urlquery - report: 699349.com/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
imgs.mygai.cn (13)	0	2019-03-20 22:42:34 UTC	2019-03-30 16:56:15 UTC	107.148.135.221	Unknown ranking
r3.o.lencr.org (5)	344	No data	No data	23.36.77.32
code.jquery.com (1)	634	2012-05-21 17:28:02 UTC	2020-04-21 12:46:20 UTC	69.16.175.42
js.szly123.com (4)	0	No data	No data	18.166.84.185	Unknown ranking
imgs.meizhiban.cn (2)	0	No data	No data	107.148.135.218	Unknown ranking
290997a.com (1)	0	2022-05-11 07:39:49 UTC	2022-11-04 07:00:59 UTC	43.198.33.164	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
js.users.51.la (2)	53024	2012-05-30 15:10:11 UTC	2022-08-20 01:24:32 UTC	103.143.19.103
669925a.com (6)	0	2022-05-13 07:30:38 UTC	2022-11-10 16:25:53 UTC	18.166.84.185	Unknown ranking
www.669925a.com (2)	0	No data	No data	16.162.201.20	Unknown ranking
ia.51.la (1)	59607	2017-10-31 08:01:51 UTC	2020-05-01 02:41:03 UTC	103.143.19.103
www.290996a.com (6)	0	No data	No data	18.166.84.185	Unknown ranking
www.775592.com (1)	0	No data	No data	43.198.33.164	Unknown ranking
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.38.139.17
699349.com (51)	0	2015-11-05 08:53:02 UTC	2022-10-26 14:57:39 UTC	16.162.201.20	Unknown ranking
ocsp.globalsign.com (2)	2075	2012-07-20 17:46:16 UTC	2020-05-02 20:58:10 UTC	104.18.20.226
699349.com (51)	0	2015-11-05 08:53:02 UTC	2022-10-26 14:57:39 UTC	43.198.33.164	Unknown ranking
zerossl.ocsp.sectigo.com (20)	4049	No data	No data	172.64.155.188
628866a.com (5)	0	2022-05-12 08:00:17 UTC	2022-10-15 05:26:15 UTC	43.198.33.164	Unknown ranking
sbx2019.com (1)	0	2019-07-20 04:16:51 UTC	2022-10-28 01:59:44 UTC	43.198.33.164	Unknown ranking
905566a.com (2)	0	2021-11-10 09:39:04 UTC	2022-11-03 17:25:55 UTC	43.198.33.164	Unknown ranking
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-12-05 04:09:09 UTC	34.102.187.140
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-05 04:09:48 UTC	34.117.237.239

Scan Date	Severity	Indicator	Comment
2022-12-06	2	699349.com/	Phishing
2022-12-06	2	699349.com/	Phishing
2022-12-06	2	699349.com/bd/xggglf.js	Phishing
2022-12-06	2	699349.com/jsdc/1989.js	Phishing
2022-12-06	2	669925a.com/ktzsx.js	Phishing
2022-12-06	2	669925a.com/tttg.js	Phishing
2022-12-06	2	669925a.com/zybb/xjgsb.js	Phishing
2022-12-06	2	699349.com/js/SuperSlide.js	Phishing
2022-12-06	2	669925a.com/jgp.js	Phishing
2022-12-06	2	699349.com/jsdc/2025.js	Phishing
2022-12-06	2	669925a.com/mhcz.js	Phishing
2022-12-06	2	628866a.com/js/kj-link.js	Phishing
2022-12-06	2	699349.com/mhczjx.js	Phishing
2022-12-06	2	699349.com/bd/tszl.js	Phishing
2022-12-06	2	www.669925a.com/zybb/xjzl.js	Phishing
2022-12-06	2	699349.com/zybb/gsb1.js	Phishing
2022-12-06	2	699349.com/jsdc/1999.js	Phishing
2022-12-06	2	699349.com/zybb/ryzt.js	Phishing
2022-12-06	2	699349.com/zybb/qhzt.js	Phishing
2022-12-06	2	699349.com/bd/wlrt.js	Phishing
2022-12-06	2	699349.com/zybb/5wzt.js	Phishing
2022-12-06	2	699349.com/zybb/yyzt.js	Phishing
2022-12-06	2	699349.com/zybb/dhzt.js	Phishing
2022-12-06	2	699349.com/zybb/ds3x.js	Phishing
2022-12-06	2	699349.com/zybb/nvxzt.js	Phishing
2022-12-06	2	699349.com/jsdc/895cc.js	Phishing
2022-12-06	2	699349.com/zybb/tdzt.js	Phishing
2022-12-06	2	699349.com/zybb/5xzt.js	Phishing
2022-12-06	2	699349.com/jsdc/9898.js	Phishing
2022-12-06	2	699349.com/zybb/ptyx.js	Phishing
2022-12-06	2	699349.com/bd/pttg.js	Phishing
2022-12-06	2	699349.com/zybb/ptyw.js	Phishing
2022-12-06	2	699349.com/zybb/dslx.js	Phishing
2022-12-06	2	699349.com/zybb/24ma.js	Phishing
2022-12-06	2	699349.com/zybb/zyzt.js	Phishing
2022-12-06	2	699349.com/zybb/xdxzt.js	Phishing
2022-12-06	2	699349.com/zybb/gsb2.js	Phishing
2022-12-06	2	699349.com/zybb/4jzt.js	Phishing
2022-12-06	2	699349.com/zybb/hbzt.js	Phishing
2022-12-06	2	699349.com/zybb/ywbzt.js	Phishing
2022-12-06	2	699349.com/zybb/dsbzt.js	Phishing
2022-12-06	2	699349.com/zybb/gongshi.js	Phishing
2022-12-06	2	699349.com/zybb/jmxc.js	Phishing
2022-12-06	2	699349.com/zybb/lbzt.js	Phishing
2022-12-06	2	699349.com/jsdc/49ac.js	Phishing
2022-12-06	2	699349.com/jiuxiaoyima.js	Phishing
2022-12-06	2	699349.com/zybb/gsb3.js	Phishing
2022-12-06	2	699349.com/zybb/3qbc.js	Phishing
2022-12-06	2	699349.com/zybb/dxdzt.js	Phishing
2022-12-06	2	699349.com/bd/tugsb.js	Phishing
2022-12-06	2	699349.com/zybb/jyzt.js	Phishing
2022-12-06	2	699349.com/zybb/caitu.js	Phishing
2022-12-06	2	699349.com/zybb/juesha.js	Phishing
2022-12-06	2	699349.com/bd/amyqlj.js	Phishing
2022-12-06	2	699349.com/bd/axzhzl.js	Phishing
2022-12-06	2	699349.com/js/pub.js	Phishing

Date	UQ / IDS / BL	URL	IP
2022-12-14 15:22:34 +0000	0 - 0 - 35	217575b.com/	18.166.84.185
2022-12-06 10:28:34 +0000	0 - 0 - 35	165252b.com/	18.166.84.185
2022-12-06 02:17:08 +0000	0 - 0 - 56	699349.com/	18.166.84.185
2022-11-22 07:04:58 +0000	0 - 0 - 115	393976.cc/	18.166.84.185

Date	UQ / IDS / BL	URL	IP
2023-02-02 00:32:03 +0000	0 - 0 - 1	win.2023prizes.com/go/f6873315-48ca-4273-9ae4 (...)	3.70.16.242
2023-02-02 00:32:01 +0000	0 - 1 - 0	track.enchantedredirect.com/0b38adad-98b1-4b7 (...)	18.192.108.151
2023-02-02 00:27:18 +0000	0 - 2 - 6	pubg-generator.ml/	3.72.140.173
2023-02-02 00:25:30 +0000	0 - 0 - 2	3.120.74.28/	3.120.74.28
2023-02-02 00:24:09 +0000	0 - 1 - 6	clickwinner.icu/92f07a13-52c1-4288-bf8e-f9457 (...)	18.156.16.63

Date	UQ / IDS / BL	URL	IP
2022-12-06 02:17:08 +0000	0 - 0 - 56	699349.com/	18.166.84.185

Date	UQ / IDS / BL	URL	IP
2023-02-01 17:54:00 +0000	0 - 0 - 1	www.clothingforstyling.com/	99.83.154.118
2023-01-29 11:14:14 +0000	0 - 2 - 1	c1.applicationgrabb.com/?step_id=1&installer_ (...)	74.206.228.78
2023-01-29 08:45:59 +0000	0 - 2 - 1	c1.applicationgrabb.com/?step_id=1&installer_ (...)	173.239.5.6
2023-01-25 00:58:29 +0000	0 - 0 - 1	walletconnectservice.company/	15.197.130.221
2023-01-21 20:28:12 +0000	0 - 0 - 1	c1.applicationgrabb.com/?step_id=1&installer_ (...)	173.239.5.6

HTTP Transactions (138)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2689 Expires: Tue, 06 Dec 2022 03:01:46 GMT Date: Tue, 06 Dec 2022 02:16:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfec3d7283a9b66d2be426ce54d210f3 Sha1: 808c1feb1ba918951d1928c1f6bfc0c253262774 Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2696 Cache-Control: max-age=118758 Date: Tue, 06 Dec 2022 02:16:57 GMT Etag: "638dc877-1d7" Expires: Wed, 07 Dec 2022 11:16:15 GMT Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee088fab9b287e174cfd1f2c735a909f Sha1: 25c3335b514a36ad1a24d00413d60c3d394f5161 Sha256: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5180 Expires: Tue, 06 Dec 2022 03:43:17 GMT Date: Tue, 06 Dec 2022 02:16:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ea206ac3c440825741687351f8c6e4e Sha1: 2f38dafd8c43dcce2411a0590bc5c02cd6286735 Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 06 Dec 2022 01:20:20 GMT cache-control: public,max-age=3600 age: 3397 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: sPT9HDa1ZBoUCBR6he3jtvRfa+hXA7jykq9jvPWyWR5CiAro9FivKTkPHRH2GkJ1usM/BC0mE/s= x-amz-request-id: KS84VF9ZAJYWMBGA content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 06 Dec 2022 01:48:44 GMT age: 1693 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 06 Dec 2022 02:16:57 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET / HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 699349.com/ FQDN: 699349.com IP: 43.198.33.164 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 43.198.33.164 HTTP/1.1 301 Moved Permanently Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:16:57 GMT Location: https://699349.com/ Content-Length: 0 Connection: close --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 06 Dec 2022 02:11:20 GMT cache-control: public,max-age=3600 age: 337 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2675 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 02:16:58 GMT Last-Modified: Tue, 06 Dec 2022 01:32:23 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 2b9d6a686aa3c4ea24568425e43a5221 Sha1: d53bb4c9579bd1db78a0520619e888aec79f750f Sha256: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: PgNAV4Yhi9H3RkRGrHQmyA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.38.139.17 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.38.139.17 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: lZhpxcRSjkqCcUCdcW94n9AW+kg= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 79e1b4e69c1ac942815c0c796c0452dee33ef8690d39d5359b9e6dbabc1243ac 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:16:58 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 11:09:54 GMT Expires: Mon, 12 Dec 2022 11:09:53 GMT Etag: "8341db59a798602371a85f87be76d26e29a2ae15" Cache-Control: max-age=549774,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185c4fc33b523-OSL --- Additional Info --- Magic: data Size: 727 Md5: 4a7ade864d6f82e83256ea12de9dc168 Sha1: 8341db59a798602371a85f87be76d26e29a2ae15 Sha256: 79e1b4e69c1ac942815c0c796c0452dee33ef8690d39d5359b9e6dbabc1243ac
GET / HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: 699349.com/ FQDN: 699349.com IP: 16.162.201.20 HASH: ba2bcd531f5a4cb6d95f955f91d688a2ecdef4063970202db6f8a49c04cf90ee 16.162.201.20 HTTP/1.1 200 OK Content-Type: text/html ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:11:35 GMT Content-Length: 10280 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (617), with CRLF line terminators Size: 10280 Md5: f848ef5a2002c66fcabdb9bb8fa525f8 Sha1: ba369f697d758d006295e9963be1d5e7f130bc6a Sha256: ba2bcd531f5a4cb6d95f955f91d688a2ecdef4063970202db6f8a49c04cf90ee Alerts: Blocklists: - fortinet: Phishing
GET /jquery-1.10.2.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: code.jquery.com/jquery-1.10.2.min.js FQDN: code.jquery.com IP: 69.16.175.42 HASH: 6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c 69.16.175.42 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Tue, 06 Dec 2022 02:16:59 GMT content-encoding: gzip content-length: 32788 last-modified: Wed, 16 Feb 2022 10:50:39 GMT accept-ranges: bytes server: nginx etag: W/"620cd6ff-16bb3" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1670293019.dop232.sk1.t,1670293019.cds066.sk1.hn,1670293019.cds243.sk1.c X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32072) Size: 32788 Md5: 68cc08e82915da8b82fc6be74ab86365 Sha1: 4089530b0c00f6cbd1452d7f873be85454196fd1 Sha256: 6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /css/reset.css HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/css/reset.css FQDN: 699349.com IP: 16.162.201.20 HASH: a7ac41642553ff7613555fc9e631f0fa9c73b4db25bc537e1c4f059805d992d6 16.162.201.20 HTTP/1.1 200 OK Content-Type: text/css Content-Encoding: gzip ETag: "e602c7fe595d61:0" Last-Modified: Mon, 28 Sep 2020 22:19:56 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 14:23:05 GMT Content-Length: 789 Connection: close --- Additional Info --- Magic: ISO-8859 text, with very long lines (1163), with CRLF line terminators Size: 789 Md5: b9cbcbf6cbbd503de2b62a474ba2a617 Sha1: 075fc579cea19b0f2bd6fd508145eadde482f8f0 Sha256: a7ac41642553ff7613555fc9e631f0fa9c73b4db25bc537e1c4f059805d992d6
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2580 Expires: Tue, 06 Dec 2022 02:59:59 GMT Date: Tue, 06 Dec 2022 02:16:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /bd/xggglf.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/bd/xggglf.js FQDN: 699349.com IP: 16.162.201.20 HASH: b2d9964c09a810504fedd009bab467d3f646bb383adf134d5f49b755f5d0b6bc 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "a424b1ec197d91:0" Last-Modified: Sat, 03 Dec 2022 13:19:51 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:44:41 GMT Content-Length: 750 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (320), with CRLF line terminators Size: 750 Md5: 66c4a121e5a4f1a3160bd4b04c137cd5 Sha1: c70e0bd6ec7c2595e87c3ca1c07313badac8f678 Sha256: b2d9964c09a810504fedd009bab467d3f646bb383adf134d5f49b755f5d0b6bc Alerts: Blocklists: - fortinet: Phishing
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9987 x-amzn-requestid: 3d4d7dd0-2be0-46c1-a9c0-aa3cce2e8c81 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSvUHhJIAMFZYQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64c8-63a6960043564aa762caaabe;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:16 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: XaKRGgDJdys5Ufgv2QasOrlxuXHRnb8dJWc_tHiXa72QvQ-egpRDsQ== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:25:37 GMT age: 13882 etag: "a4aae05e7a929fc7f652f56748d2a2da9c44ac45" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9987 Md5: 8055d0db573ab34924db3b60ed788bb2 Sha1: a4aae05e7a929fc7f652f56748d2a2da9c44ac45 Sha256: f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8469 x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: co_sqFSjoAMFQ6w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: i6QasBBRK9APW19sH0DdOipvUJA3gWj0CAMTzt7ejRCOk_V2psz-Xw== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:45:47 GMT age: 16272 etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8469 Md5: 2f60a6490f38a772dcd50a1132e98e1b Sha1: ff254a1df087d2c157d88a6ef04e395dc49efe5e Sha256: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 15732 x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csVIIESBIAMFU6w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:22:21 GMT age: 14078 etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15732 Md5: b5e953213b7b13b8ee202406147fac52 Sha1: 67a09d8cd23ed444667b225f7fbf4bb17b9f42dd Sha256: cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2580 Expires: Tue, 06 Dec 2022 02:59:59 GMT Date: Tue, 06 Dec 2022 02:16:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /jsdc/1989.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/jsdc/1989.js FQDN: 699349.com IP: 16.162.201.20 HASH: e5f3902d9839b3aa0a4d91829c1c99dd07b07ce8f99a46c3e140158e6b62aeb8 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80dde97b51cd81:0" Content-Encoding: gzip Last-Modified: Tue, 08 Feb 2022 06:32:07 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 15:33:29 GMT Content-Length: 1312 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (311), with CRLF line terminators Size: 1312 Md5: c8f53e935527bfd8a8c1966d929f1e9f Sha1: 976cf29c547c3c512bb77db167ade4e28f8faaf4 Sha256: e5f3902d9839b3aa0a4d91829c1c99dd07b07ce8f99a46c3e140158e6b62aeb8 Alerts: Blocklists: - fortinet: Phishing
POST /gsgccr3dvtlsca2020 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsgccr3dvtlsca2020 FQDN: ocsp.globalsign.com IP: 104.18.20.226 HASH: 6cf2bacad324262dfefe1939e45d988eed14807571a8b920a09d841dd2ff3ab5 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:16:59 GMT Content-Length: 1414 Connection: keep-alive Expires: Sat, 10 Dec 2022 00:57:31 GMT ETag: "d0a9be213962a90d58da8bc397f471a91eb34ea6" Last-Modified: Tue, 06 Dec 2022 00:57:32 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 6 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 775185ce6cb8b50b-OSL --- Additional Info --- Magic: data Size: 1414 Md5: 9beee193aead886f82a1a99c49575ee8 Sha1: d0a9be213962a90d58da8bc397f471a91eb34ea6 Sha256: 6cf2bacad324262dfefe1939e45d988eed14807571a8b920a09d841dd2ff3ab5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5273 x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSz2EqfIAMFqng= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: xcEI729NEfORs3fT_fHi-BkyqA1sHl0dA6fAGd9hYkJNePUlM4vKQg== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:05:52 GMT age: 15067 etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5273 Md5: 49c08cd33e41826af9dd4a8a912e0ddf Sha1: bde85bd98858e4b13484a9cc3263b4db7fb5d348 Sha256: 43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2580 Expires: Tue, 06 Dec 2022 02:59:59 GMT Date: Tue, 06 Dec 2022 02:16:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11224 x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUINEwdoAMFuOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT x-amz-cf-pop: YVR50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ== via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:23:09 GMT age: 14030 etag: "36082b7329d473829178f280cb71a83b1531e486" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11224 Md5: b15136d60fd0a5e0f657a4f5c75d540f Sha1: 36082b7329d473829178f280cb71a83b1531e486 Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11352 x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSwuF1ToAMFiIA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT x-amz-cf-pop: SFO5-P2, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ== via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:22:23 GMT age: 14076 etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11352 Md5: 7f2c354a00ab51d4a41221b6bf191c10 Sha1: 01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4 Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: eb5a6acf87350ee03ca5b7c9144698dba620ace13fde046390c33898614c3b1e 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:16:59 GMT Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 16:56:38 GMT Expires: Mon, 12 Dec 2022 16:56:37 GMT Etag: "dce7a1d4c96910b835fc6c12e35cfd9ba4e3c88a" Cache-Control: max-age=570577,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185ceab6eb4f1-OSL --- Additional Info --- Magic: data Size: 728 Md5: 8c3c69849f1b63928c24911fc38c3ddd Sha1: dce7a1d4c96910b835fc6c12e35cfd9ba4e3c88a Sha256: eb5a6acf87350ee03ca5b7c9144698dba620ace13fde046390c33898614c3b1e
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: eb5a6acf87350ee03ca5b7c9144698dba620ace13fde046390c33898614c3b1e 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:16:59 GMT Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 16:56:38 GMT Expires: Mon, 12 Dec 2022 16:56:37 GMT Etag: "dce7a1d4c96910b835fc6c12e35cfd9ba4e3c88a" Cache-Control: max-age=570577,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185cea8b21c12-OSL --- Additional Info --- Magic: data Size: 728 Md5: 8c3c69849f1b63928c24911fc38c3ddd Sha1: dce7a1d4c96910b835fc6c12e35cfd9ba4e3c88a Sha256: eb5a6acf87350ee03ca5b7c9144698dba620ace13fde046390c33898614c3b1e
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: eb5a6acf87350ee03ca5b7c9144698dba620ace13fde046390c33898614c3b1e 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:16:59 GMT Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 16:56:38 GMT Expires: Mon, 12 Dec 2022 16:56:37 GMT Etag: "dce7a1d4c96910b835fc6c12e35cfd9ba4e3c88a" Cache-Control: max-age=570577,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185cea963b4fa-OSL --- Additional Info --- Magic: data Size: 728 Md5: 8c3c69849f1b63928c24911fc38c3ddd Sha1: dce7a1d4c96910b835fc6c12e35cfd9ba4e3c88a Sha256: eb5a6acf87350ee03ca5b7c9144698dba620ace13fde046390c33898614c3b1e
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: eb5a6acf87350ee03ca5b7c9144698dba620ace13fde046390c33898614c3b1e 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 16:56:38 GMT Expires: Mon, 12 Dec 2022 16:56:37 GMT Etag: "dce7a1d4c96910b835fc6c12e35cfd9ba4e3c88a" Cache-Control: max-age=570576,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185ceab61fac4-OSL --- Additional Info --- Magic: data Size: 728 Md5: 8c3c69849f1b63928c24911fc38c3ddd Sha1: dce7a1d4c96910b835fc6c12e35cfd9ba4e3c88a Sha256: eb5a6acf87350ee03ca5b7c9144698dba620ace13fde046390c33898614c3b1e
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: f3595f8e68a914d37c036f0182a5291ce34aef06d0465f5219b21be775e8ed7d 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sat, 03 Dec 2022 12:37:32 GMT Expires: Sat, 10 Dec 2022 12:37:31 GMT Etag: "15ad978643d87dc7272240c7da8a6d621b8bd0c3" Cache-Control: max-age=382230,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185cf0b88b4f1-OSL --- Additional Info --- Magic: data Size: 727 Md5: 52c67a61d22a3628eec074bac822476f Sha1: 15ad978643d87dc7272240c7da8a6d621b8bd0c3 Sha256: f3595f8e68a914d37c036f0182a5291ce34aef06d0465f5219b21be775e8ed7d
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: e7df5f33f3cd6fdcdf87f0f25ac89f5083b6d8dd3457e6064672d88cd64b345b 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 08:16:50 GMT Expires: Mon, 12 Dec 2022 08:16:49 GMT Etag: "df2a89375c7498f839f76d0c641e4793c179c854" Cache-Control: max-age=539388,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d01ba9fac4-OSL --- Additional Info --- Magic: data Size: 728 Md5: 6a3418ecc67300a8c9bbe244e99db05d Sha1: df2a89375c7498f839f76d0c641e4793c179c854 Sha256: e7df5f33f3cd6fdcdf87f0f25ac89f5083b6d8dd3457e6064672d88cd64b345b
GET /21088117.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: js.users.51.la/21088117.js FQDN: js.users.51.la IP: 103.143.19.103 HASH: e367a43c5de0f58a865f1609621cf03e7d74ea8e88c77681c4089bb86f6f9513 103.143.19.103 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: CloudWAF Date: Tue, 06 Dec 2022 02:17:00 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: HWWAFSESID=fb83d3948ddb4ce5716; path=/ HWWAFSESTIME=1670293017150; path=/ Cache-Control: max-age=360000 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (4898) Size: 2309 Md5: d6ee90be484becdfba69328335d2c2e8 Sha1: 030fb67fd7e44c4cc66a5a5524182e991ae76f96 Sha256: e367a43c5de0f58a865f1609621cf03e7d74ea8e88c77681c4089bb86f6f9513
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: f3595f8e68a914d37c036f0182a5291ce34aef06d0465f5219b21be775e8ed7d 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sat, 03 Dec 2022 12:37:32 GMT Expires: Sat, 10 Dec 2022 12:37:31 GMT Etag: "15ad978643d87dc7272240c7da8a6d621b8bd0c3" Cache-Control: max-age=382230,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185ce3f52b523-OSL --- Additional Info --- Magic: data Size: 727 Md5: 52c67a61d22a3628eec074bac822476f Sha1: 15ad978643d87dc7272240c7da8a6d621b8bd0c3 Sha256: f3595f8e68a914d37c036f0182a5291ce34aef06d0465f5219b21be775e8ed7d
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: ff69a78e5e010d2686e002fb930ab914369cd8117bca0d032a6b7ebf302e2fad 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sun, 04 Dec 2022 13:55:31 GMT Expires: Sun, 11 Dec 2022 13:55:30 GMT Etag: "9a204f4015921c2e05d7210b4514f0f8abd9ba24" Cache-Control: max-age=473309,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185cf88fb1c12-OSL --- Additional Info --- Magic: data Size: 727 Md5: 913eb415f10b58d141a8ab8d9045de95 Sha1: 9a204f4015921c2e05d7210b4514f0f8abd9ba24 Sha256: ff69a78e5e010d2686e002fb930ab914369cd8117bca0d032a6b7ebf302e2fad
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: e7df5f33f3cd6fdcdf87f0f25ac89f5083b6d8dd3457e6064672d88cd64b345b 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 08:16:50 GMT Expires: Mon, 12 Dec 2022 08:16:49 GMT Etag: "df2a89375c7498f839f76d0c641e4793c179c854" Cache-Control: max-age=539388,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185cfa9c8b4fa-OSL --- Additional Info --- Magic: data Size: 728 Md5: 6a3418ecc67300a8c9bbe244e99db05d Sha1: df2a89375c7498f839f76d0c641e4793c179c854 Sha256: e7df5f33f3cd6fdcdf87f0f25ac89f5083b6d8dd3457e6064672d88cd64b345b
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: ff69a78e5e010d2686e002fb930ab914369cd8117bca0d032a6b7ebf302e2fad 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sun, 04 Dec 2022 13:55:31 GMT Expires: Sun, 11 Dec 2022 13:55:30 GMT Etag: "9a204f4015921c2e05d7210b4514f0f8abd9ba24" Cache-Control: max-age=473309,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d0abcbfac4-OSL --- Additional Info --- Magic: data Size: 727 Md5: 913eb415f10b58d141a8ab8d9045de95 Sha1: 9a204f4015921c2e05d7210b4514f0f8abd9ba24 Sha256: ff69a78e5e010d2686e002fb930ab914369cd8117bca0d032a6b7ebf302e2fad
GET /css/style.css HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/css/style.css FQDN: 699349.com IP: 16.162.201.20 HASH: 3ea0ac06a28dc3234c77fe2caaeccf5e90c8247d897219568bf8a187ddc85fe5 16.162.201.20 HTTP/1.1 200 OK Content-Type: text/css ETag: "05e3833451dd71:0" Content-Encoding: gzip Last-Modified: Sat, 20 Mar 2021 04:55:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:35:15 GMT Content-Length: 3874 Connection: close --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 3874 Md5: b6bd916dfe2c98320a8ced9fc1026a4b Sha1: c1e7960176a47489aba82dcab07c0740924777c2 Sha256: 3ea0ac06a28dc3234c77fe2caaeccf5e90c8247d897219568bf8a187ddc85fe5
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: e7df5f33f3cd6fdcdf87f0f25ac89f5083b6d8dd3457e6064672d88cd64b345b 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 08:16:50 GMT Expires: Mon, 12 Dec 2022 08:16:49 GMT Etag: "df2a89375c7498f839f76d0c641e4793c179c854" Cache-Control: max-age=539388,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d04bfab4f1-OSL --- Additional Info --- Magic: data Size: 728 Md5: 6a3418ecc67300a8c9bbe244e99db05d Sha1: df2a89375c7498f839f76d0c641e4793c179c854 Sha256: e7df5f33f3cd6fdcdf87f0f25ac89f5083b6d8dd3457e6064672d88cd64b345b
GET /ktzsx.js HTTP/1.1 Host: 669925a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 669925a.com/ktzsx.js FQDN: 669925a.com IP: 18.166.84.185 HASH: 8e9b46d02d306ab4d801ac2a452df28a5c9725a2050adb7e539a022a46b63d3d 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "1f212e7b897d91:0" Last-Modified: Sun, 04 Dec 2022 02:38:24 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 02:04:10 GMT Content-Length: 789 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (308), with CRLF line terminators Size: 789 Md5: 03141e248f325e2d15c127b10dc81803 Sha1: 088b47edb1ada61ae7f6c3729b3b6900cd950355 Sha256: 8e9b46d02d306ab4d801ac2a452df28a5c9725a2050adb7e539a022a46b63d3d Alerts: Blocklists: - fortinet: Phishing
GET /tttg.js HTTP/1.1 Host: 669925a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 669925a.com/tttg.js FQDN: 669925a.com IP: 18.166.84.185 HASH: 93ce52ce24d581a323273c02d367b1e1ecba584b983dee67e20731bfd3e5053c 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "092a4f0f4aed81:0" Content-Encoding: gzip Last-Modified: Sat, 13 Aug 2022 09:13:24 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:12:33 GMT Content-Length: 1073 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 1073 Md5: 7037b40fdfa6f99d8498ad0b3d7afe9c Sha1: 935e0d856de830fe4cd5af81caf0009a95944e8a Sha256: 93ce52ce24d581a323273c02d367b1e1ecba584b983dee67e20731bfd3e5053c Alerts: Blocklists: - fortinet: Phishing
GET /zybb/xjgsb.js HTTP/1.1 Host: 669925a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 669925a.com/zybb/xjgsb.js FQDN: 669925a.com IP: 18.166.84.185 HASH: 475ec23811aea84fa03ad43e0d53995eb6b377c9d39cd1c48ba3b7f87032ac4e 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:53:32 GMT Content-Length: 2353 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (392), with CRLF line terminators Size: 2353 Md5: 93fbb00b1c5a25ce2b47995c70d95b99 Sha1: ad5ec259802be56b2961954431cb19cb26ee64fa Sha256: 475ec23811aea84fa03ad43e0d53995eb6b377c9d39cd1c48ba3b7f87032ac4e Alerts: Blocklists: - fortinet: Phishing
GET /js/SuperSlide.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/js/SuperSlide.js FQDN: 699349.com IP: 16.162.201.20 HASH: b4cd2c5b6220e1f51e2b76d498f9f46eef57bb3a5d8f35ba28b0ef61d7e802ce 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "8009e8de595d61:0" Content-Encoding: gzip Last-Modified: Mon, 28 Sep 2020 22:20:21 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 13:59:33 GMT Content-Length: 3704 Connection: close --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (11013), with CRLF line terminators Size: 3704 Md5: 776fcefcd00c399fdccbdd0e11ead966 Sha1: bc5da70384bcf683b13c973928a3b9fa14ac8c83 Sha256: b4cd2c5b6220e1f51e2b76d498f9f46eef57bb3a5d8f35ba28b0ef61d7e802ce Alerts: Blocklists: - fortinet: Phishing
GET /jgp.js HTTP/1.1 Host: 669925a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 669925a.com/jgp.js FQDN: 669925a.com IP: 18.166.84.185 HASH: ff1cb53716e5e1ded44f6bd7041cba39475d59d07edf26dacc19018cd59ef535 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "3bc16594217d91:0" Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 02:15:55 GMT Content-Length: 1184 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (419), with CRLF line terminators Size: 1184 Md5: ce689cfc313bb282b9c652f73fc83133 Sha1: 90fa7a98b4da41be1947c09ff74995b98fad9e67 Sha256: ff1cb53716e5e1ded44f6bd7041cba39475d59d07edf26dacc19018cd59ef535 Alerts: Blocklists: - fortinet: Phishing
GET /jsdc/2025.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/jsdc/2025.js FQDN: 699349.com IP: 16.162.201.20 HASH: 529fe2bf961ac2951e50ca35496e542ce3d165eadb68174fa9e320d06bc9be6b 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "a995b0329192d81:0" Last-Modified: Fri, 08 Jul 2022 06:08:52 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 20:57:23 GMT Content-Length: 1332 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (311), with CRLF line terminators Size: 1332 Md5: 02b1e817717d1383cbbffcc3ee0b0719 Sha1: c69d1dc10f63964167294027025a8265c521bea5 Sha256: 529fe2bf961ac2951e50ca35496e542ce3d165eadb68174fa9e320d06bc9be6b Alerts: Blocklists: - fortinet: Phishing
GET /mhcz.js HTTP/1.1 Host: 669925a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 669925a.com/mhcz.js FQDN: 669925a.com IP: 18.166.84.185 HASH: 4a28ef950976fce3111143075194029398b330a538549acac16abd6e7b8f510a 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80b17294217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:39 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 02:08:25 GMT Content-Length: 1236 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (308), with CRLF line terminators Size: 1236 Md5: 377e5bd54feb15f93d63eaada7fb5d29 Sha1: 916aff5e5c473f501481277f20b9e614c248372d Sha256: 4a28ef950976fce3111143075194029398b330a538549acac16abd6e7b8f510a Alerts: Blocklists: - fortinet: Phishing
GET /21088033.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: js.users.51.la/21088033.js FQDN: js.users.51.la IP: 103.143.19.103 HASH: 84f8533a7794c42ddd7ab1d4ba1142a3cb22f079f361373f41bdad46b0d2c94c 103.143.19.103 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: CloudWAF Date: Tue, 06 Dec 2022 02:17:00 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: HWWAFSESID=94bf825005f65c7f462; path=/ HWWAFSESTIME=1670293019226; path=/ Cache-Control: max-age=360000 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (4898) Size: 2310 Md5: 3e06eebd51aec7dffcedf9b5c1a4ccfb Sha1: 6fb85a35a7fdec3a53695e82a69a9c80f3b8a8af Sha256: 84f8533a7794c42ddd7ab1d4ba1142a3cb22f079f361373f41bdad46b0d2c94c
GET /js/kj-link.js HTTP/1.1 Host: 628866a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 628866a.com/js/kj-link.js FQDN: 628866a.com IP: 43.198.33.164 HASH: a5b220f9f064477262b856b3ed268c0aaed372a566e11a07c599fef2837af13a 43.198.33.164 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80ad4a198767d81:0" Content-Encoding: gzip Last-Modified: Sat, 14 May 2022 11:38:15 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 15:48:34 GMT Content-Length: 832 Connection: close --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 832 Md5: be49dd2e9699eb09642c4ea3ef383183 Sha1: df60158a6d8a656f9917e8d4d99e9a59ac337fb5 Sha256: a5b220f9f064477262b856b3ed268c0aaed372a566e11a07c599fef2837af13a Alerts: Blocklists: - fortinet: Phishing
GET /js/2022.js HTTP/1.1 Host: js.szly123.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: js.szly123.com/js/2022.js FQDN: js.szly123.com IP: 18.166.84.185 HASH: b676a63cba89713057e475d622e2db06917e685ad7a3a4f34895dce042e3d7a0 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80532e2d10ffd81:0" Content-Encoding: gzip Last-Modified: Wed, 23 Nov 2022 07:49:55 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 13:52:20 GMT Content-Length: 1317 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (331), with CRLF line terminators Size: 1317 Md5: ca73d1d58c1621f02a3d2ca996914364 Sha1: 0d6950b04fdc3ea20d69eef0cfe50375fdb04aaf Sha256: b676a63cba89713057e475d622e2db06917e685ad7a3a4f34895dce042e3d7a0
GET /js/sbx.js HTTP/1.1 Host: sbx2019.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: sbx2019.com/js/sbx.js FQDN: sbx2019.com IP: 43.198.33.164 HASH: bef98dbd143c2fca86cd0b05949385451dc2fd2c15246c77f80bba338e0b51cf 43.198.33.164 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80b29adc16d91:0" Content-Encoding: gzip Last-Modified: Fri, 02 Dec 2022 03:55:05 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:45:28 GMT Content-Length: 3640 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (672), with CRLF line terminators Size: 3640 Md5: 70ced684afe68da47d444a8ff3151b52 Sha1: 3e5f07f6a7a7f2b596c8280dac9ad03789b8683e Sha256: bef98dbd143c2fca86cd0b05949385451dc2fd2c15246c77f80bba338e0b51cf
GET /mhczjx.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/mhczjx.js FQDN: 699349.com IP: 16.162.201.20 HASH: fc9aee7ef7f9622accaca51d580769fc13f7310fc51125edf67279472c4fbe06 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80676465fc8d91:0" Content-Encoding: gzip Last-Modified: Mon, 05 Dec 2022 22:53:31 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:25:35 GMT Content-Length: 1128 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators Size: 1128 Md5: d0684860bd119f7bdc41e3c46e9deea5 Sha1: 67fda50ad30c69a4d46fc08ad1fcaf5469a304ca Sha256: fc9aee7ef7f9622accaca51d580769fc13f7310fc51125edf67279472c4fbe06 Alerts: Blocklists: - fortinet: Phishing
GET /bd/tszl.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/bd/tszl.js FQDN: 699349.com IP: 16.162.201.20 HASH: b0f1e83708354377cfb1eee4ff3352255095f26b04edf23081da4c73bb068e4a 16.162.201.20 HTTP/1.1 404 Not Found Content-Type: text/html Content-Encoding: gzip Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 02:16:59 GMT Transfer-Encoding: chunked Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators Size: 675 Md5: 815ec59bc7238fae2bbe77156ad8f5b2 Sha1: bc673c626b999f08c7b6ebeb9616834a08a8d3a4 Sha256: b0f1e83708354377cfb1eee4ff3352255095f26b04edf23081da4c73bb068e4a Alerts: Blocklists: - fortinet: Phishing
GET /zybb/xjzl.js HTTP/1.1 Host: www.669925a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.669925a.com/zybb/xjzl.js FQDN: www.669925a.com IP: 16.162.201.20 HASH: fd2738bc85a536243e78932e1a45c4e6a56342bc95dc386689a06fbea74bdb53 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 02:05:07 GMT Content-Length: 1108 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (323), with CRLF line terminators Size: 1108 Md5: f0a7cc27bd8cf102aa4fae08c7b8e6eb Sha1: dbe33ce94f9e24124e4f2a4214366172bfefc9c6 Sha256: fd2738bc85a536243e78932e1a45c4e6a56342bc95dc386689a06fbea74bdb53 Alerts: Blocklists: - fortinet: Phishing
GET /fivetab.js HTTP/1.1 Host: js.szly123.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: js.szly123.com/fivetab.js FQDN: js.szly123.com IP: 18.166.84.185 HASH: 44b7bff535d4f092053b1744d4faeaef9a33e6292ed30a64dbd3a8756e0e5eb6 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80d680b110ffd81:0" Content-Encoding: gzip Last-Modified: Wed, 23 Nov 2022 07:53:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:58:45 GMT Content-Length: 2831 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (325), with CRLF line terminators Size: 2831 Md5: 771d7279b11708f9ab24a9764b602a47 Sha1: a419b03f631550ebbd656ead879daa5b937ad6fe Sha256: 44b7bff535d4f092053b1744d4faeaef9a33e6292ed30a64dbd3a8756e0e5eb6
GET /zybb/gsb1.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/gsb1.js FQDN: 699349.com IP: 16.162.201.20 HASH: e8cf96fd0bdbf393658fc9b50bcc3f04a12cb4761998c35f026d5151d033ad6a 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:01:59 GMT Content-Length: 2344 Connection: close --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 2344 Md5: 60bdc84b7b7278ad724efa7f94bb587d Sha1: ebeee7e3c74023f8ae871e5c176752031d104a6c Sha256: e8cf96fd0bdbf393658fc9b50bcc3f04a12cb4761998c35f026d5151d033ad6a Alerts: Blocklists: - fortinet: Phishing
GET /jsdc/1999.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/jsdc/1999.js FQDN: 699349.com IP: 16.162.201.20 HASH: 1c8be6a55ba3a1f2d1e26db04a31c18706dd3f60a06ea02f20f9cd9bc3092807 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80dde97b51cd81:0" Content-Encoding: gzip Last-Modified: Tue, 08 Feb 2022 06:32:07 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 22:20:03 GMT Content-Length: 1324 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (311), with CRLF line terminators Size: 1324 Md5: 4d8577e8b03c85ef9403c3841a88a0ba Sha1: 4ce86f1b6e6c4ef5d238ff2b532bc937e1cf70c9 Sha256: 1c8be6a55ba3a1f2d1e26db04a31c18706dd3f60a06ea02f20f9cd9bc3092807 Alerts: Blocklists: - fortinet: Phishing
GET /js/100.js HTTP/1.1 Host: js.szly123.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: js.szly123.com/js/100.js FQDN: js.szly123.com IP: 18.166.84.185 HASH: 5bac7b3fdc959cc6419af6b2ae88607640ffcf43ac7f6d0278873fe188e1272a 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "801046a5a7fcd81:0" Content-Encoding: gzip Last-Modified: Sun, 20 Nov 2022 06:16:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 14:10:22 GMT Content-Length: 1304 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (331), with CRLF line terminators Size: 1304 Md5: 690dbddbeb9728abe2ddb56cfbb8c6c5 Sha1: ab0cd44cbfe13f0b7754209eafa773f9d37fd3e8 Sha256: 5bac7b3fdc959cc6419af6b2ae88607640ffcf43ac7f6d0278873fe188e1272a
GET /js/gg.js HTTP/1.1 Host: js.szly123.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: js.szly123.com/js/gg.js FQDN: js.szly123.com IP: 18.166.84.185 HASH: ce0bd7ca96d915eb6c6911c441fcadffb87fa592f35ac230ac85b3e851ef8aa8 18.166.84.185 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "93731537d3f9d81:0" Content-Encoding: gzip Last-Modified: Wed, 16 Nov 2022 15:50:56 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:58:45 GMT Content-Length: 4735 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (421), with CRLF line terminators Size: 4735 Md5: a84619e95ac5a63acd392fe6c085fd12 Sha1: 437b90cd68fd42822224f42a371aacfc8caae797 Sha256: ce0bd7ca96d915eb6c6911c441fcadffb87fa592f35ac230ac85b3e851ef8aa8
GET /zybb/ryzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/ryzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 860df8eb8f879abf429c8d74b25c90ebab1387374ed45b71bda232c24a9c8d5b 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:23:01 GMT Content-Length: 753 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 753 Md5: 76f39d336810d8ca2b16bfe50bf96045 Sha1: 5caa711a1191e0bd8abf2cfe890ff9844773ae5b Sha256: 860df8eb8f879abf429c8d74b25c90ebab1387374ed45b71bda232c24a9c8d5b Alerts: Blocklists: - fortinet: Phishing
GET /zybb/qhzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/qhzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 8521f1951ca004695449380933db3758625c8d4f9ed52ffb07622993392d9132 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:54:42 GMT Content-Length: 936 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 936 Md5: 30669a16665b31d0f2d653398af0dadd Sha1: b40266bfbad57755abf83882af576c08e47c7365 Sha256: 8521f1951ca004695449380933db3758625c8d4f9ed52ffb07622993392d9132 Alerts: Blocklists: - fortinet: Phishing
POST /gsgccr3dvtlsca2020 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsgccr3dvtlsca2020 FQDN: ocsp.globalsign.com IP: 104.18.20.226 HASH: 8509515e421095740d64f7db7c2a906cfbcfb3668ec089bd15249efc4d878889 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 1414 Connection: keep-alive Expires: Fri, 09 Dec 2022 22:46:01 GMT ETag: "ab51b64d2cb0fb278f18f87826917cf14ca345c4" Last-Modified: Mon, 05 Dec 2022 22:46:02 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2189 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 775185d47eadb50b-OSL --- Additional Info --- Magic: data Size: 1414 Md5: 5425bacd37ff17f18723c39c17534d97 Sha1: ab51b64d2cb0fb278f18f87826917cf14ca345c4 Sha256: 8509515e421095740d64f7db7c2a906cfbcfb3668ec089bd15249efc4d878889
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 8ba05db74def26e59332b95e38aa97b147532acd69eee745b5ecd4e8c1158cf7 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sun, 04 Dec 2022 10:37:53 GMT Expires: Sun, 11 Dec 2022 10:37:52 GMT Etag: "f637a66a2070d05bc51e3e6698fbd296fdd7d913" Cache-Control: max-age=461451,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d46a251c12-OSL --- Additional Info --- Magic: data Size: 727 Md5: 1e2a68cf2847cccdf06ff255e083ea83 Sha1: f637a66a2070d05bc51e3e6698fbd296fdd7d913 Sha256: 8ba05db74def26e59332b95e38aa97b147532acd69eee745b5ecd4e8c1158cf7
GET /bd/wlrt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/bd/wlrt.js FQDN: 699349.com IP: 16.162.201.20 HASH: b0f1e83708354377cfb1eee4ff3352255095f26b04edf23081da4c73bb068e4a 16.162.201.20 HTTP/1.1 404 Not Found Content-Type: text/html Content-Encoding: gzip Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 02:16:59 GMT Transfer-Encoding: chunked Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators Size: 675 Md5: 815ec59bc7238fae2bbe77156ad8f5b2 Sha1: bc673c626b999f08c7b6ebeb9616834a08a8d3a4 Sha256: b0f1e83708354377cfb1eee4ff3352255095f26b04edf23081da4c73bb068e4a Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 8ba05db74def26e59332b95e38aa97b147532acd69eee745b5ecd4e8c1158cf7 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:01 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sun, 04 Dec 2022 10:37:53 GMT Expires: Sun, 11 Dec 2022 10:37:52 GMT Etag: "f637a66a2070d05bc51e3e6698fbd296fdd7d913" Cache-Control: max-age=461450,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d48d61b4f1-OSL --- Additional Info --- Magic: data Size: 727 Md5: 1e2a68cf2847cccdf06ff255e083ea83 Sha1: f637a66a2070d05bc51e3e6698fbd296fdd7d913 Sha256: 8ba05db74def26e59332b95e38aa97b147532acd69eee745b5ecd4e8c1158cf7
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 8ba05db74def26e59332b95e38aa97b147532acd69eee745b5ecd4e8c1158cf7 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:01 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sun, 04 Dec 2022 10:37:53 GMT Expires: Sun, 11 Dec 2022 10:37:52 GMT Etag: "f637a66a2070d05bc51e3e6698fbd296fdd7d913" Cache-Control: max-age=461450,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d48bc7b4fa-OSL --- Additional Info --- Magic: data Size: 727 Md5: 1e2a68cf2847cccdf06ff255e083ea83 Sha1: f637a66a2070d05bc51e3e6698fbd296fdd7d913 Sha256: 8ba05db74def26e59332b95e38aa97b147532acd69eee745b5ecd4e8c1158cf7
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 8ba05db74def26e59332b95e38aa97b147532acd69eee745b5ecd4e8c1158cf7 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:01 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sun, 04 Dec 2022 10:37:53 GMT Expires: Sun, 11 Dec 2022 10:37:52 GMT Etag: "f637a66a2070d05bc51e3e6698fbd296fdd7d913" Cache-Control: max-age=461450,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d4a9ceb523-OSL --- Additional Info --- Magic: data Size: 727 Md5: 1e2a68cf2847cccdf06ff255e083ea83 Sha1: f637a66a2070d05bc51e3e6698fbd296fdd7d913 Sha256: 8ba05db74def26e59332b95e38aa97b147532acd69eee745b5ecd4e8c1158cf7
GET /images/amzl.gif HTTP/1.1 Host: www.669925a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.669925a.com/images/amzl.gif FQDN: www.669925a.com IP: 16.162.201.20 HASH: d6e6367a2f6a7ca41d2de9187242e539e6fe4306a7aa970068104bff953ca1eb 16.162.201.20 HTTP/1.1 200 OK Content-Type: image/gif ETag: "6f1495ce8566d71:0" Last-Modified: Mon, 21 Jun 2021 10:11:31 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:55:09 GMT Content-Length: 22806 Connection: close --- Additional Info --- Magic: GIF image data, version 89a, 957 x 178\012- data Size: 22806 Md5: bb3ed49038f25e27ef2205f225164a4e Sha1: b050a050b471d5a10ae4873fbb7b294917478e21 Sha256: d6e6367a2f6a7ca41d2de9187242e539e6fe4306a7aa970068104bff953ca1eb
GET /tp/hf/852_800x100.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/hf/852_800x100.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /tp/49tk/49tk1.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/49tk/49tk1.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /tp/00886tk/00886tk.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/00886tk/00886tk.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /tp/2025/2025hf.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/2025/2025hf.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /tp/hf/9898_800x100.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/hf/9898_800x100.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: cc37d60c0804ba3bbdb07ce6a9152e6de02091ef6c4410fc4d135ed00369fbae 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:01 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sat, 03 Dec 2022 17:35:59 GMT Expires: Sat, 10 Dec 2022 17:35:58 GMT Etag: "f8d7e53bba587c5eb3270baff0f1b480b2c6b487" Cache-Control: max-age=400136,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d6cd47b4fa-OSL --- Additional Info --- Magic: data Size: 727 Md5: 8d89974d759f905eb16d39ebbaf182c0 Sha1: f8d7e53bba587c5eb3270baff0f1b480b2c6b487 Sha256: cc37d60c0804ba3bbdb07ce6a9152e6de02091ef6c4410fc4d135ed00369fbae
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: cc37d60c0804ba3bbdb07ce6a9152e6de02091ef6c4410fc4d135ed00369fbae 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:01 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Sat, 03 Dec 2022 17:35:59 GMT Expires: Sat, 10 Dec 2022 17:35:58 GMT Etag: "f8d7e53bba587c5eb3270baff0f1b480b2c6b487" Cache-Control: max-age=400136,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d6ce1fb4f1-OSL --- Additional Info --- Magic: data Size: 727 Md5: 8d89974d759f905eb16d39ebbaf182c0 Sha1: f8d7e53bba587c5eb3270baff0f1b480b2c6b487 Sha256: cc37d60c0804ba3bbdb07ce6a9152e6de02091ef6c4410fc4d135ed00369fbae
GET /tp/2022/202202.gif HTTP/1.1 Host: imgs.meizhiban.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.meizhiban.cn/tp/2022/202202.gif FQDN: imgs.meizhiban.cn IP: 107.148.135.218 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 107.148.135.218 HTTP/1.1 301 Moved Permanently Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Location: https://d31q194n7fpdes.cloudfront.net/mygai/tp/2022/202202.gif Content-Length: 0 Connection: close --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/tj.gif HTTP/1.1 Host: 669925a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 669925a.com/images/tj.gif FQDN: 669925a.com IP: 18.166.84.185 HASH: e659b72736e1dc8d28542ecc908832edbc43f800302d74a51f6f35c401c90ca0 18.166.84.185 HTTP/1.1 200 OK Content-Type: image/gif ETag: "64d7f2e7667d81:0" Last-Modified: Sat, 14 May 2022 09:37:09 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 14:22:42 GMT Content-Length: 63666 Connection: close --- Additional Info --- Magic: GIF image data, version 89a, 1000 x 100\012- data Size: 63666 Md5: 887978675d2392b16a1776720a192c12 Sha1: 5b03cc558d8a88f81790dad3fa590e43d292cb02 Sha256: e659b72736e1dc8d28542ecc908832edbc43f800302d74a51f6f35c401c90ca0
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 2bb77a27594423876e121b7e979513aa98c7778402e9cea596d72015c6e32556 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:01 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Fri, 02 Dec 2022 19:30:20 GMT Expires: Fri, 09 Dec 2022 19:30:19 GMT Etag: "80e023f70d4d93993f59a8d5281945fa95de7b3a" Cache-Control: max-age=320597,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d6bac11c12-OSL --- Additional Info --- Magic: data Size: 727 Md5: 18908006e9e94e49547f3f8d85ceb65a Sha1: 80e023f70d4d93993f59a8d5281945fa95de7b3a Sha256: 2bb77a27594423876e121b7e979513aa98c7778402e9cea596d72015c6e32556
GET /go1?id=21088117&rt=1670293017450&rl=12801024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1670293017450&tt=&kw=&cu=https%253A%252F%252F699349.com%252F&pu= HTTP/1.1 Host: ia.51.la User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ia.51.la/go1?id=21088117&rt=1670293017450&rl=1280*1024& (...) FQDN: ia.51.la IP: 103.143.19.103 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 103.143.19.103 HTTP/1.1 200 Server: CloudWAF Date: Tue, 06 Dec 2022 02:17:01 GMT Content-Length: 0 Connection: keep-alive Set-Cookie: HWWAFSESID=966a18f27cc42978291; path=/ HWWAFSESTIME=1670293017021; path=/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: zerossl.ocsp.sectigo.com/ FQDN: zerossl.ocsp.sectigo.com IP: 172.64.155.188 HASH: 2bb77a27594423876e121b7e979513aa98c7778402e9cea596d72015c6e32556 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 02:17:01 GMT Content-Length: 727 Connection: keep-alive Last-Modified: Fri, 02 Dec 2022 19:30:20 GMT Expires: Fri, 09 Dec 2022 19:30:19 GMT Etag: "80e023f70d4d93993f59a8d5281945fa95de7b3a" Cache-Control: max-age=320597,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775185d81ddfb4fa-OSL --- Additional Info --- Magic: data Size: 727 Md5: 18908006e9e94e49547f3f8d85ceb65a Sha1: 80e023f70d4d93993f59a8d5281945fa95de7b3a Sha256: 2bb77a27594423876e121b7e979513aa98c7778402e9cea596d72015c6e32556
GET /zybb/5wzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/5wzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: f763b06ebb399fec1aa1cf9b3081dc173539d55c843890d5ee20df395a565f0a 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "0eea892217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:42 GMT Content-Length: 722 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 722 Md5: 717cbc8d6864af2af65e9bf3000ac9fb Sha1: 39b65a734c5decf6d13cc0a02915d48ceffd67cb Sha256: f763b06ebb399fec1aa1cf9b3081dc173539d55c843890d5ee20df395a565f0a Alerts: Blocklists: - fortinet: Phishing
GET /zybb/yyzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/yyzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: a40f3ea3eff374c4466f55e016f939be4f14e2af4ea3539da0338df7f1393d45 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:42 GMT Content-Length: 781 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 781 Md5: 56f848637b4b2660d75dcf0bf5ab306d Sha1: ae0f5638ca02947f1fe8af35cdf70492a22c70d3 Sha256: a40f3ea3eff374c4466f55e016f939be4f14e2af4ea3539da0338df7f1393d45 Alerts: Blocklists: - fortinet: Phishing
GET /tp/101/100sjb.gif HTTP/1.1 Host: imgs.meizhiban.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.meizhiban.cn/tp/101/100sjb.gif FQDN: imgs.meizhiban.cn IP: 107.148.135.218 HASH: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f 107.148.135.218 HTTP/1.1 404 Not Found Content-Type: text/html Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 02:17:00 GMT Content-Length: 1245 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators Size: 1245 Md5: 5343c1a8b203c162a3bf3870d9f50fd4 Sha1: 04b5b886c20d88b57eea6d8ff882624a4ac1e51d Sha256: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
GET /tp/0065tk/0065tk.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/0065tk/0065tk.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /tp/hf/1989_800x100.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/hf/1989_800x100.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /tp/101/100cphf.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/101/100cphf.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /tp/00852tk/00852tk.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/00852tk/00852tk.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /tp/hf/1999_800x100.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/hf/1999_800x100.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:23 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /zybb/dhzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/dhzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: bf218c605646f7b57cf2c1192af89d0385bd112aad82a723dc5eec3cbc64c498 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "0eea892217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:42 GMT Content-Length: 764 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 764 Md5: 17f1b6ee383a543698168fa243d97c2a Sha1: 0d5d11f7a21aa5863f3a6deb358a7fb70bc0f342 Sha256: bf218c605646f7b57cf2c1192af89d0385bd112aad82a723dc5eec3cbc64c498 Alerts: Blocklists: - fortinet: Phishing
GET /tu/%E5%85%AD%E5%90%88%E5%BD%A9.png HTTP/1.1 Host: www.290996a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.290996a.com/tu/%E5%85%AD%E5%90%88%E5%BD%A9.png FQDN: www.290996a.com IP: 18.166.84.185 HASH: d3c6700276f398a149f080b83d1be5f1706b1387661c479bcc96a821c1bba7db 18.166.84.185 HTTP/1.1 200 OK Content-Type: image/png ETag: "109c534ebb83d41:0" Last-Modified: Sat, 24 Nov 2018 06:02:39 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:39:12 GMT Content-Length: 3253 Connection: close --- Additional Info --- Magic: PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data Size: 3253 Md5: 7d85182ed9e949c8359e29b99a15b6a4 Sha1: ad844dadd7fb80580325fe2e55c8444f67b99e16 Sha256: d3c6700276f398a149f080b83d1be5f1706b1387661c479bcc96a821c1bba7db
GET /img/6.png HTTP/1.1 Host: www.775592.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.775592.com/img/6.png FQDN: www.775592.com IP: 43.198.33.164 HASH: 77dc2df72ae98a651b05e63320e53c5f24f0a44bbf54b8b2d69312f5cbd48b02 43.198.33.164 HTTP/1.1 200 OK Content-Type: image/png ETag: "70c81f6ccd19d51:0" Last-Modified: Mon, 03 Jun 2019 05:30:15 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 13:59:33 GMT Content-Length: 3706 Connection: close --- Additional Info --- Magic: PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data Size: 3706 Md5: 8796a3b03fd42f1b1d7d7e2cf05b3bb4 Sha1: 0f34af2ff701dbf5d1ad5bedd3530b9ca8f0e927 Sha256: 77dc2df72ae98a651b05e63320e53c5f24f0a44bbf54b8b2d69312f5cbd48b02
GET /images/sbx.gif HTTP/1.1 Host: www.290996a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.290996a.com/images/sbx.gif FQDN: www.290996a.com IP: 18.166.84.185 HASH: 56afc3cf038eacd0a4b7016bbd0272f514aadff241e0045ec3488d1e90f60fa1 18.166.84.185 HTTP/1.1 200 OK Content-Type: image/gif ETag: "ac73b7a67ccd51:0" Last-Modified: Thu, 16 Jan 2020 12:21:27 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 13:56:59 GMT Content-Length: 6152 Connection: close --- Additional Info --- Magic: GIF image data, version 89a, 120 x 91\012- data Size: 6152 Md5: accda4679e65b975b589dedae25a3a6a Sha1: 6d62feb19bad82fe34ca0ec6477d811b1cd2675f Sha256: 56afc3cf038eacd0a4b7016bbd0272f514aadff241e0045ec3488d1e90f60fa1
GET /images/8.png HTTP/1.1 Host: 905566a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 905566a.com/images/8.png FQDN: 905566a.com IP: 43.198.33.164 HASH: e8b179efb1b5eee704a9b7e3cf8c36a59c646c9bb7f1acd5ac7e4b1b2e88a5a8 43.198.33.164 HTTP/1.1 200 OK Content-Type: image/png ETag: "7a5b50332f5d41:0" Last-Modified: Wed, 17 Apr 2019 09:44:50 GMT Accept-Ranges: bytes Server: Microsoft-IIS/10.0 Date: Tue, 06 Dec 2022 01:39:12 GMT Content-Length: 10179 Connection: close --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Adobe Photoshop CS6 (Windows), datetime=2017-05-19T17:32:36+08:00], baseline, precision 8, 300x300, components 3\012- data Size: 10179 Md5: dae8da57ad90df205964de1a3511869d Sha1: b02e94c06eac5f255d0af37f0a6443f8bd371269 Sha256: e8b179efb1b5eee704a9b7e3cf8c36a59c646c9bb7f1acd5ac7e4b1b2e88a5a8
GET /images/sxsx.png HTTP/1.1 Host: www.290996a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.290996a.com/images/sxsx.png FQDN: www.290996a.com IP: 18.166.84.185 HASH: 75c65512497bb3a2ebe49d37bde8fc1ef7a5253871c6d58a28a1accd8d42114a 18.166.84.185 HTTP/1.1 200 OK Content-Type: image/png ETag: "29fc7924429bd41:0" Last-Modified: Mon, 24 Dec 2018 04:35:48 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:39:11 GMT Content-Length: 3776 Connection: close --- Additional Info --- Magic: PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data Size: 3776 Md5: 0ef25c8c777978ad14f4ccb0c77da6bf Sha1: d795c4f4f3428f04548754136bc0dbd1af92faac Sha256: 75c65512497bb3a2ebe49d37bde8fc1ef7a5253871c6d58a28a1accd8d42114a
GET /tu/pk10.png HTTP/1.1 Host: www.290996a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.290996a.com/tu/pk10.png FQDN: www.290996a.com IP: 18.166.84.185 HASH: 6c59557f63d4c8bf0e47bce1b498aece087ade47efbc87c02cabaa4bf5a2000a 18.166.84.185 HTTP/1.1 200 OK Content-Type: image/png ETag: "beb29f4dbb83d41:0" Last-Modified: Sat, 24 Nov 2018 06:02:38 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:39:11 GMT Content-Length: 3171 Connection: close --- Additional Info --- Magic: PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data Size: 3171 Md5: 928308dc01922e337feffe659787a9e5 Sha1: 2bc281633711710a1ef8fd20e3e00428395e7eb3 Sha256: 6c59557f63d4c8bf0e47bce1b498aece087ade47efbc87c02cabaa4bf5a2000a
GET /tu/%E6%97%B6%E6%97%B6%E5%BD%A9.png HTTP/1.1 Host: www.290996a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.290996a.com/tu/%E6%97%B6%E6%97%B6%E5%BD%A9.png FQDN: www.290996a.com IP: 18.166.84.185 HASH: 116d3d50171810bd46a54d0fcca787863623aed6ea5da3d971cf3365db25174f 18.166.84.185 HTTP/1.1 200 OK Content-Type: image/png ETag: "acd754fbb83d41:0" Last-Modified: Sat, 24 Nov 2018 06:02:40 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:39:12 GMT Content-Length: 3240 Connection: close --- Additional Info --- Magic: PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data Size: 3240 Md5: 6c4b987758b8221441aa601f0ac70b38 Sha1: 535984741aba5253b1dc8c20ac6a80a415025494 Sha256: 116d3d50171810bd46a54d0fcca787863623aed6ea5da3d971cf3365db25174f
GET /images/colors.png HTTP/1.1 Host: 290997a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 290997a.com/images/colors.png FQDN: 290997a.com IP: 43.198.33.164 HASH: a3be6bb501c15359aa7515e000e03755e112ebd07d12d7f77bbba5078473aa41 43.198.33.164 HTTP/1.1 200 OK Content-Type: image/png ETag: "59a86d5419bd41:0" Last-Modified: Mon, 24 Dec 2018 04:33:35 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:39:12 GMT Content-Length: 4190 Connection: close --- Additional Info --- Magic: PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data Size: 4190 Md5: 179fe0b168c0963d292ba3bf44666796 Sha1: 56cec0596b0f2cb07846ab075bf3e3453b67ebb7 Sha256: a3be6bb501c15359aa7515e000e03755e112ebd07d12d7f77bbba5078473aa41
GET /zybb/ds3x.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/ds3x.js FQDN: 699349.com IP: 16.162.201.20 HASH: abdf3191c4e777b12af5c09561d5756ea064aad6e0d7490471fa4f3bfef71e9f 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "0eea892217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:42 GMT Content-Length: 797 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 797 Md5: 1179f3dbd5b6b47bad801b62e910f105 Sha1: 689dc9ac51dd1476f4891f56174bb5e538dd70af Sha256: abdf3191c4e777b12af5c09561d5756ea064aad6e0d7490471fa4f3bfef71e9f Alerts: Blocklists: - fortinet: Phishing
GET /tp/hf/895_800x100.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/hf/895_800x100.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:24 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /zybb/nvxzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/nvxzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 79f83b7660b5b49dcd6041894e911cff8d357300b7ef9d5d0723b4d100d3ebdc 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:44:42 GMT Content-Length: 817 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 817 Md5: 74b1f903aac8a534416d5fee3a40da92 Sha1: f050a37aec8198661d566ad0d51dea96309977bc Sha256: 79f83b7660b5b49dcd6041894e911cff8d357300b7ef9d5d0723b4d100d3ebdc Alerts: Blocklists: - fortinet: Phishing
GET /images/7.jpg HTTP/1.1 Host: 905566a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 905566a.com/images/7.jpg FQDN: 905566a.com IP: 43.198.33.164 HASH: 05acede47462a44cd4fa008afbe6d7ce1cd993f753c8cd2382d719218a63ba21 43.198.33.164 HTTP/1.1 200 OK Content-Type: image/jpeg ETag: "a188eb312f5d41:0" Last-Modified: Wed, 17 Apr 2019 09:44:47 GMT Accept-Ranges: bytes Server: Microsoft-IIS/10.0 Date: Mon, 05 Dec 2022 23:55:11 GMT Content-Length: 16760 Connection: close --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 512x512, components 3\012- data Size: 16760 Md5: d803b4cf1dc2437adac8ad9706ece0c4 Sha1: f97bb7ddffca37cd88e14ec0c4e2571ff429ed44 Sha256: 05acede47462a44cd4fa008afbe6d7ce1cd993f753c8cd2382d719218a63ba21
GET /tu/lf888.png HTTP/1.1 Host: www.290996a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.290996a.com/tu/lf888.png FQDN: www.290996a.com IP: 18.166.84.185 HASH: 5b207172438d153afd973450add6ce41d67780f71a11f4e56405a4aae5aab728 18.166.84.185 HTTP/1.1 200 OK Content-Type: image/png ETag: "60606c9c415ad51:0" Last-Modified: Sat, 24 Aug 2019 06:03:12 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:10:43 GMT Content-Length: 22523 Connection: close --- Additional Info --- Magic: PNG image data, 103 x 112, 8-bit/color RGBA, non-interlaced\012- data Size: 22523 Md5: c5b6657412d0b878e34fbd7a19957f3a Sha1: 4ee5a750b415ffe518aa9f3ee9cdb1b79b058b0f Sha256: 5b207172438d153afd973450add6ce41d67780f71a11f4e56405a4aae5aab728
GET /jsdc/895cc.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/jsdc/895cc.js FQDN: 699349.com IP: 16.162.201.20 HASH: e8548ff06a9e7e167235f25ebf3df7d1116e61cd1d91d9b900d0f8b7b5a88285 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "72e61a98b51cd81:0" Last-Modified: Tue, 08 Feb 2022 06:32:07 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:02:00 GMT Content-Length: 1320 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (311), with CRLF line terminators Size: 1320 Md5: 80bbd5f3d10c08b7645f8e06c0fde184 Sha1: 2d00281cbd3e1216ce2e9edd0f3ef6243366ffc6 Sha256: e8548ff06a9e7e167235f25ebf3df7d1116e61cd1d91d9b900d0f8b7b5a88285 Alerts: Blocklists: - fortinet: Phishing
GET /tp/49tk/49tk3.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/49tk/49tk3.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:24 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /images/sx004.jpg HTTP/1.1 Host: 628866a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 628866a.com/images/sx004.jpg FQDN: 628866a.com IP: 43.198.33.164 HASH: 1f0da2afea3675b1cb0344468578b041cb6fe2c48f1370a73ea834037ca7b082 43.198.33.164 HTTP/1.1 200 OK Content-Type: image/jpeg ETag: "8f5a9a0e2fed61:0" Last-Modified: Tue, 09 Feb 2021 12:53:56 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:39:13 GMT Content-Length: 418548 Connection: close --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1280, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], baseline, precision 8, 960x1280, components 3\012- data Size: 418548 Md5: cf261190edae73c2d51796b7a8dbe5a5 Sha1: fe9faa7fa093feb4a0212413e9973c2f8000d49f Sha256: 1f0da2afea3675b1cb0344468578b041cb6fe2c48f1370a73ea834037ca7b082
GET /tp/8769/8769hf.gif HTTP/1.1 Host: imgs.mygai.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: imgs.mygai.cn/tp/8769/8769hf.gif FQDN: imgs.mygai.cn IP: 107.148.135.221 HASH: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282 107.148.135.221 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: kangle/3.5.14 Date: Tue, 06 Dec 2022 02:15:24 GMT Content-Length: 579 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 579 Md5: fd257e3a9b8d3abd1ecd56a8e8e4c298 Sha1: 8ef622bd79a2d55116e52e16aa238af7f3aca181 Sha256: 697375791a2ce41a6ce2131c494e282b138174397360eb7d3accf8070cc8d282
GET /zybb/tdzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/tdzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 03cf34ad202a561e0d9491a7e0a62b7e3533ff0754536d9399db660f22ed07ba 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "1be074f4a17d91:0" Last-Modified: Sun, 04 Dec 2022 05:33:35 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 20:31:02 GMT Content-Length: 814 Connection: close --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 814 Md5: fbcdb1e79ea5239f8af8b4e4550f1644 Sha1: 2aae1c27614a43da3a6707163c0239bcd4685b98 Sha256: 03cf34ad202a561e0d9491a7e0a62b7e3533ff0754536d9399db660f22ed07ba Alerts: Blocklists: - fortinet: Phishing
GET /zybb/5xzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/5xzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 2ef9a0d8bc4398e528046605fdc57cd8011432083a8a1ced7596356d80c73705 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "0eea892217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:42 GMT Content-Length: 1492 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 1492 Md5: 5492950bcd256d496b0a67dcd37594ea Sha1: 0c5b52c321afe39d1faaa8569c3762594fa90bd1 Sha256: 2ef9a0d8bc4398e528046605fdc57cd8011432083a8a1ced7596356d80c73705 Alerts: Blocklists: - fortinet: Phishing
GET /jsdc/9898.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/jsdc/9898.js FQDN: 699349.com IP: 16.162.201.20 HASH: efe4c7b8b4c7bcc1740b4d4d3e2c396e753aa26b3114c08a94244367eaf94387 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "3ddc7a4f22d6d81:0" Last-Modified: Sun, 02 Oct 2022 05:46:25 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:02:01 GMT Content-Length: 1317 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (311), with CRLF line terminators Size: 1317 Md5: 91a223b0c90a5bcf10798282e143504c Sha1: a44ef11319747ba51377b0488159e7778b365efe Sha256: efe4c7b8b4c7bcc1740b4d4d3e2c396e753aa26b3114c08a94244367eaf94387 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/ptyx.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/ptyx.js FQDN: 699349.com IP: 16.162.201.20 HASH: 4bbdc24ef55e15e9c0c435b11070a18ec9c58df244c3ae287d92b231ed85e1ec 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:42 GMT Content-Length: 844 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 844 Md5: 351a50440a0222439a43b95c28f2b326 Sha1: 8d56f53afffa50785c070f911b529ca3428fde57 Sha256: 4bbdc24ef55e15e9c0c435b11070a18ec9c58df244c3ae287d92b231ed85e1ec Alerts: Blocklists: - fortinet: Phishing
GET /images/sx002.jpg HTTP/1.1 Host: 628866a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 628866a.com/images/sx002.jpg FQDN: 628866a.com IP: 43.198.33.164 HASH: fd7fe5380476127a04ee860b0bac7c0cbff17cf35e38cbf00f7e5d2c3431e1d5 43.198.33.164 HTTP/1.1 200 OK Content-Type: image/jpeg ETag: "9d561fa1e2fed61:0" Last-Modified: Tue, 09 Feb 2021 12:53:57 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 22:31:26 GMT Content-Length: 386517 Connection: close --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 1440x900, components 3\012- data Size: 386517 Md5: 5a8bd9cb921927c2d02d9a6f7c25d8c0 Sha1: 5737c6396bcd7d5249048bd05887eb76440aee99 Sha256: fd7fe5380476127a04ee860b0bac7c0cbff17cf35e38cbf00f7e5d2c3431e1d5
GET /bd/pttg.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/bd/pttg.js FQDN: 699349.com IP: 16.162.201.20 HASH: b576c96f7b5117b5bd143fa6f7ac0a2e119ef318c591ef63372d8820e1cdd8b1 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80b5a5ec197d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 13:19:51 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:28:08 GMT Content-Length: 3813 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators Size: 3813 Md5: d550d03e6a8602499dea773ce9b74b23 Sha1: 54efe0adde5d710eac9aef121a047f4c163a81c8 Sha256: b576c96f7b5117b5bd143fa6f7ac0a2e119ef318c591ef63372d8820e1cdd8b1 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/ptyw.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/ptyw.js FQDN: 699349.com IP: 16.162.201.20 HASH: 4e6c1b17f1287de2cb1e716ab76e85d59d613d5eacb6f50c728caa3cf96894e8 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 13:59:46 GMT Content-Length: 1055 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 1055 Md5: ae700f80fc11c55a1878f2a1f6018c6c Sha1: 390fe67613ca33bfcbc37c9f42a6df63fd72c3cf Sha256: 4e6c1b17f1287de2cb1e716ab76e85d59d613d5eacb6f50c728caa3cf96894e8 Alerts: Blocklists: - fortinet: Phishing
GET /images/sx003.jpg HTTP/1.1 Host: 628866a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 628866a.com/images/sx003.jpg FQDN: 628866a.com IP: 43.198.33.164 HASH: b5fa3028ebbd0edf0f2a5798f1df71509e35daaa108da14cf013aab934be0662 43.198.33.164 HTTP/1.1 200 OK Content-Type: image/jpeg ETag: "97315aa0e2fed61:0" Last-Modified: Tue, 09 Feb 2021 12:53:56 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 22:34:48 GMT Content-Length: 76750 Connection: close --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 501x722, components 3\012- data Size: 76750 Md5: 489ea9332ce03d4378afd0c4dfae8b69 Sha1: 39834c555e165e7ba483849cb3f961a966a2cbe2 Sha256: b5fa3028ebbd0edf0f2a5798f1df71509e35daaa108da14cf013aab934be0662
GET /images/sx001.jpg HTTP/1.1 Host: 628866a.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: 628866a.com/images/sx001.jpg FQDN: 628866a.com IP: 43.198.33.164 HASH: 070af32e38af80515a54f85e3acf241a03acb18354c0534e2ac9eab8961bbd47 43.198.33.164 HTTP/1.1 200 OK Content-Type: image/jpeg ETag: "15dd7fb34116d81:0" Last-Modified: Mon, 31 Jan 2022 01:27:24 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 22:32:10 GMT Content-Length: 1079505 Connection: close --- Additional Info --- Magic: PNG image data, 972 x 690, 8-bit/color RGBA, non-interlaced\012- data Size: 1079505 Md5: 13be2b66ee5e018a7f05fdd2137f0ffc Sha1: 91fc72147092152e9a1fec6c0a6a048800b633c0 Sha256: 070af32e38af80515a54f85e3acf241a03acb18354c0534e2ac9eab8961bbd47
GET /zybb/dslx.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/dslx.js FQDN: 699349.com IP: 16.162.201.20 HASH: 853326c7d76cc89cfd03d84b5a9f5a6406a50601fd706333c4dc513a7fe2d5ea 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 02:05:31 GMT Content-Length: 861 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 861 Md5: ae2fa9862cc3966cc5fdaa8086ea1a28 Sha1: 74b019b17a1fe69a7b48669be53e943dadea98a1 Sha256: 853326c7d76cc89cfd03d84b5a9f5a6406a50601fd706333c4dc513a7fe2d5ea Alerts: Blocklists: - fortinet: Phishing
GET /zybb/24ma.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/24ma.js FQDN: 699349.com IP: 16.162.201.20 HASH: 1de9bd2df0d9bd5aba3d6aff1267226a9c62ec6e6a2fddceaf4bbac904ea4dac 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "0eea892217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:44:43 GMT Content-Length: 1467 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 1467 Md5: 16e49c9c9effa65ec7705400d52cc0d1 Sha1: 619affd7d8d7db04c496e76ea82b1fbc594689dc Sha256: 1de9bd2df0d9bd5aba3d6aff1267226a9c62ec6e6a2fddceaf4bbac904ea4dac Alerts: Blocklists: - fortinet: Phishing
GET /zybb/zyzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/zyzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 76d4a00102c057cd657d83083b6eceac91433dbf764e47ebf03ac115951e2c17 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:23:02 GMT Content-Length: 754 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 754 Md5: f4bd219f5a87e4cabefda2d7a3d71b13 Sha1: 016ee8a48eb0dac7b0f12db3f546ebf8589cf842 Sha256: 76d4a00102c057cd657d83083b6eceac91433dbf764e47ebf03ac115951e2c17 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/xdxzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/xdxzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 4a76bd0237e984340a3e33129df1601b7b07a7270905bfed0d3c579cde55a3fe 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:44:43 GMT Content-Length: 750 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 750 Md5: 16bc73eedb253037f5b7d94ae9533f7a Sha1: ff624bc5a7e69fd58479bd86163aaab8473b79bb Sha256: 4a76bd0237e984340a3e33129df1601b7b07a7270905bfed0d3c579cde55a3fe Alerts: Blocklists: - fortinet: Phishing
GET /zybb/gsb2.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/gsb2.js FQDN: 699349.com IP: 16.162.201.20 HASH: ecc019b54c39557ee824f9600aba780a47248c7a2505475131fa4975caaecbd3 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:54:43 GMT Content-Length: 1407 Connection: close --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 1407 Md5: 33ed43e41648abd8a8737a3fe1777228 Sha1: 252e60c7df16b2373447a3b6be9f4d27d0a98a51 Sha256: ecc019b54c39557ee824f9600aba780a47248c7a2505475131fa4975caaecbd3 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/4jzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/4jzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: f79eefb5325a4d163fc3e552c9bf118323adf8fab05b86e6306aa2dc6c576e19 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "0eea892217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:43 GMT Content-Length: 792 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 792 Md5: 4c4dc616fc55821a698d1140815cd8f3 Sha1: d033f2e5a4f685b5bbb9b938cf6df1c49476e506 Sha256: f79eefb5325a4d163fc3e552c9bf118323adf8fab05b86e6306aa2dc6c576e19 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/hbzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/hbzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 4ecce0a74e8ab72d21bb84630e942caf06a3efd62d0e3138be66ac9cd4c7dd72 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:44:44 GMT Content-Length: 847 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 847 Md5: 40d8f4d6c712eb4498ebebbc67484ca2 Sha1: 51b441159de4ee74b8d981016f20684ca6893f86 Sha256: 4ecce0a74e8ab72d21bb84630e942caf06a3efd62d0e3138be66ac9cd4c7dd72 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/ywbzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/ywbzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 7e7574bb2225135aacfece96445fb7f18038493b0f4d86f2f9d48dfe33e72966 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "01bda93217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:38 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:44:44 GMT Content-Length: 556 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 556 Md5: dbfb74e16d291f66512806b17781fc22 Sha1: a464d8b44e10c7b45f094dbf0abce0a94e4eabc1 Sha256: 7e7574bb2225135aacfece96445fb7f18038493b0f4d86f2f9d48dfe33e72966 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/dsbzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/dsbzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: 2fe094bd0ea77cda61e11cac7b43f31f59978d1a83bf9c66180e847a20cfd42e 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "87844093217d91:0" Last-Modified: Sat, 03 Dec 2022 14:14:36 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 14:12:02 GMT Content-Length: 942 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 942 Md5: 312c7f625c0f36aac9b50fc7a3bd88ef Sha1: afa8ffe68813627328dab76a7d4bc3f54ea0f3b0 Sha256: 2fe094bd0ea77cda61e11cac7b43f31f59978d1a83bf9c66180e847a20cfd42e Alerts: Blocklists: - fortinet: Phishing
GET /zybb/gongshi.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/gongshi.js FQDN: 699349.com IP: 16.162.201.20 HASH: b01b3d689baf1690f51527e05bea593f1bd5ae3caf0b7f29f43fe985768bd7c1 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:44:44 GMT Content-Length: 869 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 869 Md5: 7a267f60344fec389e3c0bbce3efe3ba Sha1: 238d1d0708356caedc08cd039bf4d726ed67bd9f Sha256: b01b3d689baf1690f51527e05bea593f1bd5ae3caf0b7f29f43fe985768bd7c1 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/jmxc.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/jmxc.js FQDN: 699349.com IP: 16.162.201.20 HASH: 6c76c05444e6ebaac3e4b771c7dfa092cd118b7fdaa3d2db46781d2f01235b3e 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:35:18 GMT Content-Length: 994 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 994 Md5: 8413295f82115c4d8ab3cae26f4a771e Sha1: c50b89748deb84bdad22380706a5477844f21c98 Sha256: 6c76c05444e6ebaac3e4b771c7dfa092cd118b7fdaa3d2db46781d2f01235b3e Alerts: Blocklists: - fortinet: Phishing
GET /zybb/lbzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/lbzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: ad1292d17aaef9305a52b5bd54c096baea3172a3bcd7c5d1a83bef97d5a3a81b 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:28:15 GMT Content-Length: 1107 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 1107 Md5: bc3b109a4d7fd1f640cd9115d1484d55 Sha1: c9a075cdae853852223a8c525b1a9045356736bc Sha256: ad1292d17aaef9305a52b5bd54c096baea3172a3bcd7c5d1a83bef97d5a3a81b Alerts: Blocklists: - fortinet: Phishing
GET /jsdc/49ac.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/jsdc/49ac.js FQDN: 699349.com IP: 16.162.201.20 HASH: 97a9741571d36591084da6e3541123c2a61b232ea43a01d9e67c9ed518cedaba 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip ETag: "808c6486e81bd81:0" Last-Modified: Mon, 07 Feb 2022 06:04:10 GMT Accept-Ranges: bytes Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 00:05:08 GMT Content-Length: 1725 Connection: close --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (311), with CRLF line terminators Size: 1725 Md5: 1dd52b1a2fd24f57ed713d258cf25668 Sha1: 598f2382be5960d967f5424300bf5c51f501a056 Sha256: 97a9741571d36591084da6e3541123c2a61b232ea43a01d9e67c9ed518cedaba Alerts: Blocklists: - fortinet: Phishing
GET /jiuxiaoyima.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/jiuxiaoyima.js FQDN: 699349.com IP: 16.162.201.20 HASH: 50c006b42668af51af14a37e9131666ef43cdf249047404ff3538b56027cc25c 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80b17294217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:39 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:43 GMT Content-Length: 1300 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators Size: 1300 Md5: b85311c8025c51deac09a36cfc067e7b Sha1: 82d08dc8cf8b1dbb45f4758d657ceb81e2abbf69 Sha256: 50c006b42668af51af14a37e9131666ef43cdf249047404ff3538b56027cc25c Alerts: Blocklists: - fortinet: Phishing
GET /zybb/gsb3.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/gsb3.js FQDN: 699349.com IP: 16.162.201.20 HASH: 8ac7a641417135739d0f18a489ede85c02b99175addade27632917a61cf9e13e 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:43 GMT Content-Length: 954 Connection: close --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 954 Md5: 64fcea2274be1eb52dada508ff12abfb Sha1: b1537b66477f3416d2e750a718921159e448f52b Sha256: 8ac7a641417135739d0f18a489ede85c02b99175addade27632917a61cf9e13e Alerts: Blocklists: - fortinet: Phishing
GET /zybb/3qbc.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/3qbc.js FQDN: 699349.com IP: 16.162.201.20 HASH: 2ab160d91ec6267266c1da1ee5ae567aab15055153ddbbbc4bda1241b716a0e5 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "0eea892217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Mon, 05 Dec 2022 23:44:44 GMT Content-Length: 862 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 862 Md5: b6446f10764651aa4014031cc736d935 Sha1: 8ccbcdc87b216a3336428e4843d8a5b104f8ec6a Sha256: 2ab160d91ec6267266c1da1ee5ae567aab15055153ddbbbc4bda1241b716a0e5 Alerts: Blocklists: - fortinet: Phishing
GET /zybb/dxdzt.js HTTP/1.1 Host: 699349.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://699349.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 699349.com/zybb/dxdzt.js FQDN: 699349.com IP: 16.162.201.20 HASH: d9eeeff394299cccaa4a0b9a8205ac658234ba072468ef4b21aadb55f5760b39 16.162.201.20 HTTP/1.1 200 OK Content-Type: application/javascript ETag: "80844193217d91:0" Content-Encoding: gzip Last-Modified: Sat, 03 Dec 2022 14:14:37 GMT Accept-Ranges: bytes Vary: Accept-Encoding Server: Microsoft-IIS/8.5, MacauOS X-Powered-By: ASP.NET Date: Tue, 06 Dec 2022 01:49:43 GMT Content-Length: 864 Connection: close --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Size: 864 Md5: 4d9a6ea33952c0d351431d65dfd62d4e Sha1: 0d0ff3b427275e9b62496146843c6c1d42f5cb34 Sha256: d9eeeff394299cccaa4a0b9a8205ac658234ba072468ef4b21aadb55f5760b39 Alerts: Blocklists: - fortinet: Phishing

URL	699349.com/
IP	18.166.84.185 (Hong Kong)
ASN	#16509 AMAZON-02
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-06 02:17:08 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	56
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (25)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 18.166.84.185

Last 5 reports on ASN: AMAZON-02

Last 1 reports on domain: 699349.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (43)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (138)

Overview

Domain Summary (25)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 18.166.84.185

Last 5 reports on ASN: AMAZON-02

Last 1 reports on domain: 699349.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (43)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (138)

Network Intrusion Detection Systems