8
Sha1:   7307e22c851f2678d13ba08119c3f7adae8b930b
Sha256: 0c577bb8613f67dd6175b871c2a45f7c1dde20b63a7e172c59ca89f423226b76
                                        
                                            GET /Tpl/cl/facai/css/global.css HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3

                                         
                                         23.224.110.70
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:23:45 GMT
Last-Modified: Wed, 02 Jun 2021 09:00:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b74892-21d5"
Expires: Sun, 26 Jun 2022 16:23:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (8661), with no line terminators
Size:   2624
Md5:    6c640a831d1e4cbfda1d5293ab31a070
Sha1:   363459b92ec06f27beb4ea4ee76ce38f4c7be2b2
Sha256: 412c6d1e0c18bdfc6bf87bd7ca6a2172eb469c856a83a1705455680a55e17a2c
                                        
                                            GET /Tpl/cl/facai/js/to9.js?1 HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3

                                         
                                         23.224.110.70
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:23:45 GMT
Last-Modified: Thu, 23 Jun 2022 15:00:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62b47ff1-4be"
Expires: Sun, 26 Jun 2022 16:23:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1214), with no line terminators
Size:   780
Md5:    d6ccef32b8594b965337cb67ed07de9e
Sha1:   5943f4cd05eff26b2f9f873527be9b6e10de28c3
Sha256: 873a4c633cd8af4b485d563892b07bfe110fc935d819c1e130141616d11bc4ff

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /Tpl/cl/facai/js/def.js?711 HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3

                                         
                                         23.224.110.70
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:23:45 GMT
Last-Modified: Sat, 25 Jun 2022 09:20:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62b6d341-194a"
Expires: Sun, 26 Jun 2022 16:23:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   2012
Md5:    ca6dfeaadbf4dba4b139ba5b80cc4c95
Sha1:   789ee19f3ce5348d8afc6062997614acb8cff3f4
Sha256: 99e4b9d9822707754cb4ac49ccd89986b4a7c428643d78faad1040d208ed2976

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /Tpl/cl/facai/js/fun.js?1 HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3

                                         
                                         23.224.110.70
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:23:45 GMT
Last-Modified: Sat, 25 Jun 2022 09:20:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62b6d341-11eb"
Expires: Sun, 26 Jun 2022 16:23:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (630), with CRLF line terminators
Size:   2062
Md5:    4148ecce1372ca6d00d124e6d72ff1ef
Sha1:   1666bebcf753a7f6ce11b05885e7608260ae1f80
Sha256: 749a8363c85e97e56e9fbd23d3c35f025becd08be8b4b95c447060c801cfea6a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /Tpl/cl/facai/js/mobile.js?1 HTTP/1.1 
Host: dxoo66.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dxoo66.xyz/?tknqxc=5k6po2&cazytg=mklcd3

                                         
                                         23.224.110.70
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:23:45 GMT
Last-Modified: Wed, 21 Apr 2021 08:20:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"607fe031-875"
Expires: Sun, 26 Jun 2022 16:23:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   846
Md5:    0f9c281973ae4dae89499230914fe9e9
Sha1:   fe5d3e146726c064d14f3ba6d2a979c14bf0ac58
Sha256: 103e3b33cafa6f097c4e8b4ba764ede9f09479fb612646bd0d39a871352f436e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.dcocsp.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Sun, 26 Jun 2022 04:11:03 GMT
Ali-Swift-Global-Savetime: 1656216663
Via: cache21.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[1,0]
Age: 763
X-Cache: HIT TCP_MEM_HIT dirn:6:234744640
X-Swift-SaveTime: Sun, 26 Jun 2022 04:12:06 GMT
X-Swift-CacheTime: 3537
Timing-Allow-Origin: *
EagleId: 2ff62c9616562174262313709e

                                        
                                            POST / HTTP/1.1 
Host: ocsp.dcocsp.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Sun, 26 Jun 2022 04:11:03 GMT
Ali-Swift-Global-Savetime: 1656216663
Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[22,21,200-0,M], cache8.se1[23,0]
Age: 763
X-Cache: MISS TCP_REFRESH_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT
X-Swift-CacheTime: 2837
Timing-Allow-Origin: *
EagleId: 2ff62c9c16562174262321756e

                                        
                                            POST / HTTP/1.1 
Host: ocsp.dcocsp.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Sun, 26 Jun 2022 04:11:03 GMT
Ali-Swift-Global-Savetime: 1656216663
Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[22,21,200-0,C], cache8.se1[22,0]
Age: 763
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT
X-Swift-CacheTime: 2837
Timing-Allow-Origin: *
EagleId: 2ff62c9c16562174262331757e

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9AA877408591F45A57E1500AA48800D9000079D802C5165B60CB0FAEA6271D23"
Last-Modified: Thu, 23 Jun 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21593
Expires: Sun, 26 Jun 2022 10:23:39 GMT
Date: Sun, 26 Jun 2022 04:23:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14401
Expires: Sun, 26 Jun 2022 08:23:47 GMT
Date: Sun, 26 Jun 2022 04:23:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14401
Expires: Sun, 26 Jun 2022 08:23:47 GMT
Date: Sun, 26 Jun 2022 04:23:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14401
Expires: Sun, 26 Jun 2022 08:23:47 GMT
Date: Sun, 26 Jun 2022 04:23:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14401
Expires: Sun, 26 Jun 2022 08:23:47 GMT
Date: Sun, 26 Jun 2022 04:23:46 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b0ee740-4328-49dd-9720-d9dace8825da.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9802
x-amzn-requestid: 19934ef1-46e6-4ad5-8763-188d129554af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTC42Eo7oAMFZNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b77e9e-3ff575667599c13c28850149;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: lG4ieDoRomBT5h3opsUNKZRdlFzfqd48LtOU7Uhbt4iya6c_USyq_g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Jun 2022 21:56:46 GMT
etag: "fc8b0060534b2be4ad7feb743faac01a901833c5"
content-type: image/jpeg
age: 23220
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9802
Md5:    1fcf1924aacdc3bb8f8866e933cdcebd
Sha1:   fc8b0060534b2be4ad7feb743faac01a901833c5
Sha256: 930356a728210d8ff3eeee4e5de206b45faf6eb8f1d019c4dfb7b5d6856d4603
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be9300c-078e-4144-97d1-66404ae8a421.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9333
x-amzn-requestid: 3328c7d3-2281-4aab-ad6f-d4c5fcef0015
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TycnzGxGIAMFxAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62aa7498-7221500c66e9f6f277f46b5e;Sampled=0
x-amzn-remapped-date: Thu, 16 Jun 2022 00:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pY8lMpenUUg1a8DveekBckp7a5sVe0uethM8C8T0Y33okZfJn9CPiw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Jun 2022 01:13:13 GMT
age: 11433
etag: "15d8a2eed57ca34447101b4375deebdbf3d1d42d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9333
Md5:    e2e6a2c176d5fe91201e8e0aed4ea480
Sha1:   15d8a2eed57ca34447101b4375deebdbf3d1d42d
Sha256: 71ff76b27bec49293c76706a852109414a5dc1307996adcaa9ccad149939abb3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fc97984-e417-4488-b42b-8616b0aed701.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6996
x-amzn-requestid: 2c7d1949-f3a6-4775-8fde-f54beb6d15b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTZMAEJWoAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b7a24c-66f9ebdf7afa3eb833e0d4d9;Sampled=0
x-amzn-remapped-date: Sun, 26 Jun 2022 00:03:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Y6vQpjOkKAFqnsNht0IrYDjMGZV61pu8dIev08c9EDP-iCuqvom8Kw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Jun 2022 00:23:12 GMT
age: 14434
etag: "e05b201ac00410eb4eef50a97a90c384b6ec1ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6996
Md5:    4c594aed88673de434d2d3d3f03cb889
Sha1:   e05b201ac00410eb4eef50a97a90c384b6ec1ae3
Sha256: fbd980441f4c7f324c98d9c37f46226d6529efe2390d95190cfc053d46c2dc30
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F078fb16a-ed33-4dc3-8f0d-fa2af1b1a290.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11483
x-amzn-requestid: 31728949-c166-4867-b377-2d9ac07fb6e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTDsuEZdoAMFWIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b77fea-0ba36d817950cc271cc3e3dc;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 21:36:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -TUpVxLspf9nL6sVtRnSSKCKJLkik7UM85tJ47P7QnTBhXSOCFDttQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Jun 2022 21:42:44 GMT
etag: "53b0cb739723cc34657019cde118b003970cbb86"
content-type: image/jpeg
age: 24062
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11483
Md5:    1e0d05753e633912c3b1d61427a2384e
Sha1:   53b0cb739723cc34657019cde118b003970cbb86
Sha256: f84afe24d5c52db107a9767c445709223d112ff7adccf296e0e2d79899f73310
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ff72090-4b18-499c-8212-e2f1af088e7f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10673
x-amzn-requestid: a4275eb6-556e-46b0-8d78-c8091771c4fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTDEcGbJoAMF9pQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b77ee9-65e9ac0176485ba22dba5fee;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 21:32:25 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LVfoyw2X-Mm3TxA9cUSsS6SEkdFV1OLC1rkgsdpL4GeP_EfY43LJDA==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Jun 2022 21:42:44 GMT
etag: "37d9509385a934940a54d80c78efaffcb62dcdaa"
content-type: image/jpeg
age: 24062
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10673
Md5:    b6c9dfeb2b4564b316e05bcb5043bb61
Sha1:   37d9509385a934940a54d80c78efaffcb62dcdaa
Sha256: ff2b53150eb96b296b1581fc3e27c05b523bf00b2ebb13f9798b25831dd3f55f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad0e66ab-2eff-4b07-97d4-8aef2204d2e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8532
x-amzn-requestid: 9b0563f7-5fd3-43da-a797-27eb920fa991
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTaUMH3dIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b7a41a-619921a50891057a26b9152b;Sampled=0
x-amzn-remapped-date: Sun, 26 Jun 2022 00:11:06 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ptVEdOZi80qs7Q6vdcl9vI6UMfVRcILdl7hRKnGEtTbtNrHoXTGVyQ==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Jun 2022 00:24:19 GMT
age: 14367
etag: "9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8532
Md5:    30b326f3c723aedd3fb906437551f1fd
Sha1:   9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea
Sha256: a498f7da0e1349370b0ad28d0d2690977201f201f55715f52c7086e874470f5b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.dcocsp.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Sun, 26 Jun 2022 04:11:03 GMT
Ali-Swift-Global-Savetime: 1656216663
Via: cache21.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[1,0]
Age: 764
X-Cache: HIT TCP_MEM_HIT dirn:6:234744640
X-Swift-SaveTime: Sun, 26 Jun 2022 04:12:06 GMT
X-Swift-CacheTime: 3537
Timing-Allow-Origin: *
EagleId: 2ff62c9616562174270294092e

                                        
                                            POST / HTTP/1.1 
Host: ocsp.dcocsp.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Sun, 26 Jun 2022 04:11:03 GMT
Ali-Swift-Global-Savetime: 1656216663
Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
Age: 764
X-Cache: HIT TCP_MEM_HIT dirn:1:380112504
X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT
X-Swift-CacheTime: 2837
Timing-Allow-Origin: *
EagleId: 2ff62c9c16562174270352173e

                                        
                                            POST / HTTP/1.1 
Host: ocsp.dcocsp.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Sun, 26 Jun 2022 04:11:03 GMT
Ali-Swift-Global-Savetime: 1656216663
Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
Age: 764
X-Cache: HIT TCP_MEM_HIT dirn:1:380112504
X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:46 GMT
X-Swift-CacheTime: 2837
Timing-Allow-Origin: *
EagleId: 2ff62c9c16562174270422179e

                                        
                                            GET /jquery/1.9.1/jquery.min.js HTTP/1.1 
Host: cdn.staticfile.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 33048
Connection: keep-alive
Date: Sat, 25 Jun 2022 13:03:26 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "Fq5J5WmZ2CgCcnRV8LqDtjrNkKIr.gz"
Vary: Accept-Encoding
X-Reqid: hO0AAADNqYTA3vsW
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1656162206
Via: cache19.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache4.se1[0,0,200-0,H], cache2.se1[1,0]
Content-Encoding: gzip
Age: 55221
X-Cache: HIT TCP_MEM_HIT dirn:4:394332311
X-Swift-SaveTime: Sat, 25 Jun 2022 13:05:52 GMT
X-Swift-CacheTime: 86254
Timing-Allow-Origin: *
EagleId: 2ff62c9616562174270444099e


--- Additional Info ---
Magic:  ASCII text, with very long lines (32089)
Size:   33048
Md5:    b62f98af3e87ce6dd2086c675d2fedb4
Sha1:   8033663932da0f119c58375535965f9214e62d3a
Sha256: 2ba720376dfe19ee7b312d867f790ab7284f8a1b7d43701aef5742cad7894904
                                        
                                            GET /jquery.lazyload/1.8.3/jquery.lazyload.min.js HTTP/1.1 
Host: cdn.staticfile.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 1148
Connection: keep-alive
Date: Sun, 26 Jun 2022 03:55:50 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "Fj3Kk5kHuM1dBuxAyD_kKbxqbuOZ.gz"
Vary: Accept-Encoding
X-Reqid: ClsAAAA8PR1zD_wW
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
X-M-Log: QNM:xs474;QNM3/304
X-M-Reqid: FzMAABC8Qzpy9lMW
X-Qnm-Cache: Hit
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.lazyload.min.js"; filename*=utf-8' 'jquery.lazyload.min.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:24:37 GMT
Ali-Swift-Global-Savetime: 1656215750
Via: cache20.l2de2[0,0,304-0,H], cache19.l2de2[1,0], cache2.se1[90,89,200-0,H], cache3.se1[91,0]
Content-Encoding: gzip
Age: 1677
X-Cache: HIT TCP_REFRESH_HIT dirn:11:38030415
X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:47 GMT
X-Swift-CacheTime: 84723
Timing-Allow-Origin: *
EagleId: 2ff62c9716562174270551741e


--- Additional Info ---
Magic:  ASCII text, with very long lines (2913)
Size:   1148
Md5:    b98e3196b379e11f887f4d0c9bd096a9
Sha1:   2369455e72b6147adb449ccf8661a17f09634a06
Sha256: c2e6df40dbf5a47d286afb63f81fae5cb569db478c4dec5f3385492689d52abd
                                        
                                            GET /Swiper/5.2.1/js/swiper.min.js HTTP/1.1 
Host: cdn.staticfile.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.211
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: Tengine
Content-Length: 35314
Connection: keep-alive
Date: Sun, 26 Jun 2022 04:00:10 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FumVdqBRPRwd_E6HMP9q10YJ66j0.gz"
Vary: Accept-Encoding
X-Reqid: IRkAAADvGL-vD_wW
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="swiper.min.js"; filename*=utf-8''swiper.min.js
Content-Md5: zV6QI5Z6DNF6djPJqsp0ig==
Content-Transfer-Encoding: binary
Last-Modified: Mon, 10 Aug 2020 04:12:19 GMT
Ali-Swift-Global-Savetime: 1656216010
Via: cache20.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache2.se1[89,89,200-0,H], cache1.se1[91,0]
X-M-Log: QNM:xs470;QNM3:1/304
X-M-Reqid: HBMAACZJCYMs5K0W
X-Qnm-Cache: Hit
Content-Encoding: gzip
Age: 1417
X-Cache: HIT TCP_REFRESH_HIT dirn:3:28130648
X-Swift-SaveTime: Sun, 26 Jun 2022 04:23:47 GMT
X-Swift-CacheTime: 84983
Timing-Allow-Origin: *
EagleId: 2ff62c9516562174270478741e


--- Additional Info ---
Magic:  ASCII text, with very long lines (65280)
Size:   35314
Md5:    f72728d0d7bc63f899391502e9fbe6cd
Sha1:   b57bed3a1b0120f6a222632a3b4e98ed16042e09
Sha256: 479ec48a03db723b9055613bc6f353c0bf4ade4c54bf519978d0d935c1dfe999
                                        
                                            GET /images/dxblank.png HTTP/1.1 
Host: dxca3sx9.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.224.110.71
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:46 GMT
content-type: image/png
content-length: 4968
last-modified: Tue, 30 Mar 2021 06:21:43 GMT
etag: "6062c377-1368"
expires: Tue, 26 Jul 2022 04:23:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size:   4968
Md5:    93b08aba8d55e05345a85f2725bd74ac
Sha1:   43230d7623c7b82bb78161dd3966f0efa59b0050
Sha256: bc277cdcb703f22c5c0d47ca62ea68583b12412d267abeb9b7bacfd55955dd7d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /images/zuzb.png HTTP/1.1 
Host: dxca3sx9.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.224.110.71
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:47 GMT
content-type: image/png
content-length: 6731
last-modified: Wed, 09 Jun 2021 15:30:01 GMT
etag: "60c0de79-1a4b"
expires: Tue, 26 Jul 2022 04:23:47 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Size:   6731
Md5:    0afd4268a4c21b29f65f4aef89bf8959
Sha1:   1e969e1cef38d74fbf1349f44e0ae429b407e4a2
Sha256: 1cf36095c6f52b900381fa323be9bd0cd99c608b0979d95d922d84899e672ebc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /images/kdqp.jpg HTTP/1.1 
Host: dxca3sx9.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.224.110.71
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:47 GMT
content-type: image/jpeg
content-length: 15469
last-modified: Fri, 20 Aug 2021 12:40:01 GMT
etag: "611fa2a1-3c6d"
expires: Tue, 26 Jul 2022 04:23:47 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Picasa], progressive, precision 8, 256x256, components 3\012- data
Size:   15469
Md5:    e880ac75ba877b981a5127d2875de34a
Sha1:   9b9340c773d86e139d8a42cdff9fb3b9471666eb
Sha256: 68bd6c4b7c39a14e614c7cfc619b65f371c4cbc4d4dbe65c97eddef51a9b60c9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /images/fav.png HTTP/1.1 
Host: dxca3sx9.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.224.110.71
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:47 GMT
content-type: image/png
content-length: 5539
last-modified: Wed, 31 Mar 2021 06:50:02 GMT
etag: "60641b9a-15a3"
expires: Tue, 26 Jul 2022 04:23:47 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   5539
Md5:    5c54b66f5f2b3a506ffd416e68d03c96
Sha1:   1e0528f689ecdbe97d9d0dc16c4a12c8782f52d3
Sha256: 93aa6c1119b45e38dbbecf053a9de6584896264b5485f8fa328f9735f3ec8bf7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /Tpl/cl/facai/js/def.js?711 HTTP/1.1 
Host: dxca3sx9.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.224.110.71
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:46 GMT
content-type: application/javascript
last-modified: Sat, 25 Jun 2022 09:20:01 GMT
vary: Accept-Encoding
etag: W/"62b6d341-194a"
expires: Sun, 26 Jun 2022 16:23:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16975
Md5:    dcfa7fe1047816fd4a9d1cdb9f89f9fe
Sha1:   fd20a02e25543f853df7ebd909e3d48a870010a3
Sha256: 8d78893b2d2a4cd5aa4dcb214f1678105ad0f584b42e09dc609a716f03895ff6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /Tpl/cl/facai/js/mobile.js?1 HTTP/1.1 
Host: dxca3sx9.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.224.110.71
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:46 GMT
content-type: application/javascript
last-modified: Wed, 21 Apr 2021 08:20:01 GMT
vary: Accept-Encoding
etag: W/"607fe031-875"
expires: Sun, 26 Jun 2022 16:23:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   33179
Md5:    a45736b0254e8805072054426ff182ef
Sha1:   30145ba569f109f775c056be056243dae687f94e
Sha256: 4598cf0d58ae9365a4520cabe7ff3159a2aab5d0a53fe4065eb8650a516dae89

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 04:23:48 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 30 Jun 2022 01:55:02 GMT
ETag: "49845bd21a4a5b72eaba41dd39a6df12657b53f1"
Last-Modified: Sun, 26 Jun 2022 01:55:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2098
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 72132b71dab8b511-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    3e54f97ed8edd1b0524aab86d7eb4f3b
Sha1:   49845bd21a4a5b72eaba41dd39a6df12657b53f1
Sha256: c65217dc0932bc5df74c70aee6dc476592a389854443267091f91ff66467191e
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 04:23:48 GMT
Content-Length: 940
Connection: keep-alive
Expires: Thu, 30 Jun 2022 03:22:26 GMT
ETag: "589db70e4a7a60463e2ef87aa9840aed3b2b1615"
Last-Modified: Sun, 26 Jun 2022 03:22:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 72132b721aeab511-OSL

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dxca3sx9.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Cookie: showFav=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.224.110.71
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:48 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Tue, 30 Mar 2021 06:21:43 GMT
etag: "6062c377-10be"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    00b733d44ba3a3c1881908bba41bc2eb
Sha1:   8a136fb04c86656211fe80137711ac68d605725b
Sha256: 4cd2c8b3ba5fe32e8fb256f7a5c71df5ca0ccd8cda698d6251a921cad89a3d99

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.88.21.119
HTTP/2 200 OK
                                        
content-length: 71574
date: Sun, 26 Jun 2022 04:23:48 GMT
access-control-allow-origin: *
etag: "62b5603e-11796"
expires: Sun, 26 Jun 2022 05:23:48 GMT
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (724)
Size:   71574
Md5:    84db7368f8dfdd00c69c1c3311646dd6
Sha1:   04c38e40d23b78538024f11898ab73df3f873ea8
Sha256: 3be14de7ae02579d93ea94473d02c74ebe2c0e01abbae2f1f69a81755a9558ca
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
                                        
content-length: 43
date: Sun, 26 Jun 2022 04:23:50 GMT
access-control-allow-origin: *
etag: "62b5603e-2b"
expires: Sun, 26 Jun 2022 05:23:50 GMT
accept-ranges: bytes
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/85791916/1?wmode=7&page-url=https%3A%2F%2Fdxca3sx9.buzz%2F&page-ref=http%3A%2F%2Fdxoo66.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A1258%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A585973535551%3Ahid%3A909874570%3Az%3A0%3Ai%3A20220626042349%3Aet%3A1656217429%3Ac%3A1%3Arn%3A177189209%3Arqn%3A1%3Au%3A1656217429750558707%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656217426190%3Ads%3A20%2C520%2C162%2C4%2C%2C0%2C%2C503%2C17%2C%2C%2C%2C1262%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656217429%3At%3A%E5%A4%A7%E8%B1%A1%E8%A7%86%E9%A2%91_dxdz22.top%E5%9B%9E%E5%AE%B6%E5%AF%BC%E8%88%AA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dxca3sx9.buzz
Referer: https://dxca3sx9.buzz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
                                        
content-length: 311
date: Sun, 26 Jun 2022 04:23:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://dxca3sx9.buzz
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 26-Jun-2022 04:23:50 GMT
last-modified: Sun, 26-Jun-2022 04:23:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (311), with no line terminators
Size:   311
Md5:    954655bde9aa963d1e1bf3ab3acc2a2c
Sha1:   fd5f889e99d8684fe48c13b706b8d983db26b314
Sha256: 7d15884deb41a6e79b7851611f447d7d5472c8967045850748b5ae6a1468fa1a
                                        
                                            GET /Tpl/cl/facai/js/fun.js?1 HTTP/1.1 
Host: dxca3sx9.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.224.110.71
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:23:46 GMT
content-type: application/javascript
last-modified: Sat, 25 Jun 2022 09:20:01 GMT
vary: Accept-Encoding
etag: W/"62b6d341-11eb"
expires: Sun, 26 Jun 2022 16:23:46 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (633), with CRLF, LF line terminators
Size:   13354
Md5:    8aa2a39ad3f722007cae47422929c181
Sha1:   8441cc00cf5e7ccc74ad5678e1514cea0c909edd
Sha256: a8d9de8d9fa264f022c186cc15dbd7cae2cefffd48d86725cc8a3952de5247a2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=66278303&si=5e6af107115f0560259fb62a984483bd&su=http%3A%2F%2Fdxoo66.xyz%2F&v=1.2.94&lv=1&sn=16910&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fdxca3sx9.buzz%2F&tt=%E5%A4%A7%E8%B1%A1%E8%A7%86%E9%A2%91_dxdz22.top%E5%9B%9E%E5%AE%B6%E5%AF%BC%E8%88%AA HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dxca3sx9.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 26 Jun 2022 04:23:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=55BE1A98ED9E7941; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda