Overview

URL akhbarjagat.com/uploads/photos-gallery/celebrity-pics/sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00
IP23.19.132.94
ASNLEASEWEB-USA-PHX
Location United States
Report completed2022-10-03 12:09:02 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-03 2 dxjyy110.xyz Sinkholed


Files

No files detected



Passive DNS (34)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS yaoji666.oss-cn-hongkong.aliyuncs.com (1) 0 2022-07-12 23:48:19 UTC 2022-10-03 01:33:56 UTC 47.75.19.62 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS img.x995.xyz (1) 0 2022-07-18 13:16:51 UTC 2022-10-03 01:33:56 UTC 38.47.102.246 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.77.32
mnemonic passive DNS ocsp.digicert.cn (1) 37572 2020-03-20 17:45:56 UTC 2022-10-03 09:20:31 UTC 47.246.44.205
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-10-03 08:03:33 UTC 172.64.155.188
mnemonic passive DNS facai688.xyz (1) 0 2022-06-01 19:17:43 UTC 2022-10-03 01:34:08 UTC 108.62.14.8 Unknown ranking
mnemonic passive DNS 999tou.com.999tun.com.999suo.com.bbz51.xyz (25) 0 No data No data 142.91.194.41 Unknown ranking
mnemonic passive DNS kvemm.com (1) 222018 2021-10-18 01:51:02 UTC 2022-10-03 01:33:56 UTC 78.46.107.74
mnemonic passive DNS www.dxjyy110.xyz (1) 0 2022-09-14 10:05:08 UTC 2022-10-03 01:33:57 UTC 173.231.38.159 Unknown ranking
mnemonic passive DNS pic.picnewsss.com (1) 0 2022-06-14 11:57:58 UTC 2022-10-03 01:33:56 UTC 23.225.139.251 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 216.137.44.95
mnemonic passive DNS akhbarjagat.com (1) 0 2020-11-23 15:28:08 UTC 2022-10-03 03:39:51 UTC 23.19.132.94 Unknown ranking
mnemonic passive DNS www.akhbarjagat.com (4) 0 2022-09-22 02:54:16 UTC 2022-10-03 03:39:54 UTC 23.19.132.94 Unknown ranking
mnemonic passive DNS 66377311795.com (1) 0 2022-08-09 09:37:37 UTC 2022-10-03 01:33:57 UTC 45.61.212.59 Unknown ranking
mnemonic passive DNS tj.facai688.xyz (1) 0 2022-06-01 19:17:42 UTC 2022-10-03 01:33:54 UTC 108.62.14.8 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-10-03 04:58:17 UTC 104.18.20.226
mnemonic passive DNS p3.douyinpic.com (1) 23536 2020-12-18 11:20:50 UTC 2022-10-03 05:48:50 UTC 47.246.44.231
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 08:58:12 UTC 18.164.68.21
mnemonic passive DNS api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2022-10-03 01:43:52 UTC 39.156.68.163
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-10-03 09:25:21 UTC 104.18.21.226
mnemonic passive DNS 539397377.com (1) 0 2022-09-15 08:58:39 UTC 2022-10-03 01:34:09 UTC 47.75.19.14 Unknown ranking
mnemonic passive DNS js.users.51.la (2) 53024 2012-05-30 15:10:11 UTC 2022-10-03 08:16:01 UTC 103.143.19.103
mnemonic passive DNS dimg04.c-ctrip.com (3) 139731 2014-05-08 16:11:10 UTC 2022-10-03 01:33:56 UTC 104.110.17.24
mnemonic passive DNS kvkiii.top (1) 0 2022-08-16 22:28:55 UTC 2022-10-03 01:33:58 UTC 104.21.234.204 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 04:56:22 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-10-03 07:33:02 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 05:10:27 UTC 34.212.166.60
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 07:41:14 UTC 34.120.237.76
mnemonic passive DNS ia.51.la (1) 59607 2017-10-31 08:01:51 UTC 2022-10-03 06:30:38 UTC 103.143.19.103
mnemonic passive DNS si1.go2yd.com (1) 325918 2017-02-02 11:37:19 UTC 2022-10-03 01:33:57 UTC 58.254.180.65
mnemonic passive DNS push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-10-03 01:43:51 UTC 180.101.212.103
mnemonic passive DNS rootnetworksdv.ocsp-certum.com (1) 0 2022-06-01 19:17:44 UTC 2022-10-03 01:33:56 UTC 23.36.79.17 Domain (ocsp-certum.com) ranked at: 9356
mnemonic passive DNS hm.baidu.com (4) 8254 2012-05-26 08:38:45 UTC 2022-10-03 07:29:33 UTC 103.235.46.191


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.19.132.94

Date UQ / IDS / BL URL IP
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-21 03:10:07 +0000
0 - 0 - 4 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-19 05:26:22 +0000
0 - 0 - 3 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-19 05:25:46 +0000
0 - 0 - 3 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-18 04:10:28 +0000
0 - 0 - 2 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

Last 5 reports on ASN: LEASEWEB-USA-PHX

Date UQ / IDS / BL URL IP
2022-12-02 01:08:54 +0000
0 - 0 - 1 www.munkakereso.com/excel/eafe28349e97f8b8c62 (...) 23.81.237.225
2022-12-02 01:08:39 +0000
0 - 0 - 2 munkakereso.com/excel/eafe28349e97f8b8c6276db (...) 23.81.237.225
2022-11-25 01:20:07 +0000
0 - 0 - 2 23.81.227.197/ 23.81.227.197
2022-11-23 03:54:36 +0000
0 - 0 - 4 www.cunetong.com/ 23.19.133.213
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

Last 5 reports on domain: akhbarjagat.com

Date UQ / IDS / BL URL IP
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-21 03:10:07 +0000
0 - 0 - 4 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-19 05:26:22 +0000
0 - 0 - 3 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-19 05:25:46 +0000
0 - 0 - 3 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-18 04:10:28 +0000
0 - 0 - 2 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

No other reports with similar screenshot



JavaScript

Executed Scripts (26)


Executed Evals (1)

#1 JavaScript::Eval (size: 462, repeated: 1) - SHA256: a0b595d2246e129c3862e21182936f4eb966da13c113b909b897a779c7ad8fa9

                                        document.write('<title>�3�
        F8 Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="http:/ / facai688.xyz / tz.html "></iframe></div><style type="
        text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');
                                    

Executed Writes (6)

#1 JavaScript::Write (size: 201, repeated: 1) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca

                                        < style > # o63092 {
    animation - duration: 10000 ms;
    animation - iteration - count: infinite;
    animation - timing - function: linear;
}@
keyframes spin {
    from {
        transform: rotate(0 deg);
    }
    to {
        transform: rotate(360 deg);
    }
} < /style>
                                    

#2 JavaScript::Write (size: 545, repeated: 1) - SHA256: 345d9c24fbaf685a85cc508b41bfb7401953b960c4af9674ded642f4da15dc36

                                        < div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 30%; z-index: 19999 !important; right: 2px;" > < img src = "https://www.dxjyy110.xyz/static/images/pngtree-icon-close-button-png-image_1357955.jpg"
onclick = "$('#o63092').remove()"
style = "border-radius:50%;position:absolute;top:3px;right:3px;cursor:pointer;width:20px;height:20px;z-index:19000;"
id = "c63092" > < a target = "_blank"
href = "https://5468.nl/" > < img src = "/guang/tupian/xtb1.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>
                                    

#3 JavaScript::Write (size: 489, repeated: 1) - SHA256: 9eb87cdca5d7ed87434803b14a745d241d0730b819a428d0b043ff217808717e

                                        < style > .duilian {
    z - index: 9999;
    position: fixed;
    border - bottom: 1 px dashed red;
    border - right: 1 px dashed red;
    border - left: 1 px dashed red;
}.dlclose {
    height: 30 px;line - height: 30 px;text - align: center;display: block;background - color: # fff;color: # f00;
}.dlad {
    display: block;
}@
media screen and(min - width: 768 px) {.dlad img {
        width: 120 px;
    }.duilian {
        top: 310 px;
    }
}@
media screen and(max - width: 767 px) {.dlad img {
        width: 60 px;
    }.duilian {
        top: 300 px;
    }
}
# duilianl {
    float: left;left: 0 px;
}
# duilianr {
    float: right;right: 0 px;
} < /style>
                                    

#4 JavaScript::Write (size: 42, repeated: 1) - SHA256: d9d981c6b0aa4781b46e3fc90d744f518534418094d44531a4eb6cd4594ceb69

                                        999 tou.com.999 tun.com.999 suo.com.bbz51.xyz
                                    

#5 JavaScript::Write (size: 443, repeated: 1) - SHA256: f905d0e7c2388e6caf64b22eec971777fbfaff831c004e364afe931ccf5c8360

                                        < title > �3� F8 Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="http:/ / facai688.xyz / tz.html "></iframe></div><style type="
text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
                                    

#6 JavaScript::Write (size: 82, repeated: 1) - SHA256: 3129c6cb3e6c985557cb775967d4b4beedc5f979f655dbc4c5750a9d2fc23655

                                        < script type = "text/javascript"
src = "https://js.users.51.la/21340601.js" > < /script>
                                    


HTTP Transactions (85)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.21
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 12:03:32 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 86897b9f074001e33ff5cbec58c4bc02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: POTBx-vVStMr-wq2HWClQB1ia4PAfDxSctc5P7EyPLho41sXcQ_bhQ==
Age: 320


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB128AEC099DBF1919EE5D965221E904AD3A2162583683CEC44518640B505447"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8103
Expires: Mon, 03 Oct 2022 14:23:55 GMT
Date: Mon, 03 Oct 2022 12:08:52 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.137.44.95
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 03:34:13 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 48179baa1f4b10fb9dd77b83761e5d14.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: 8cA2viftefgc6vlhGXnUisyZW1A3jh7ZATSF8TgyT509ZsIs4SX7hg==
age: 30935
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /uploads/photos-gallery/celebrity-pics/sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00 HTTP/1.1 
Host: akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.19.132.94
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 03 Oct 2022 12:08:50 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.akhbarjagat.com/uploads/photos-gallery/celebrity-pics/sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 12:08:52 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /uploads/photos-gallery/celebrity-pics/sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00 HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 03 Oct 2022 12:08:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (547), with CRLF line terminators
Size:   743
Md5:    9b4824d4f096012f20cb546d557aff39
Sha1:   a8c144e5f11d0b649f04521b9f8e724d02a4211b
Sha256: 0941e02c9c9f0fdca526e8342391a5af8623a782f459b1994eaf18cbaf09137f
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.21
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 03 Oct 2022 11:32:53 GMT
Expires: Mon, 03 Oct 2022 12:08:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6777bbd78e2191b131d624eba7093540.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: D51twRAX9J4B3INFTK-i-uyRBjUyUL_MZfnYf1Hz0i4lUrj4rMICTw==
Age: 2159


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2981
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 12:08:52 GMT
Last-Modified: Mon, 03 Oct 2022 11:19:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /common.js HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/photos-gallery/celebrity-pics/sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 03 Oct 2022 12:08:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size:   736
Md5:    e1937132dc445610755ef97b7ae0bc2f
Sha1:   44eb128036cc75cde0d3cb9d17b0cc0357f7d456
Sha256: 89e6a1c831957332443532e96c9716959189b18cb117ea7006c6b88732329f87
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/photos-gallery/celebrity-pics/sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 03 Oct 2022 12:08:50 GMT
Content-Length: 364
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   364
Md5:    332865220902257fed0762697b2141a9
Sha1:   acb142d77b029d4187f5f28b9cf259ba0ccdc647
Sha256: ad78816c60cb946980c076109cdd9f82d96c35fca6320bfc960439b856fdd6c8
                                        
                                            GET /tjc.js HTTP/1.1 
Host: tj.facai688.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         108.62.14.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Mon, 03 Oct 2022 03:35:51 GMT
Accept-Ranges: bytes
ETag: "cc178b3cd9d6d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:31 GMT
Content-Length: 276


--- Additional Info ---
Magic:  ISO-8859 text, with no line terminators
Size:   276
Md5:    7c4f61ad8a3d84ffb2360f2f9148febf
Sha1:   5b7fb990f97444bc19f66f488c37695a5593cd57
Sha256: 0db773bdb56ede64fc504a2d77f332f891ff4536662ce45095d08de6e1b380c7
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7JepAGIBlyBi/5kckWesYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WQY0mdpJdTNSNvgGLXcViS95mWM=

                                        
                                            GET /tz.html HTTP/1.1 
Host: facai688.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Upgrade-Insecure-Requests: 1

                                         
                                         108.62.14.8
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Mon, 03 Oct 2022 03:35:03 GMT
Accept-Ranges: bytes
ETag: "1d3ceb1fd9d6d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:31 GMT
Content-Length: 266


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   266
Md5:    0714223188d8e5add3eabc096815efff
Sha1:   6cd41b63601e8814925a70bd6ee622de46653b89
Sha256: 86386fc8acf973db09b2289394f86cfd5f7f136b1832fe497eb68277825da6cd
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         180.101.212.103
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Mon, 03 Oct 2022 12:08:53 GMT
Etag: "4078521116"
Expires: Tue, 03 Oct 2023 12:08:53 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=148F44D95EDEC5CDA133686E24E7F8B5:FG=1; max-age=31536000; expires=Tue, 03-Oct-23 12:08:53 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 12:08:53 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 07 Oct 2022 08:46:49 GMT
ETag: "d7da2eae0cbe72f6b88b93c66df0aa9dc38ddf76"
Last-Modified: Mon, 03 Oct 2022 08:46:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2191
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754590d6e99db51d-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    69ace5aaf8af49633962aecb6e258f4d
Sha1:   d7da2eae0cbe72f6b88b93c66df0aa9dc38ddf76
Sha256: 0050903daa08f27ee5b525b10b756849ea82584794f1f60b55037b5dee9c58c0
                                        
                                            POST / HTTP/1.1 
Host: rootnetworksdv.ocsp-certum.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.17
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1490
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 03 Oct 2022 12:08:53 GMT
Connection: keep-alive
X-N: S


--- Additional Info ---
Magic:  data
Size:   1490
Md5:    645b8e02a2ad5878e5e6f2e75bea3d41
Sha1:   1be226cd5fe931f29618ab841782193320d92f3f
Sha256: e93711da57e84b8b93b82179530ab6dbd51d0b2340f323087610f82a7e9c23e7
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 12:08:53 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 07 Oct 2022 07:33:35 GMT
ETag: "7d983601ec04493b03ea5db853806eefcb986578"
Last-Modified: Mon, 03 Oct 2022 07:33:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2596
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754590d74a3fb51d-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    854fa2db0ce2fc08faa667745b8311ec
Sha1:   7d983601ec04493b03ea5db853806eefcb986578
Sha256: ee6b01203e834b10c7881308e6bf0b6b85e63a4aa8a796878fe7c7a203846044
                                        
                                            GET /s.gif?l=http://www.akhbarjagat.com/uploads/photos-gallery/celebrity-pics/sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00 HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         39.156.68.163
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Mon, 03 Oct 2022 12:08:53 GMT

                                        
                                            GET /21340601.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Mon, 03 Oct 2022 12:08:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=acba2421593d9d689c5; path=/ HWWAFSESTIME=1664798930047; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    2ff318a80195125269380e0a04912fd5
Sha1:   c2346db1a1d365a971fc0059363113c03340e2b0
Sha256: e3e5e1740b559ee77b18767fdd8d33e8886a306d74565c288e132f634c2979e4
                                        
                                            GET / HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://facai688.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.3.33, ASP.NET
Date: Mon, 03 Oct 2022 12:08:32 GMT
Content-Length: 12610


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   12610
Md5:    231a1a9896fbb6abfa6763669819432b
Sha1:   97865212d50020693ffc7dd83242187fe1f26236
Sha256: 867e372fc46a4575298d5dd8598b9c44cf3ce10692756ae4cede4816bb8a8018
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15134
Expires: Mon, 03 Oct 2022 16:21:08 GMT
Date: Mon, 03 Oct 2022 12:08:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15134
Expires: Mon, 03 Oct 2022 16:21:08 GMT
Date: Mon, 03 Oct 2022 12:08:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15134
Expires: Mon, 03 Oct 2022 16:21:08 GMT
Date: Mon, 03 Oct 2022 12:08:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15134
Expires: Mon, 03 Oct 2022 16:21:08 GMT
Date: Mon, 03 Oct 2022 12:08:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15134
Expires: Mon, 03 Oct 2022 16:21:08 GMT
Date: Mon, 03 Oct 2022 12:08:54 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 26763
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 51738
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8158
Md5:    721a8d8f94c3796abf021978fcdbc831
Sha1:   3fc3aeae907a0ce0db21753c67c1000681e48b8e
Sha256: cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9095
x-amzn-requestid: 9f6cbd35-adf6-4163-aaf0-a3534bfc25c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNes7G79oAMF2DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544b8-306a82aa5f91bcdb3b349b87;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1OJxta_mZGnKulQTucUAnzu5w6Mx7L5Tyo_eleCDo76KH2ywvEUTHw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 22:11:12 GMT
age: 50262
etag: "f964cf69ae825bb32eef4b364df8227c5fb73fce"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9095
Md5:    a59b70f464b106c9e54579d8b2f967fa
Sha1:   f964cf69ae825bb32eef4b364df8227c5fb73fce
Sha256: cf2c8c1d3ebbdb8fea6b90d81d240120749cfdceb525713ef153481cb15a438e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 51738
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 51036
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10839
Md5:    36debc920b17e124779c01af9101a59e
Sha1:   b105f7bf041365d644c98c7e11ffa75e4656d29d
Sha256: f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8279
x-amzn-requestid: fed6efac-3419-4ecc-89f8-d4c3e0c22915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWbsHpBIAMFT1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044a-5fc3bf5b7126d4a835d93e3d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7g6tucmoqeX5RFtet3L9XllP1G6fx4RWt5XqTsVvhtxZnPxV0EVpqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 22:19:52 GMT
age: 49742
etag: "ced4806b7cc4d08e2c3f1c5e591184f462e86ec2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8279
Md5:    bfb6fbd0b91416a5a7cc7f7d0fcbf27c
Sha1:   ced4806b7cc4d08e2c3f1c5e591184f462e86ec2
Sha256: 9a217da43a32c70ebd39b3076b3c14b16d8931ccebfe5d41139fa706b3b3e149
                                        
                                            GET /template/default_pc/static/css/bootstrap.min.css HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 16:30:00 GMT
Accept-Ranges: bytes
ETag: "0b4ce92cb36d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:32 GMT
Content-Length: 20869


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   20869
Md5:    d396b7d3ad370ccd36985d7bc35dfbd9
Sha1:   b54349c3f074289bb2183a20d20275c859944f91
Sha256: b07c213229c2b22c54f600793044ac3e8bcc11dbacb997e23a52cdbb64b696b2
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/photos-gallery/celebrity-pics/sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00
Cookie: __tins__21340601=%7B%22sid%22%3A%201664798934098%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201664800734098%7D; __51cke__=; __51laig__=1

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Mon, 03 Oct 2022 12:08:52 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 08 Oct 2022 12:08:52 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            GET /21304457.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Mon, 03 Oct 2022 12:08:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=acba247b593d9d689c5; path=/ HWWAFSESTIME=1664798930047; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    9dd130e2d6360f9394d135b73733e123
Sha1:   35370c294542e42c3f0a3b2c9412bdc4e6701df7
Sha256: f7db63a3170b1633f70f5053179bee2ee27634141f46727c9926a6818d2909d0
                                        
                                            GET /template/default_pc/static/js/swiper.js HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:35 GMT
Accept-Ranges: bytes
ETag: "8043b0c17a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 23566


--- Additional Info ---
Magic:  ASCII text, with very long lines (31999), with CRLF line terminators
Size:   23566
Md5:    1f0ab62a78bef11558f885e48158c967
Sha1:   febea63527147b66bd2679340b3d85b9c2ffd7f1
Sha256: 63042ddab6019075987f0bb07730151a3164a17e502a2096890018463c3db8a5
                                        
                                            GET /go1?id=21340601&rt=1664798934098&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%252C%25E8%2589%25B3%25E6%2583%2585&ing=1&ekc=&sid=1664798934098&tt=%25E8%25BE%25BD%25E9%2598%25B3%25E8%25B8%258A%25E8%2583%25BA%25E5%2595%2586%25E8%25B4%25B8%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%252C%25E8%2589%25B3%25E6%2583%2585%25E7%2589%2587%25E7%2599%25BE%25E5%25BA%25A6%25E5%25BD%25B1%25E9%259F%25B3&cu=http%253A%252F%252Fwww.akhbarjagat.com%252Fuploads%252Fphotos-gallery%252Fcelebrity-pics%252Fsep%252F02%252Fbig_thumb%252Fm20_pay%252Fuserlogin.php%252Fxme%252Fuafz%252F%253Fnose%253D1etp1h2rggg00&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Mon, 03 Oct 2022 12:08:54 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=fdc1b5cba4536b4df2b; path=/ HWWAFSESTIME=1664798933016; path=/

                                        
                                            GET /guang/dibu.js HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 29 Sep 2022 02:10:49 GMT
Accept-Ranges: bytes
ETag: "20ec83b1a8d3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 1039


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (543), with CRLF line terminators
Size:   1039
Md5:    b5ef014d21fa2ac1891b6bde5912bab9
Sha1:   17835a8284ea572adfc2f27d372865e3c807348f
Sha256: 358e6c839e28db155cc5bb4662eab62d1b6f7b36b86f0f7f9bfd6fd569c4c472
                                        
                                            GET /template/default_pc/static/js/function.js HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:38 GMT
Accept-Ranges: bytes
ETag: "a2fee2c37a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 295


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   295
Md5:    edef42c7a7d3068b37c8abd68da1e65f
Sha1:   d3a95e5345ee1409ec1670419954b018d3b87843
Sha256: ecb0bda0eb6a9c3d87e202f0265d0257bba62381e76f250a9fdb69e451fb73e7
                                        
                                            GET /template/default_pc/static/css/swiper.css HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:20 GMT
Accept-Ranges: bytes
ETag: "072bfb87a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 2844


--- Additional Info ---
Magic:  ASCII text, with very long lines (17459), with CRLF line terminators
Size:   2844
Md5:    73495b6b6735f3cbfb2bd61190ab1e9b
Sha1:   8e91c8f0db49ce355c937b4bf889e2e28d90e474
Sha256: 25503d8d79625393388b2012fcff75ca11a0ff24e99ab2e96b81477d03d5b8e7
                                        
                                            GET /template/default_pc/static/js/jquery.lazyload.min.js HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 06:41:44 GMT
Accept-Ranges: bytes
ETag: "084263a7dbad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 1301


--- Additional Info ---
Magic:  ASCII text, with very long lines (3309), with CRLF line terminators
Size:   1301
Md5:    585fbfa6aa45a49cae543556ec02359d
Sha1:   0ec7b720081212cb60a5ade175601872315720ed
Sha256: 539fb61395056ca67b9509f7d93e2254d21936d623c90b2bcd805af05be44dc5
                                        
                                            GET /template/default_pc/static/css/style.css HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 07 Jul 2022 12:06:13 GMT
Accept-Ranges: bytes
ETag: "80a8c3f3f991d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 14400


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   14400
Md5:    42eaf106628c6d050b80a1f5fa147a91
Sha1:   9f3e90a1ff07dc60f2763fbd578cfcb70f6f13ff
Sha256: 4883479ca8e4c5b6383ef28d8c812dabcef69700587b25e4ff08054cf08aaee1
                                        
                                            GET /template/default_pc/static/js/jquery.js HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 06:41:44 GMT
Accept-Ranges: bytes
ETag: "084263a7dbad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 35104


--- Additional Info ---
Magic:  ASCII text, with very long lines (1144), with CRLF line terminators
Size:   35104
Md5:    fad2c2e24db686d57d74d53806d73fc4
Sha1:   603ff8fc7d29af457fe952445e86578ba73cf56c
Sha256: d4e1367cc59e239603c8d2ac84ec2738e40dc86a87cde8f59ea14a61b6067dac
                                        
                                            GET /images/03950120009rs7dn26B5E.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=10592847
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Mon, 03 Oct 2022 12:08:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   893726
Md5:    1e34697200f13da14c5bfabeba617325
Sha1:   9a18ed38d5d385f885c28a4280b4c61302745b65
Sha256: b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
                                        
                                            GET /images/0100v120009ttax9l722D.gif?proc=autoorient HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 402231
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11215874
expires: Fri, 10 Feb 2023 07:40:09 GMT
date: Mon, 03 Oct 2022 12:08:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 240\012- data
Size:   402231
Md5:    6497ef8f223cd0070b904d48ece475e5
Sha1:   7e6dc0a79d9a1feef08b8cfffffb2fef7bf83fc6
Sha256: cfe5826da227b26ad6a5dc15aea3ca217a3ff9bab854cc7b72b40468fb9a73bc
                                        
                                            GET /images/0394n12000a0asaa74C95.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 1495356
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15019134
expires: Sun, 26 Mar 2023 08:07:49 GMT
date: Mon, 03 Oct 2022 12:08:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   1495356
Md5:    af737e86fc083a958d9f25203333f0be
Sha1:   cb0ee5d9a71efdf61b622bd4175998bdeecca900
Sha256: e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D70DCB4F9C8413346AA04E191C665ABA6F046930CFC9E0B2C9E39F33A235CBC8"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15340
Expires: Mon, 03 Oct 2022 16:24:35 GMT
Date: Mon, 03 Oct 2022 12:08:55 GMT
Connection: keep-alive

                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvemm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         78.46.107.74
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Mon, 03 Oct 2022 12:08:55 GMT
content-length: 162
location: https://kvkiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /template/default_pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/template/default_pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: font/x-woff
                                        
Last-Modified: Thu, 25 Mar 2021 13:28:51 GMT
Accept-Ranges: bytes
ETag: "d22bbfcb7a21d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 13408


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size:   13408
Md5:    99af6debcdaba3e7ffe01b4c3cbccacb
Sha1:   4efda64b06cd7c294f6214623bcb634f3def3bd1
Sha256: 1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
                                        
                                            POST /s/gts1p5/K6q0Q6b0WUk HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 12:08:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7FD33318222C79DF793F46C989576BA973061BB005EC87CB9A85FC7AEDC87716"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20716
Expires: Mon, 03 Oct 2022 17:54:11 GMT
Date: Mon, 03 Oct 2022 12:08:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F630BA3D20C4DAFCA0352CF45B08A45580A29D1F361CA3FB5F3F7253175BBF66"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Mon, 03 Oct 2022 18:08:25 GMT
Date: Mon, 03 Oct 2022 12:08:55 GMT
Connection: keep-alive

                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvkiii.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.204
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 03 Oct 2022 12:08:55 GMT
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Thu, 27 Oct 2022 22:53:32 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 479723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zFQnfzU%2BC7bQ%2Bi9C8BFqcOE5GYDgLHVYP%2FI%2BDi72yRNwjcRxkkHELAEyFq%2BlVHWI%2BDjCr4OfHqFvGWDuvKFwfw019c7CvUkP99b6z%2FU6X3XsEFQ8wDy5txC693i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754590e2ebd98865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   902313
Md5:    8b4a95ea7cfbb7fb4d2b18efca5145f3
Sha1:   d2966ecbeb7369620cce5dbcd15d0fe591d79648
Sha256: dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 12:08:55 GMT
Ali-Swift-Global-Savetime: 1664798935
Via: cache14.l2de2[44,44,200-0,M], cache14.l2de2[46,0], cache3.se1[68,67,200-0,M], cache3.se1[69,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 03 Oct 2022 12:08:55 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716647989355034981e

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 12:08:55 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 07 Oct 2022 08:54:43 GMT
ETag: "5d1475a28158367e26451e3a546e07fe7201bbd0"
Last-Modified: Mon, 03 Oct 2022 08:54:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3274
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754590e41c1c1c16-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    b0eabacd7c1906910d552a84bfc3be74
Sha1:   5d1475a28158367e26451e3a546e07fe7201bbd0
Sha256: 35da3bceb4ad2a17de7ca1306666fb097c742431df9b509a2605aef4d45271c4
                                        
                                            GET /guang/tupian/xtb1.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Sat, 17 Sep 2022 03:35:57 GMT
Accept-Ranges: bytes
ETag: "f65d609946cad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 75259


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   75259
Md5:    03c13356e00c2033df2c88cb919251eb
Sha1:   f3a334a0366ddda6a87034f7d6c889c4d159dc8d
Sha256: 0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
                                        
                                            POST /s/gts1p5/K6q0Q6b0WUk HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 12:08:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 12:08:55 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 12:43:06 GMT
Expires: Sun, 09 Oct 2022 12:43:05 GMT
Etag: "7533a2124e82dea65b4d20d4891071bfe45d0548"
Cache-Control: max-age=519849,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754590e42a31b529-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 12:08:55 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 03:45:13 GMT
Expires: Sun, 09 Oct 2022 03:45:12 GMT
Etag: "2ea06e0db30d52b44913d3ad929f265b83829b63"
Cache-Control: max-age=487576,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754590e3af53b4f7-OSL

                                        
                                            GET /static/images/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1 
Host: www.dxjyy110.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.231.38.159
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 03 Oct 2022 12:08:55 GMT
content-length: 9166
last-modified: Thu, 30 Jun 2022 06:45:34 GMT
etag: "62bd468e-23ce"
expires: Wed, 02 Nov 2022 12:08:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Size:   9166
Md5:    43ae14560cdbc69ce960a28002f04309
Sha1:   4dc694c2754882f840c77807016676732c38138b
Sha256: af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /guang/cn/cnhf1.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Mon, 30 May 2022 16:09:21 GMT
Accept-Ranges: bytes
ETag: "3ba19f3f74d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 137392


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   137392
Md5:    a112d6f3413ecd31e05d8176fe9d3f6d
Sha1:   0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
Sha256: 38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
                                        
                                            GET /hm.js?95261ac534fe80c3a202f1e9e7b7b02c HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Date: Mon, 03 Oct 2022 12:08:54 GMT
Etag: 95a810431adde605c39fd5297ed0f9fd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B45D94CDD1BF97FA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (628)
Size:   11341
Md5:    28203e014b776e4bcbd52d32693ee753
Sha1:   70c67b5ff6f5e196a2ef341fd309dee5516e436d
Sha256: d3cc31c21c948f56539d0c63910d98244d33115c43c96db99b08246428cf28a6
                                        
                                            GET /guang/cn/cnhf3.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Mon, 13 Sep 2021 09:15:43 GMT
Accept-Ranges: bytes
ETag: "7249ded7fa8d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 515093


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   515093
Md5:    715e7d06c21c801c57b951547791e92d
Sha1:   43ac191afa689e92fab81ce6c70a9d2abf72ae9f
Sha256: 27e84b21dfde6efd2edb18feb7aa8f0ddb8316e8d23dacbfd8bfd09b20530405
                                        
                                            GET /guang/cn/8499.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Sun, 14 Aug 2022 05:14:20 GMT
Accept-Ranges: bytes
ETag: "09e5db59cafd81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 245730


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   245730
Md5:    e7c9418cc4b1db452845d03cb45877a6
Sha1:   d0706feced92a11abc2cb112d7f031238fd614e9
Sha256: 6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b
                                        
                                            GET /guang/name.html HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2022 11:35:17 GMT
Accept-Ranges: bytes
ETag: "3f8d78ff3d77d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 725


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   725
Md5:    38e7bb8113e97854cd5f903a1d4544b2
Sha1:   74d991dc005fd03f295f01de3e588344c34f9d1f
Sha256: 795b6fe5fe8bc70643f3cbf8bb528d5fe87d619106ba41667301f17c96542722
                                        
                                            GET /template/default_pc/static/images/pic.png HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/template/default_pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 25 Mar 2021 13:28:35 GMT
Accept-Ranges: bytes
ETag: "c293f8c17a21d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 2790


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   2790
Md5:    c4c07b5b1da14c19ea0bf0d7ca186190
Sha1:   49cc1b883734ebbf7f14e94ed9ed30c479e0aa0a
Sha256: 14db7f862e75e11f1e4bdf9ab0f490340f67dffd1bc22d5e66587787e3f9d883
                                        
                                            GET /guang/tupian/db2.jpg HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:35 GMT
Accept-Ranges: bytes
ETag: "ca8c9773de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 7242


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Size:   7242
Md5:    965360a0c06bf3b95a73ea8e5b079524
Sha1:   c131944c0625fc647c7c7c4d355943dbc2c55c34
Sha256: 82a013f5ff2ecd7a01e01a9a87b1fd491f5b4549b42178b54c06af49f77dfe91
                                        
                                            GET /guang/cn/j0.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 26 Aug 2022 15:22:31 GMT
Accept-Ranges: bytes
ETag: "42fe8a85fb9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 408562


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   408562
Md5:    ab32f3726f3bc4124ed9108bb6a50822
Sha1:   3fe6a612be3f8b245b1843825b715460052949b8
Sha256: f875e2e0210418ee7d7f7e4704ec9f9ce5ae99877ea604c0ff39be93e1b57048
                                        
                                            GET /guang/gundong.css HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/guang/name.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 21:57:16 GMT
Accept-Ranges: bytes
ETag: "046aecc8039d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 79959


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   79959
Md5:    0a071f5e220f737b7f81597c017b7a42
Sha1:   4e90a6dd009d91a0840b7ee6c9e41433c6ceab2b
Sha256: 32f6d52e57c617a3eec55cd8565437304aa8470c958386da2c5a8f308dab3570
                                        
                                            GET /get-image/0xmAGT9KS9C HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         58.254.180.65
HTTP/2 200 OK
content-type: image/gif
                                        
server: JSP3/2.0.14
date: Mon, 03 Oct 2022 12:08:55 GMT
content-length: 117593
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
etag: "c4caa37b717580e8594587f32ca86470"
age: 183053
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80n4hobs7go5ib5np8lk0gkchq
content-md5: xMqje3F1gOhZRYfzLKhkcA==
timing-allow-origin: *
ohc-cache-hit: gz3un59 [2], jnuncache59 [2], suzix111 [2]
ohc-file-size: 117593
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   117593
Md5:    c4caa37b717580e8594587f32ca86470
Sha1:   a645ec82581a0b18f67444b62a062059adf78aa6
Sha256: 208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
                                        
                                            GET /hm.js?a73c6b3011c388d9ab88e39f4c6115e4 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Date: Mon, 03 Oct 2022 12:08:55 GMT
Etag: 2938d3aaa0784db4c9bb4663f39571e2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1919F3389C2EFBC6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (627)
Size:   11340
Md5:    6ea986bae1012b5dfd95f2f702dc793b
Sha1:   c760cb34c0f0541b4c581d8fbd3a1d7c5bcdb035
Sha256: b034515fb4f17a3e7ff3b3e16d4350a5ab630545dfc4df9d757f2d52f72f5baf
                                        
                                            GET /tu-2022290039/960-60.gif HTTP/1.1 
Host: pic.picnewsss.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.139.251
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cache-control: max-age=2592000
date: Sun, 02 Oct 2022 17:02:24 GMT
etag: "1664730144"
expires: Tue, 01 Nov 2022 17:02:24 GMT
last-modified: Sun, 02 Oct 2022 17:02:24 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 231270
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   231270
Md5:    2f2c8ec52149276d3ef1c493494dcdd9
Sha1:   f6f8e0965653c402469862d8cdc7e57df1ddc846
Sha256: a1274ed00e690cfe012e394ca855570f6ebb32e625385597f8ecb5110e444a08
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1376280132&si=95261ac534fe80c3a202f1e9e7b7b02c&v=1.2.97&lv=1&sn=13331&r=0&ww=1152&ct=!!&u=http%3A%2F%2Fwww.akhbarjagat.com%2Fuploads%2Fphotos-gallery%2Fcelebrity-pics%2Fsep%2F02%2Fbig_thumb%2Fm20_pay%2Fuserlogin.php%2Fxme%2Fuafz%2F%3Fnose%3D1etp1h2rggg00&tt=%E8%BE%BD%E9%98%B3%E8%B8%8A%E8%83%BA%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 03 Oct 2022 12:08:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2C90C1AECA8BA76C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6081
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 12:08:56 GMT
Last-Modified: Mon, 03 Oct 2022 10:27:35 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /guang/tupian/db1.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:31:42 GMT
Accept-Ranges: bytes
ETag: "3803ee8dd50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 576176


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   576176
Md5:    574d58e8bb6b81686c1828e77c668368
Sha1:   232294da3a2f0af5170ea493a2a957c49372b892
Sha256: 6414121e84ee3dda2b66d55d58666da4f120f4713c7c9380ddda25ce27d48d60
                                        
                                            GET /obj/tos-cn-i-dy/2b3f42ed9a9e4a988915ad71e92406ca HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.231
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 384491
date: Wed, 28 Sep 2022 06:29:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 28 Sep 2022 05:11:14 GMT
nw-session-id: 2022092813111401021019602137DDB0C8kfr2s03dy
nw-session-trace: 2022-09-28T13:11:14.332675661+08:00 80
x-bdcdn-cache-status: TCP_HIT
x-length: 384491
x-powered-by: ImageX
x-response-date: Wed, 28 Sep 2022 13:11:14 GMT
x-tt-logid: 2022092813111401021019602137DDB0C8
via: n131-120-212, cache19.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache4.se1[0,0,200-0,H], cache5.se1[2,0]
x-request-ip: fdbd:dc03:15:302::70
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 017ecced6b87d18793d82870668b6a8f91ff2e0b4643ee796e576287e6999f1a5aeb216d8b5dd9e7d375b917258cc91dc03a36d492e86c9233c5d636239235aff7b4ce801a60f0ea0dc6ffbd915bd7bd4242382cf1385e38fcbcf80f8ba724545b
x-response-lb: image
ali-swift-global-savetime: 1664346591
age: 452345
x-cache: HIT TCP_MEM_HIT dirn:2:467514351
x-swift-savetime: Wed, 28 Sep 2022 07:23:24 GMT
x-swift-cachetime: 31532787
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916647989363471471e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 80\012- data
Size:   384491
Md5:    627acd5c4c2a9bb3bbf10748f1931947
Sha1:   0529b42ebe54b2cc9ed886ab83b50b8f14642062
Sha256: a62b3a5eba800520fbb7b334c00db2e9f76e438891ae150c3b2d681ef228954a
                                        
                                            GET /guang/tupian/db3.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:50 GMT
Accept-Ranges: bytes
ETag: "e1b16f7cde50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:33 GMT
Content-Length: 1633172


--- Additional Info ---
Magic:  GIF image data, version 89a, 420 x 236\012- data
Size:   1633172
Md5:    03694e6f716c74dd38107a019d62982a
Sha1:   fe0a4653b300e6606a646b9079fdb54f31bf7c21
Sha256: e7c7cf39c6320285a3a0571a4f52e73dd4ce32cd365954ffafb6b78470506975
                                        
                                            GET /guang/tupian/db6.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:04 GMT
Accept-Ranges: bytes
ETag: "e3fcd760de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 905505


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   905505
Md5:    3abde39f91e4a75e550b7e50eb25e68a
Sha1:   75e357b027236d81ea4b1002d992117d53212bd8
Sha256: 2ee18fe5f2dec0caa8ddca814b0f318e2574bd52b389bb8a2348356567a7db7d
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=265896601&si=a73c6b3011c388d9ab88e39f4c6115e4&su=http%3A%2F%2Ffacai688.xyz%2F&v=1.2.97&lv=1&sn=13331&r=0&ww=1140&ct=!!&u=https%3A%2F%2F999tou.com.999tun.com.999suo.com.bbz51.xyz%2F&tt=%E5%8C%85%E5%AD%90%E8%A7%86%E9%A2%91 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 03 Oct 2022 12:08:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C7F6947860822F0F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /guang/tupian/db5.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:33:49 GMT
Accept-Ranges: bytes
ETag: "ba7a734de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 1241506


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   1241506
Md5:    beea532c959998eb058f10a18ba9f955
Sha1:   88bceda140f926125b997cf0dfab78e6769ff91d
Sha256: 2243cc29bca53b8a38a23368300a3e1a3b2bab9f53e09fa2adb54a2b2730f878
                                        
                                            GET /8b17fd7403f34d279e1a46c3c348684b.gif HTTP/1.1 
Host: 539397377.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Mon, 03 Oct 2022 12:08:56 GMT
Content-Length: 82543
Connection: keep-alive
x-oss-request-id: 633AD0D8E46B16343291D480
Accept-Ranges: bytes
ETag: "B8D480A34455FCE5B4F033EC1D6DC73E"
Last-Modified: Fri, 22 Jul 2022 08:07:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5142895331750986007
x-oss-storage-class: Standard
Content-MD5: uNSAo0RV/OW08DPsHW3HPg==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 100\012- data
Size:   82543
Md5:    b8d480a34455fce5b4f033ec1d6dc73e
Sha1:   fefed07cbe0b2ff6c6d0d68e66957308824000dc
Sha256: 55cbdd63feae1f58c730fc95162545c02d9032f499dff5197c11744d7532d184
                                        
                                            GET /4fe2b2a7d33f4c66a1aa0bd1ae2b2824.gif HTTP/1.1 
Host: 66377311795.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.59
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62ef736b-f90bb"
Date: Sun, 25 Sep 2022 03:48:02 GMT
Server: nginx
Last-Modified: Sun, 07 Aug 2022 08:10:19 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-29
Content-Length: 1020091


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   1020091
Md5:    b3aedc862671b2fa2e2922fadaa38add
Sha1:   8134113e40aa47b7b0508e81c447ccea8c10e7c0
Sha256: d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
                                        
                                            GET /guang/cn/j2.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Sat, 23 Jul 2022 13:55:06 GMT
Accept-Ranges: bytes
ETag: "3469a7d09b9ed81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 213805


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   213805
Md5:    f410f5836079ff0b5cd79587a13c8dfa
Sha1:   f0962f95bcb436be5121eb66b143c04daeaf74db
Sha256: 38563dbaaf4cb7aa5ff89f1fb50ab63a477cf7772b4065c407bf5d246fa8dcb3
                                        
                                            GET /gg/960X60.gif HTTP/1.1 
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.62
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Mon, 03 Oct 2022 12:08:56 GMT
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 633AD0D84C8B373733568694
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   95856
Md5:    57557d6b489d522d480d9b82ce29db65
Sha1:   da2d3b35f0c9534e84e50310aeafe73173037315
Sha256: 4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
                                        
                                            GET /guang/tupian/db4.gif HTTP/1.1 
Host: 999tou.com.999tun.com.999suo.com.bbz51.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:33:19 GMT
Accept-Ranges: bytes
ETag: "446a2822de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 12:08:34 GMT
Content-Length: 6977151


--- Additional Info ---
Magic:  GIF image data, version 89a, 560 x 314\012- data
Size:   6977151
Md5:    b3249ea7501ed6a862fdf53008a77560
Sha1:   5e94076754237a651ce10e857179efdfec781c7f
Sha256: 1c748a7ae300ca829fcf74eb98b48c9f61643efa7b835d13645d0601d52785bf
                                        
                                            GET /images/6333d769b343e4feb1c127a4.gif HTTP/1.1 
Host: img.x995.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://999tou.com.999tun.com.999suo.com.bbz51.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         38.47.102.246
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/2b3f42ed9a9e4a988915ad71e92406ca
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---