Report - seyedbehnambarabadi.com/books/ttjLz.asp

Report Overview

Submitted URL
seyedbehnambarabadi.com/books/ttjLz.asp
IP
118.107.22.232
ASN
#64050 BGPNET Global ASN
Submitted
2022-12-06 10:20:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.rj58.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	298 kB	216.83.52.98
kvhnn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	422 B	137.175.13.78
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	734 B	3.9 kB	104.18.21.226
n0633.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	259 B	20.222.57.42
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
p3.douyinpic.com	23536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.9 MB	47.246.44.225
u1077.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	359 kB	45.61.212.135
8499133.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	135 kB	172.247.50.228
img.1180555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	182 B	185.239.226.87
ss011642.foshanduokai.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	660 B	27.155.82.10
sj86.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	918 B	329 kB	216.83.52.115
img.cuphf.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	274 kB	185.239.226.87
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.8 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
seyedbehnambarabadi.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	703 B	7.5 kB	118.107.22.232
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	1.0 kB	172.64.155.188
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.9 kB	104.18.32.68
img.1138555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	146 kB	185.239.226.87
img.1198555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	182 B	185.239.226.87
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.150.237
n0544.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	21 kB	20.222.160.211
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	9.5 kB	104.18.20.226
img.ywtuchuang4.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	77 kB	154.12.54.84
p.qlogo.cn	48578	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	332 kB	43.129.255.47
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	1.9 kB	95.101.10.193
84998085.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	47 kB	154.39.67.234
8499753.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	331 kB	23.224.101.37
n0499.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	22 kB	20.89.95.197
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	8.7 kB	104.18.32.68
c995tp1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	380 kB	162.250.140.222
kzett.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	498 kB	18.155.68.89
u1055.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	764 B	328 kB	45.61.212.135
img.9617x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	182 B	185.239.226.87
img.9275x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	182 B	185.239.226.87
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	257 kB	103.235.46.191
max003.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	214 kB	104.21.83.141

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	sj86.cc	Sinkholed
2022-12-06	medium	sj86.cc	Sinkholed
2022-12-06	medium	sj86.cc	Sinkholed

JavaScript (28)

	URL	Size	First Seen	Last Seen
	www.rj58.cc/	254 B	2023-03-07	2023-03-26
Pretty URL www.rj58.cc/ IP 216.83.52.98 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:18 Last Seen2023-03-26 13:50:43 Times Seen2 Hash 4f8db0c8fd5f56ce8176e331ebbb38e6 14f051f5b13638ee4b564e7425417cb9e8b60bf9 521cbcb65f6acb12f8d1295df27405607165b7c061556fbeeecd19c1f0032111 Loading...

	hm.baidu.com/hm.js?258a2e13a5ac06641ab1a740990c965e	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?258a2e13a5ac06641ab1a740990c965e IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 1dc46a06b792bdbbd8952e34432963d7 313ac1bb0fe8cece14c08358cc611911c63a3b08 ac4c5719ca09349b7be398adf5f24bd41450ef56bb9ae9de44ef9892ce3018a0 Loading...

	www.rj58.cc/	143 B	2023-03-07	2024-04-02
Pretty URL www.rj58.cc/ IP 216.83.52.98 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:43 Last Seen2024-04-02 13:17:56 Times Seen520 Hash 505ee2fc0aa4093acc780dc6d51bb16f ab12eb0282ec450aa9df50665de7bd00d7ccf27e f905214b1216ef14d72c5c4595be49f0dade082f6630b77801a158b3869e1d95 Loading...

	hm.baidu.com/hm.js?d832178dc2293a8aafacef89cf6cf2c0	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?d832178dc2293a8aafacef89cf6cf2c0 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 3dfba2dacc6cbdae817cd4f0f5503ed1 1887dffb3d11f9db948893ddbb3fdfa1349afe71 7a47523436f2a2c08688aa3ac866c69a52b62ba32aec0277f8aa1301e7c9f654 Loading...

	hm.baidu.com/hm.js?07b4ab2e5098299deeb932f98dc93395	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?07b4ab2e5098299deeb932f98dc93395 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 931c62bf68022f681382c404c23f924d 2c98c3d6d2ba1afa7976d4e0be983c9cba43393e 4d578e78f84d49833e0779693fede151c197c08c0fd6db5427080644851cee98 Loading...

	hm.baidu.com/hm.js?d832178dc2293a8aafacef89cf6cf2c0	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?d832178dc2293a8aafacef89cf6cf2c0 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 84df5925b7bdafd5e62184c9171ac4ce 1b0df8259a5484bd05231818071df98821b320af 12147853e55195422073b1716622a4cc809f51464b3c61034b18d338cc4d1107 Loading...

	hm.baidu.com/hm.js?2b3db8253435b071db99935eb54e99bb	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?2b3db8253435b071db99935eb54e99bb IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash b13b2878adb8a046a7262c8e52c39199 9c61d406ea8b3ff33bb4e244812dcc2f28470462 16cee26ffc04b04d91c4a34235d27871f4927974e383f6865faa8201511f6f12 Loading...

	www.rj58.cc/	143 B	2023-03-07	2024-04-02
Pretty URL www.rj58.cc/ IP 216.83.52.98 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:40 Last Seen2024-04-02 13:17:56 Times Seen442 Hash 638fe3fadb57c83d38d886341791d15d 79aad82d50b511320a187b7bb0c32e6b4c1635a0 6c43c1fc5aa15c19f64c2e5edc38e0f7093ea48ac5e2bd4a8e9420d2a7913d57 Loading...

	hm.baidu.com/hm.js?675e2d63db7bfa79b1e530352f68a041	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?675e2d63db7bfa79b1e530352f68a041 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 9a53d5233d357c04c7448746ea7efcde d00781ef33a31e33be4481124e2e50ee5646cf6c 2364a90dca235d877626934f617fc2483553686e9c3f948654d61a0ad52a0e33 Loading...

	hm.baidu.com/hm.js?258a2e13a5ac06641ab1a740990c965e	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?258a2e13a5ac06641ab1a740990c965e IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash ed45ed1e6b74e00ed155911163b58a75 639dd0e8a4cb2b603282fdef18ac00659a90601e 806f520f9fdcea10c90b58d7bfe03f187e588ecbd4ce8c43f46501ee5d811756 Loading...

	hm.baidu.com/hm.js?675e2d63db7bfa79b1e530352f68a041	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?675e2d63db7bfa79b1e530352f68a041 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 9821ebdfad7789e378a01649b1005d5a 73c0e101a5883a9d4b22f378e8f410c8dfb51d7c 36b0932e250092caaa6f1191aa4a3e8267f1c77de4612248c77c9224d7bdca36 Loading...

	hm.baidu.com/hm.js?2b3db8253435b071db99935eb54e99bb	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?2b3db8253435b071db99935eb54e99bb IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 047ad15b198aab74952530e1dc778ead 02f97fb5a5afb261f0e0a0e81383b88541e70684 12213f62ed3e584984f83662ccc7c8cedf9c15b8a569a33fffc856346e474c1b Loading...

	hm.baidu.com/hm.js?debe76ff0e8bf8a9bce3535f8890ee6c	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?debe76ff0e8bf8a9bce3535f8890ee6c IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 9a4ab62ac101ee2475325cc1520a98a7 b795285bfca8eb916252dadfe0557860cd93c79e a520fcc45546c206b720a762a0fdeff08bbe72d44357b112a7b0978c1d29177e Loading...

	seyedbehnambarabadi.com/books/ttjLz.asp	18 kB	2023-03-08	2023-03-13
Pretty URL seyedbehnambarabadi.com/books/ttjLz.asp IP 118.107.22.232 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-13 11:17:34 Times Seen1 Hash d1fae0894da51306f97f9385ada78ee0 4adec11554db1dc55fd9454127f02bbc13f78dfd dc25fca9895cbdb924f0ac9f597a8d29c844446abde5eb6af1b6c1a27c764b72 Loading...

	hm.baidu.com/hm.js?5182212a5be0c41dc5f6009156268935	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?5182212a5be0c41dc5f6009156268935 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 968dc0b25306f3b9749f021a69e62cf3 23eec9adc4c714c87ac121d68835e3d7b6be7e5e 05c65b842ef7aa75fd4532ac3e7c8bb7f427146cd4a6ba36e7db6c93a75af2db Loading...

	hm.baidu.com/hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 9eabfff1e11c9d4b80ed81f6c01ff552 e4720894ab77d97ac0001986d12ea441ccd863a1 0c60bcfd0c994d70cace2454d9f48e4649b588dcfa7e78a2032cab0306d84a80 Loading...

	hm.baidu.com/hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 567c0f5f647b2ee8e124e9258405ea20 70fe755cacf642897f8ecdf82b9ba61e2a9d2a99 0461275bd7d1d346ab711f6dc092832b819f08edd9a8915c9a379682021a2a8b Loading...

	hm.baidu.com/hm.js?07b4ab2e5098299deeb932f98dc93395	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?07b4ab2e5098299deeb932f98dc93395 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 3e56fadc85f754719de921b90ca24bc9 48d74717b5e691a97680f1ae41d93f4f627424a2 ab16fe4c95e70bc564ccf83722c07f0f78422ef5be03490b3769bf7e5be57606 Loading...

	hm.baidu.com/hm.js?debe76ff0e8bf8a9bce3535f8890ee6c	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?debe76ff0e8bf8a9bce3535f8890ee6c IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 582f87ae981169f16f5c35ca60bd1560 4503bb31e75bd1e64d7f146e81a5865ef9d31a2a b04e81f2ca8af0e4551669fd2e61f5ad4d3228cdd5db1bc4890328e2db2c4f04 Loading...

	hm.baidu.com/hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 633d70b00454ac03b64c55704a5e6a75 6f22b1c4a601dd1804d56d5f848edb5d4f6a3bbf 14039df9663bf553c46ff69a7e9d35b938115703ba1d20d0c25d6878eacfb25e Loading...

	www.rj58.cc/	18 kB	2023-03-07	2023-03-26
Pretty URL www.rj58.cc/ IP 216.83.52.98 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:18 Last Seen2023-03-26 13:50:43 Times Seen2 Hash c3489b3f15327014501b91ad8e24d530 2737ab67dc9c70d1e2112ebca3bccf5b25039d19 fda8b3abc0c577981c9b60b949e671579b65e15951d4f7011465417d58cdcf27 Loading...

	hm.baidu.com/hm.js?845a64ef313c15732a9952d3e7bc9879	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?845a64ef313c15732a9952d3e7bc9879 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash a3bd4fa36577624a3a1125ac524a133f c1bee1dd32ed2f68771d1f087ddc085b4870d6f9 12703257614d199ff830c490930a802a6e50c3a5cd0f770b26dc1b0b0bedf472 Loading...

	hm.baidu.com/hm.js?34d80a7dc169cac3dfc63d36a888e85d	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?34d80a7dc169cac3dfc63d36a888e85d IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash dc8089a4bb40f603af35885477e7db40 d8fa7efe52b8e4756b6728c151a12b6001c6ec5f bce82e6f9c0796628f6aca492767a34801fd4c60a6ff4f988a9210c4737c1a03 Loading...

	www.rj58.cc/	143 B	2023-03-07	2024-04-02
Pretty URL www.rj58.cc/ IP 216.83.52.98 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:40 Last Seen2024-04-02 13:17:56 Times Seen505 Hash 3d81914875488308e30ace18c518677c 04ebc5bd84675bdd16f371c1e0b8e8e00f0624bc 364f7dc20bd4a6da10f0d4e44c514461c7443cbbb64bdef1c8f91fbde29219a7 Loading...

	hm.baidu.com/hm.js?5182212a5be0c41dc5f6009156268935	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?5182212a5be0c41dc5f6009156268935 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash 3c023650c4a6a6558e43d3a370039ca6 b9a66f91b86843c4094691bc7311b1f272d93804 47088cbbd048b9cfbc6a7457bfada8cdf62234728008dc46799f9e3b4b9b0a61 Loading...

	hm.baidu.com/hm.js?4776855d950d64543e4f03a8c31ece9b	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?4776855d950d64543e4f03a8c31ece9b IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash e6aed0bda3f2c6e20335ba8ebdb8d10b d40e2c51b00364ffbcbba33c05bc2a2a33408b85 a6937653778440df0b6df4d0c67863475324668748e507a14c98de40ba62a2d8 Loading...

	hm.baidu.com/hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash b3ac43e259cedcf8738e511b941c7b44 37a2a3e460281d098d07387d5472b3d48bcafcdb ad210b8c5203bfdde15a0c40c2cffc47c1f78096dc5da9a307c4ab3c9aee23cd Loading...

	hm.baidu.com/hm.js?34d80a7dc169cac3dfc63d36a888e85d	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?34d80a7dc169cac3dfc63d36a888e85d IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:14:51 Last Seen2023-03-08 20:14:51 Times Seen1 Hash fd7e53bafdd9fb03409ac02e4e05690a ecc837b124b1cf02a9daed63fd118e9e5caefad3 3778113880240898346234020490d0de928c02b6ffb1e4aa4dcd48d501e17dc5 Loading...

HTTP Transactions (139)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12527
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 10:20:43 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5368
Cache-Control: max-age=92404
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:20:43 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:00:47 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12596
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 10:20:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 10:20:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 20
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TZswYYE/CvnDofIShgUv1S9ECSf5hFLh2Gym7QiHdnlrCfyimtzLxtffDDl9M/AXlKe+HHsHdxo=
x-amz-request-id: 5BH9Y6F75D48N7VC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 09:47:03 GMT
age: 2020
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 10:20:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 10:11:20 GMT
cache-control: public,max-age=3600
age: 564
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

seyedbehnambarabadi.com/books/ttjLz.asp

118.107.22.232

200 OK

3.5 kB

URL HTTP/1.1
seyedbehnambarabadi.com/books/ttjLz.asp
IP
118.107.22.232:0
ASN
#64050 BGPNET Global ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1961)
Size
3.5 kB (3480 bytes)
Hash
0c636c821c0fb9616e7d64b9f417ff52
d034b8b6f30fe60c5da53fb6e6914735ccc19365
84e8ee5f6b28d1b9b6c5dae9b01d87c55f263388d843d03da5a68d2485645acf

HTTP Headers

GET /books/ttjLz.asp HTTP/1.1
Host: seyedbehnambarabadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 10:20:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5319
Cache-Control: max-age=87287
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:20:44 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:35:31 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.150.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8MwC6YVsTVF1gtSMG6Spng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: M1jIUuFWJjSsaWP4agVW0hq6nOY=

www.rj58.cc/

216.83.52.98

200 OK

15 kB

URL HTTP/1.1
www.rj58.cc/
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1961), with CRLF, LF line terminators
Size
15 kB (14917 bytes)
Hash
dc2d7e476374f30661a5faf20da09df1
bdd6140eb189bbf382838438a765cc028817d466
7b98e371a9a8c3a9936a7ad09cf3a617301c9169d3ff7d967512c21236dfb712

HTTP Headers

GET / HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.2.34, ASP.NET
Date: Tue, 06 Dec 2022 10:20:05 GMT
Content-Length: 14917

www.rj58.cc/template/m1938pc/css/ate.css

216.83.52.98

200 OK

4.5 kB

URL HTTP/1.1
www.rj58.cc/template/m1938pc/css/ate.css
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4498 bytes)
Hash
1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2

HTTP Headers

GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "0e0c8e4bbf9d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:05 GMT
Content-Length: 4498

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
f7544839e10b8df7c47c82b86087b75c
83cceabc77162f3aa023734c9f760722e3487283
4c635ff3c4339a5d798fb8366bdee4d6e25998b0e1d5de12f72510a2e2d28f0e

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 07:14:48 GMT
ETag: "83cceabc77162f3aa023734c9f760722e3487283"
Last-Modified: Tue, 06 Dec 2022 07:14:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3212
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77544a73db450af6-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
f7544839e10b8df7c47c82b86087b75c
83cceabc77162f3aa023734c9f760722e3487283
4c635ff3c4339a5d798fb8366bdee4d6e25998b0e1d5de12f72510a2e2d28f0e

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 07:14:48 GMT
ETag: "83cceabc77162f3aa023734c9f760722e3487283"
Last-Modified: Tue, 06 Dec 2022 07:14:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3212
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77544a73ddf41c16-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
f7544839e10b8df7c47c82b86087b75c
83cceabc77162f3aa023734c9f760722e3487283
4c635ff3c4339a5d798fb8366bdee4d6e25998b0e1d5de12f72510a2e2d28f0e

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 07:14:48 GMT
ETag: "83cceabc77162f3aa023734c9f760722e3487283"
Last-Modified: Tue, 06 Dec 2022 07:14:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3212
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77544a73d8cbb500-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
f7544839e10b8df7c47c82b86087b75c
83cceabc77162f3aa023734c9f760722e3487283
4c635ff3c4339a5d798fb8366bdee4d6e25998b0e1d5de12f72510a2e2d28f0e

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 07:14:48 GMT
ETag: "83cceabc77162f3aa023734c9f760722e3487283"
Last-Modified: Tue, 06 Dec 2022 07:14:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3212
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77544a73d9a4b4ed-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
f7544839e10b8df7c47c82b86087b75c
83cceabc77162f3aa023734c9f760722e3487283
4c635ff3c4339a5d798fb8366bdee4d6e25998b0e1d5de12f72510a2e2d28f0e

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 07:14:48 GMT
ETag: "83cceabc77162f3aa023734c9f760722e3487283"
Last-Modified: Tue, 06 Dec 2022 07:14:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3212
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77544a73dfa9fabc-OSL

www.rj58.cc/template/m1938pc/css/zui.css

216.83.52.98

200 OK

18 kB

URL HTTP/1.1
www.rj58.cc/template/m1938pc/css/zui.css
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
assembler source, Unicode text, UTF-8 (with BOM) text
Size
18 kB (17938 bytes)
Hash
7f37b117dfa0c501573846a4ae6deed2
3ec6f2715301305e6fcd49c4b79af4d276359878
3a2f44416c454990e7b961387e4205358658e68fb9c64de8ab77798188390cad

HTTP Headers

GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "0e0c8e4bbf9d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:05 GMT
Content-Length: 17938

seyedbehnambarabadi.com/favicon.ico

118.107.22.232

200 OK

3.5 kB

URL HTTP/1.1
seyedbehnambarabadi.com/favicon.ico
IP
118.107.22.232:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 58 x 59\012- data
Size
3.5 kB (3545 bytes)
Hash
235b30ea8f27c21312e8e826b2d368f8
d66cac18eedec9618e604f1c78f073d80f8f48f0
ccd394f25b31b91b69b9238778dbed5bf932d669c475c0f74d57af37f85c6f61

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: seyedbehnambarabadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/books/ttjLz.asp

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 10:20:46 GMT
Content-Type: image/x-icon
Content-Length: 3545
Last-Modified: Tue, 05 Jul 2022 22:24:25 GMT
Connection: keep-alive
ETag: "62c4ba19-dd9"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f28cde810ad0ed1d08491451f2ffe6
a1defaee6a4890bb4f46f461aaa2af1c4f35f7eb
4370fe2fcefeb875a3cdd7199b700a23d4da83d7312833c89925d2ef047a55fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4370FE2FCEFEB875A3CDD7199B700A23D4DA83D7312833C89925D2EF047A55FC"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19200
Expires: Tue, 06 Dec 2022 15:40:46 GMT
Date: Tue, 06 Dec 2022 10:20:46 GMT
Connection: keep-alive

hm.baidu.com/hm.js?07b4ab2e5098299deeb932f98dc93395

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?07b4ab2e5098299deeb932f98dc93395
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
636d5e989fc54f1348c26d6b22299c38
9f8eb3282f24826ebff73060021348c0ef8228f9
f660630ffb3750b72232afbadc7eaabb0b53d0dc2526954d5a09b2af3231b8e2

HTTP Headers

GET /hm.js?07b4ab2e5098299deeb932f98dc93395 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:46 GMT
Etag: 8637917598504cdb0e78d6f66cd7e002
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=174757B5F5CB4975; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

www.rj58.cc/template/m1938pc/ads/img/1.gif

216.83.52.98

200 OK

254 B

URL HTTP/1.1
www.rj58.cc/template/m1938pc/ads/img/1.gif
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/m1938pc/ads/img/1.gif HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "ca1ad9e4bbf9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 254

kvhnn.com/a5de2c29ab43d6ee61e22a9834f5bab7.gif

137.175.13.78

301 Moved Permanently

162 B

URL HTTP/2
kvhnn.com/a5de2c29ab43d6ee61e22a9834f5bab7.gif
IP
137.175.13.78:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /a5de2c29ab43d6ee61e22a9834f5bab7.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 10:20:51 GMT
content-type: text/html
content-length: 162
location: https://max003.top/a5de2c29ab43d6ee61e22a9834f5bab7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?5182212a5be0c41dc5f6009156268935

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?5182212a5be0c41dc5f6009156268935
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
cb481bddca3e86f3ff281cda94e667e8
c6b29aee794c6a08432359ac83d8de2ccc13e38f
5ffe374d752aebbc5a08223d84c626a080fdb0ad77ea805c5f52de30a128130e

HTTP Headers

GET /hm.js?5182212a5be0c41dc5f6009156268935 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:46 GMT
Etag: afded17ec5472a62422f688455b5e1ca
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=984C9A9BCAEB88CE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?4776855d950d64543e4f03a8c31ece9b

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?4776855d950d64543e4f03a8c31ece9b
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11255 bytes)
Hash
9deca8479fcbf5a4c05b50ca25d31f2f
3529045d52b14edd30ff7bcf1992bfc46a97daf2
a4eb8999163f99543acc7eb0b1934a84cc187694b5e07789e2b86b3051fefaab

HTTP Headers

GET /hm.js?4776855d950d64543e4f03a8c31ece9b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:46 GMT
Etag: 5ce34ad360047fd26693b0351d7700bb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1D7B1491B95DF128; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?845a64ef313c15732a9952d3e7bc9879

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?845a64ef313c15732a9952d3e7bc9879
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
b2b6398d50054fc31dfaca72982cee1f
685fa91c8b62c24deeb7c03def9c85595e69462e
d57cef4f087f4e9b084a898a96edb2a458e9fd3eacd1be7e8c436268a8fc8c0a

HTTP Headers

GET /hm.js?845a64ef313c15732a9952d3e7bc9879 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:46 GMT
Etag: 5bf6e6b3b24f9f86053f24304ccc1567
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8BCEF4C9609B0976; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?d832178dc2293a8aafacef89cf6cf2c0

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?d832178dc2293a8aafacef89cf6cf2c0
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (616)
Size
11 kB (11254 bytes)
Hash
9493a448b9bc4f6a359235b87f1ca4d6
9e7781e64695736494a7abb244d8848d13db3125
ab2b5af373a4c4dc1ed8471585149c5048a897cc7f474de5e71f92a0887a843f

HTTP Headers

GET /hm.js?d832178dc2293a8aafacef89cf6cf2c0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:46 GMT
Etag: 4342b72916b67598c4d67075e5434e30
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E9BBDFAC4BD9C6C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?258a2e13a5ac06641ab1a740990c965e

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?258a2e13a5ac06641ab1a740990c965e
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
c10014e41f709cebbdfc2ec8c4349d29
99ab20270135ea527e4311a5df1b658ffc92195b
dc8840ff709dbf33aa7381a2ab02da70789b7a500fef5ff13d2382349361cc51

HTTP Headers

GET /hm.js?258a2e13a5ac06641ab1a740990c965e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:46 GMT
Etag: 331bc70f9ff0f1500b562fd0b839fa83
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D7B0D38F38ECB1F7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

www.rj58.cc/template/m1938pc/ads/logo.gif

216.83.52.98

200 OK

5.5 kB

URL HTTP/1.1
www.rj58.cc/template/m1938pc/ads/logo.gif
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 321 x 93\012- data
Size
5.5 kB (5548 bytes)
Hash
7ed5527b767bacb935b60dd9015acd98
bcbfc2eefaf29c89579e3b153f966e40d013722b
bc5ee36a538a2ba7fa6b36189cd71931ff9555836a4f48ab305e25456e11797b

HTTP Headers

GET /template/m1938pc/ads/logo.gif HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Sun, 20 Nov 2022 13:07:31 GMT
Accept-Ranges: bytes
ETag: "fc5888ce1fcd81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 5548

www.rj58.cc/template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff

216.83.52.98

404 Not Found

1.2 kB

URL HTTP/1.1
www.rj58.cc/template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Size
1.2 kB (1163 bytes)
Hash
8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a

HTTP Headers

GET /template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rj58.cc/template/m1938pc/css/zui.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 1163

hm.baidu.com/hm.js?675e2d63db7bfa79b1e530352f68a041

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?675e2d63db7bfa79b1e530352f68a041
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
c8538cb0bd4b1ad7b6eeddd93a485b6c
600bb0cb21ed48c0ee76bf1be2cc3287b9e77496
85ee96923fe4957a6d64b061c5bf9cd338c97d8cf9e2d5eb5d079623987cef6d

HTTP Headers

GET /hm.js?675e2d63db7bfa79b1e530352f68a041 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:46 GMT
Etag: 6f9e224e0e7ea4505f25019567711617
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=063CE13EB263A738; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=2015966823&si=07b4ab2e5098299deeb932f98dc93395&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=2015966823&si=07b4ab2e5098299deeb932f98dc93395&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=2015966823&si=07b4ab2e5098299deeb932f98dc93395&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:46 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C1BF554E9A888BDE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.js?07b4ab2e5098299deeb932f98dc93395

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?07b4ab2e5098299deeb932f98dc93395
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
f29dc4ae3579826e28199c54424da265
32b5310aa8537e34a153acae7cc53d373174b855
6452ff750a70361ab9edb3af2d862fe2d35efa9336dbb93937e382b320f070c2

HTTP Headers

GET /hm.js?07b4ab2e5098299deeb932f98dc93395 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 8637917598504cdb0e78d6f66cd7e002

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:46 GMT
Etag: 6ebf07660fbc82575e322ac07fd96186
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3B8DA8F0534CDAD4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
294532771ec7c7264bdba78879944370
d3248d28284457ce792a96e2cc58c3976abac075
6331f93d481f2216492e2570b45268f31743aa2a1592630c511f0087f16d4170

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 15:57:15 GMT
Expires: Sat, 10 Dec 2022 15:57:14 GMT
Etag: "d3248d28284457ce792a96e2cc58c3976abac075"
Cache-Control: max-age=365186,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7b5c3fb51e-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
79a0c9635cc7b519a52211f202cca95b
4d91a4b153ad447af7a36b272d2086dd8a272552
0e044c36202bb5f192b31fba522ab2139456f4c79f3127ea9ec909d5cdeeb75b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 08:27:52 GMT
ETag: "4d91a4b153ad447af7a36b272d2086dd8a272552"
Last-Modified: Tue, 06 Dec 2022 08:27:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 470
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77544a7b9cd41c16-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
79a0c9635cc7b519a52211f202cca95b
4d91a4b153ad447af7a36b272d2086dd8a272552
0e044c36202bb5f192b31fba522ab2139456f4c79f3127ea9ec909d5cdeeb75b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 08:27:52 GMT
ETag: "4d91a4b153ad447af7a36b272d2086dd8a272552"
Last-Modified: Tue, 06 Dec 2022 08:27:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 470
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77544a7b9809b4fd-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9796
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:20:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9796
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:20:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9796
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:20:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 43879
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1656359525&si=5182212a5be0c41dc5f6009156268935&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1656359525&si=5182212a5be0c41dc5f6009156268935&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1656359525&si=5182212a5be0c41dc5f6009156268935&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6AA9A7EE33527CEF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10183 bytes)
Hash
99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:44 GMT
age: 45063
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.usertrust.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
8512bdca572d1c088ee932c06ab92054
ce9ab7893072f6e7ddedbbca30358a84149a6024
d100ca7ec637726be7f51ff4e904c393f41bb68ffdc6affd050b3f82ccc8787e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 15:21:35 GMT
Expires: Sun, 11 Dec 2022 15:21:34 GMT
Etag: "ce9ab7893072f6e7ddedbbca30358a84149a6024"
Cache-Control: max-age=449540,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77544a7b9f55b523-OSL

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10594 bytes)
Hash
7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 44806
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb60ffdb0-9abd-43ed-ba00-442492cc7b45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8287 bytes)
Hash
4c0e37b32bf91d9877ad7cb9f4f875a5
cec2ccf17ae08fe009c09563d214564c3499ad4c
4cec4e669ba4b149573de59df16d8cae06a6d4393092d7e06150596f38dc6856

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb60ffdb0-9abd-43ed-ba00-442492cc7b45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8287
x-amzn-requestid: 185e51d2-36b6-4d31-a35f-49520d8fba85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csTNcGGWIAMF-Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6589-43a985971c5fb18a03fb4a92;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DnKkiHQS_AhhZQOADenY0FbD4Fh_vQXoZAmL59WX0ReInKipGCXJlg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:53 GMT
etag: "cec2ccf17ae08fe009c09563d214564c3499ad4c"
content-type: image/jpeg
age: 45534
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1460664225&si=4776855d950d64543e4f03a8c31ece9b&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1460664225&si=4776855d950d64543e4f03a8c31ece9b&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1460664225&si=4776855d950d64543e4f03a8c31ece9b&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=90F293D57DF36D60; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=669551548&si=d832178dc2293a8aafacef89cf6cf2c0&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=669551548&si=d832178dc2293a8aafacef89cf6cf2c0&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=669551548&si=d832178dc2293a8aafacef89cf6cf2c0&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EBABA931996B9805; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4827 bytes)
Hash
73b9f329cd3a39d0756de62dd5f190b7
0f1c7567b89cc3de60196e47e37879296359bc78
e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4827
x-amzn-requestid: 26ac5a48-3e41-4638-88d6-c94ba8b7a6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS3nFxPoAMFcpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64fd-28f8cb92130706e3652eb971;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUk1Nt1XioDColWXDiEZsL8BmFpyWaV5tRbsbmAiR6A2psM_Gx3j_A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 45538
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 44786
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=992001999&si=845a64ef313c15732a9952d3e7bc9879&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=992001999&si=845a64ef313c15732a9952d3e7bc9879&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=992001999&si=845a64ef313c15732a9952d3e7bc9879&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=FF513B36F129F2B1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=991132403&si=258a2e13a5ac06641ab1a740990c965e&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=991132403&si=258a2e13a5ac06641ab1a740990c965e&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=991132403&si=258a2e13a5ac06641ab1a740990c965e&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=070A4AEF359CA391; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.rj58.cc/template/m1938pc/images/video-play.png

216.83.52.98

200 OK

1.6 kB

URL HTTP/1.1
www.rj58.cc/template/m1938pc/images/video-play.png
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/template/m1938pc/css/zui.css

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "ea90eee4bbf9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 1567

www.rj58.cc/template/m1938pc/fonts/iconfont.woff

216.83.52.98

200 OK

525 B

URL HTTP/1.1
www.rj58.cc/template/m1938pc/fonts/iconfont.woff
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
525 B (525 bytes)
Hash
f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de

HTTP Headers

GET /template/m1938pc/fonts/iconfont.woff HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rj58.cc/template/m1938pc/css/zui.css

HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "85dfdde4bbf9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 525

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
18599a7792df1077684b81da9d0783e7
a9801b3e4b4aa5d7cdec854367fd78f0d909ab51
b8ee2c4c1470ce53df8baee2557c88c02fa5bf99c08d3c3079ea9cc2773d2c48

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 18:26:15 GMT
Expires: Mon, 12 Dec 2022 18:26:14 GMT
Etag: "a9801b3e4b4aa5d7cdec854367fd78f0d909ab51"
Cache-Control: max-age=546926,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7c1d2fb51e-OSL

max003.top/a5de2c29ab43d6ee61e22a9834f5bab7.gif

104.21.83.141

200 OK

214 kB

URL HTTP/2
max003.top/a5de2c29ab43d6ee61e22a9834f5bab7.gif
IP
104.21.83.141:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
214 kB (213726 bytes)
Hash
81ccccc41d243817a1410c75dad08ce4
9b3915c9ca4f109febc0316fece6de5920daf5fa
82782b1bc275199a4dbf88991a53a8fb4ec9e15717e5a8f3bd8dd39245cb665c

HTTP Headers

GET /a5de2c29ab43d6ee61e22a9834f5bab7.gif HTTP/1.1
Host: max003.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rj58.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 10:20:47 GMT
content-type: image/gif
content-length: 213726
last-modified: Fri, 11 Nov 2022 10:53:47 GMT
etag: "636e29bb-342de"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6bfsamA6Y%2BAavJRUF3cHquV8rdyz2ydtfmlmcNwNMa4sp5JoN9d0NDzOzRLqB5sh7NyTZw421%2FQ1sbLBkHImC%2BjXRObGOnlov4FdczSJOjuGn3zPtdNVWwnGGI4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77544a7be898b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?675e2d63db7bfa79b1e530352f68a041

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?675e2d63db7bfa79b1e530352f68a041
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
ac02b00db61082f044f8e2f7fddafc4a
96ef7a29d4d61251e35f68d93fbb68278eaaa566
8628252ae2ed03686b0146e67466d9759f4fe4524e9666a2854531c3371161ce

HTTP Headers

GET /hm.js?675e2d63db7bfa79b1e530352f68a041 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 6f9e224e0e7ea4505f25019567711617

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:47 GMT
Etag: 13ab803f52d7782a267ee324b077c59c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E1D8D0389969068B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a5e73ae633cecbc65d4929a188021ea6
8a612cd4f12fa0062270f13581c96ae67edae824
a77e66056b53df293e55763ad4364e41ec5ce375a19d5e25b8df163d39778599

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 01:54:29 GMT
Expires: Mon, 12 Dec 2022 01:54:28 GMT
Etag: "8a612cd4f12fa0062270f13581c96ae67edae824"
Cache-Control: max-age=487420,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7b5a1bb521-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
825d782346513be3e7ca2aec7409ddfe
5799c7463eeba466b7a718ace396597e19233b06
76a70bea6837073ef78882ca4838b611ae7e9d748719cb1cb6b33c161fe5d33d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:52:22 GMT
Expires: Mon, 12 Dec 2022 04:52:21 GMT
Etag: "5799c7463eeba466b7a718ace396597e19233b06"
Cache-Control: max-age=498093,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7cbe14b51e-OSL

hm.baidu.com/hm.js?5182212a5be0c41dc5f6009156268935

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?5182212a5be0c41dc5f6009156268935
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
d03522313b88745a0a8366f82c7259a0
4dc9ee7b6ed77eff44b849be2b25c40a1298c930
3909b338f04f949cbe63d6ae148f6f840cb7bcf658beb0c78ddf2ca7a7843896

HTTP Headers

GET /hm.js?5182212a5be0c41dc5f6009156268935 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: afded17ec5472a62422f688455b5e1ca

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:47 GMT
Etag: 59fdf4bb68d514117e592e41b84db4b9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C1E8505184B9F89B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2639e77f36b95ba06cd4bd79f3af6558
d381e29a76d4290d80d644d6139bdf65321b1d2a
58cfcbef601398c562180c14632c9a42d00141eeb753e45ce6117e11fdaa5eb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 20:49:47 GMT
Expires: Sat, 10 Dec 2022 20:49:46 GMT
Etag: "d381e29a76d4290d80d644d6139bdf65321b1d2a"
Cache-Control: max-age=382738,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7cceabb51d-OSL

hm.baidu.com/hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
3495ab3e7a8cfbd55b80816f305bd66f
9e85de2875f6332f8a0383a357901d8db0a48ad4
ab8935061a745c27191ed6c7cd42f57d43dc86af0ad7361b331384b67fc5dec0

HTTP Headers

GET /hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:47 GMT
Etag: 06ee2643f74acfd6039ad68b5feeb62a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D4F0ABE267C79E10; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?d832178dc2293a8aafacef89cf6cf2c0

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?d832178dc2293a8aafacef89cf6cf2c0
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (616)
Size
11 kB (11254 bytes)
Hash
a040bc4ec130cd06978c2eaab8f0cd5b
4490c4c6aa6221bc421a3f688f8bd1458486b328
19796ab5313a9de7ddbf308a5c95ddddda8ed579ff5d00b63abca235f9fd088f

HTTP Headers

GET /hm.js?d832178dc2293a8aafacef89cf6cf2c0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 4342b72916b67598c4d67075e5434e30

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:47 GMT
Etag: 7be775edc1aecb21bc289aa9867f2d4b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2F8355BE2A01FFA6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1508837651&si=07b4ab2e5098299deeb932f98dc93395&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31502&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1508837651&si=07b4ab2e5098299deeb932f98dc93395&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31502&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1508837651&si=07b4ab2e5098299deeb932f98dc93395&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31502&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=89CBF0EF637DC4B4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.js?258a2e13a5ac06641ab1a740990c965e

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?258a2e13a5ac06641ab1a740990c965e
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
1b072e0b3f39b18199e3680ff18961ec
0421328a627956aef95921e855f050298e666970
a70e7b60cfe6d1752b23cc9f1cbbd38bfa268c56c940d84785e018de64d8c60e

HTTP Headers

GET /hm.js?258a2e13a5ac06641ab1a740990c965e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 331bc70f9ff0f1500b562fd0b839fa83

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:47 GMT
Etag: a25550378dfbf735bb586a8397311df9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DB081FA2D8DA42BC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b7811c0cfed565c41addc453fe168835
8fcccdb7e9ec92021230feeaf6e4e4f64db92342
f5e8ce4b281307ccfde23f12bb89a8570046c7787e3ab3c10af4d29bbeb2cf27

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 10:57:53 GMT
Expires: Sat, 10 Dec 2022 10:57:52 GMT
Etag: "8fcccdb7e9ec92021230feeaf6e4e4f64db92342"
Cache-Control: max-age=347224,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7d9b59b4fa-OSL

www.rj58.cc/template/m1938pc/fonts/iconfont.ttf

216.83.52.98

200 OK

257 B

URL HTTP/1.1
www.rj58.cc/template/m1938pc/fonts/iconfont.ttf
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
257 B (257 bytes)
Hash
b6bf2659c287c7e192ff7c20853205e4
91087c59b4f1a108c0515d4daeb8d4cc49b62da5
a3cc4d1f67765644ce73654ad2d0a1e9f2b85553268d2f3e4d438da3bda75bb4

HTTP Headers

GET /template/m1938pc/fonts/iconfont.ttf HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/template/m1938pc/css/zui.css

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "85dfdde4bbf9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:07 GMT
Content-Length: 257

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2639e77f36b95ba06cd4bd79f3af6558
d381e29a76d4290d80d644d6139bdf65321b1d2a
58cfcbef601398c562180c14632c9a42d00141eeb753e45ce6117e11fdaa5eb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 20:49:47 GMT
Expires: Sat, 10 Dec 2022 20:49:46 GMT
Etag: "d381e29a76d4290d80d644d6139bdf65321b1d2a"
Cache-Control: max-age=382738,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7cbc08b521-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
1b4f67f24f49243644c62fcc2b07e1a8
2d09cc829a3a183136b49feaaee2cb18f6946ce3
dba5d640824b934d38bb6e6d0b0d0b74ac13b798419e741338946ef0331dd90a

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 16:34:28 GMT
Expires: Sun, 11 Dec 2022 16:34:27 GMT
Etag: "2d09cc829a3a183136b49feaaee2cb18f6946ce3"
Cache-Control: max-age=453819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7d7ed00b4d-OSL

hm.baidu.com/hm.js?2b3db8253435b071db99935eb54e99bb

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2b3db8253435b071db99935eb54e99bb
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
eb485fcd029986efb332a263eb4a8171
a79cc5b416491180032a06e5a831fb90d9b01d2e
ef8a5cf8bef533773e3b17620ebb3ba750182ec45e832f7400197d0834248fc4

HTTP Headers

GET /hm.js?2b3db8253435b071db99935eb54e99bb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:47 GMT
Etag: d8be59acb57caa0ab673cb12f04ef9a9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8848AE02888E1AC2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b7811c0cfed565c41addc453fe168835
8fcccdb7e9ec92021230feeaf6e4e4f64db92342
f5e8ce4b281307ccfde23f12bb89a8570046c7787e3ab3c10af4d29bbeb2cf27

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 10:57:53 GMT
Expires: Sat, 10 Dec 2022 10:57:52 GMT
Etag: "8fcccdb7e9ec92021230feeaf6e4e4f64db92342"
Cache-Control: max-age=347224,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7d9f65b51d-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b7811c0cfed565c41addc453fe168835
8fcccdb7e9ec92021230feeaf6e4e4f64db92342
f5e8ce4b281307ccfde23f12bb89a8570046c7787e3ab3c10af4d29bbeb2cf27

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 10:57:53 GMT
Expires: Sat, 10 Dec 2022 10:57:52 GMT
Etag: "8fcccdb7e9ec92021230feeaf6e4e4f64db92342"
Cache-Control: max-age=347224,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a7d8f33b51e-OSL

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=536734863&si=675e2d63db7bfa79b1e530352f68a041&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31502&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=536734863&si=675e2d63db7bfa79b1e530352f68a041&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31502&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=536734863&si=675e2d63db7bfa79b1e530352f68a041&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31502&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=12FF0AA28DDD4865; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=90701482&si=5182212a5be0c41dc5f6009156268935&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=90701482&si=5182212a5be0c41dc5f6009156268935&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=90701482&si=5182212a5be0c41dc5f6009156268935&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=57AB5D2D0B4C67CF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=268721791&si=8b0295edbcfa9cd8148a5e6bf52a2a2f&v=1.3.0&lv=1&sn=31503&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=268721791&si=8b0295edbcfa9cd8148a5e6bf52a2a2f&v=1.3.0&lv=1&sn=31503&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=268721791&si=8b0295edbcfa9cd8148a5e6bf52a2a2f&v=1.3.0&lv=1&sn=31503&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F98D74C37D688F7F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1643919667&si=d832178dc2293a8aafacef89cf6cf2c0&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1643919667&si=d832178dc2293a8aafacef89cf6cf2c0&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1643919667&si=d832178dc2293a8aafacef89cf6cf2c0&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2641F4D70703AE65; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

img.ywtuchuang4.com/upload/vod/20221127-1/289e1f018826c7a77676a07744bad014.jpg

154.12.54.84

200 OK

6.1 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/289e1f018826c7a77676a07744bad014.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.1 kB (6065 bytes)
Hash
b97bec0a9e803b955d93c450a7124634
dcd7bd3754177d2a24471eccbbd3beb5db7ebb36
b7e281e02032ce3be283dc2c7b50c132e6a5a2abd18bd928e54b465fd8a8dd9d

HTTP Headers

GET /upload/vod/20221127-1/289e1f018826c7a77676a07744bad014.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: image/jpeg
Content-Length: 6065
Last-Modified: Sat, 26 Nov 2022 17:22:10 GMT
Connection: keep-alive
ETag: "63824b42-17b1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

sj86.cc/template/m1938pc/ads/32.gif

216.83.52.115

200 OK

76 kB

URL HTTP/1.1
sj86.cc/template/m1938pc/ads/32.gif
IP
216.83.52.115:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 500 x 200\012- data
Size
76 kB (76153 bytes)
Hash
701881ea0f42d0d801c9f15b202582bc
9f8d2aa07cd258e92517af88fc40aa9db2a2181f
e7bf2394d7369507dbf85967be80a1676a6d4aa1666822e384f3d9e7db16761e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/32.gif HTTP/1.1
Host: sj86.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 17 Nov 2022 05:57:53 GMT
Accept-Ranges: bytes
ETag: "922c8849fad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 76153

img.ywtuchuang4.com/upload/vod/20221127-1/c19bea265b97e4a5e9105b63d0e813d9.jpg

154.12.54.84

200 OK

9.8 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/c19bea265b97e4a5e9105b63d0e813d9.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.8 kB (9757 bytes)
Hash
efa301c53b9a977a387182f7664f0368
d7ff784c8184b56cff45e169a58528477c825498
ceba94fc993a20172780e5e49044b070432cc2717873bb623d578428ed113545

HTTP Headers

GET /upload/vod/20221127-1/c19bea265b97e4a5e9105b63d0e813d9.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: image/jpeg
Content-Length: 9757
Last-Modified: Sat, 26 Nov 2022 17:19:36 GMT
Connection: keep-alive
ETag: "63824aa8-261d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang4.com/upload/vod/20221127-1/9d2b7f8afd794dd9070c51fc529086bf.jpg

154.12.54.84

200 OK

7.3 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/9d2b7f8afd794dd9070c51fc529086bf.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.3 kB (7318 bytes)
Hash
5dfe279277a23153d4fa2db7e0963a32
08e233c1dcb32eed3b7ef222c960b2a0af14008a
def9306d630fb8486d8663d962c51e7fded3d9a5c7b37adc89ac13b8cb62e22e

HTTP Headers

GET /upload/vod/20221127-1/9d2b7f8afd794dd9070c51fc529086bf.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: image/jpeg
Content-Length: 7318
Last-Modified: Sat, 26 Nov 2022 17:19:12 GMT
Connection: keep-alive
ETag: "63824a90-1c96"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang4.com/upload/vod/20221127-1/b8863bf4ff55f4607ea9985b8f47a61a.jpg

154.12.54.84

200 OK

7.3 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/b8863bf4ff55f4607ea9985b8f47a61a.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.3 kB (7297 bytes)
Hash
7e31b4dd18e0eaf0231db694d478e977
87d4e962af1e209473dd4f2a3ebc95af71b8e849
4cfa24dcc67c096ad64fb82acbef5a8eb16a0cd89c08bceceb7403d6401cbfd3

HTTP Headers

GET /upload/vod/20221127-1/b8863bf4ff55f4607ea9985b8f47a61a.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: image/jpeg
Content-Length: 7297
Last-Modified: Sat, 26 Nov 2022 17:20:18 GMT
Connection: keep-alive
ETag: "63824ad2-1c81"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang4.com/upload/vod/20221127-1/54b27347abece2fd236df4c3fd900d7b.jpg

154.12.54.84

200 OK

5.9 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/54b27347abece2fd236df4c3fd900d7b.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.9 kB (5921 bytes)
Hash
90552bbe7feb3de97f1d1114b76481a9
07aabf29fc32dff6999ad65b2acbf389ee4a6de7
eb1b8e88c452d0c2bd10c6eb2bc200a3aa0bec8fbb7c75a2e9daa7be778f4e86

HTTP Headers

GET /upload/vod/20221127-1/54b27347abece2fd236df4c3fd900d7b.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: image/jpeg
Content-Length: 5921
Last-Modified: Sat, 26 Nov 2022 17:20:44 GMT
Connection: keep-alive
ETag: "63824aec-1721"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang4.com/upload/vod/20221127-1/a080c20674d0997442155ee2f90b8cf6.jpg

154.12.54.84

200 OK

8.2 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/a080c20674d0997442155ee2f90b8cf6.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.2 kB (8174 bytes)
Hash
bb9abf291fdd98eec466d4c45743db92
c660cce7fa5c6f7f71a03d923c5d651d77e4a976
7fb5c111b835ba7aedf7e2bdc318d394a76b6c3440ffc3f050046b4f90a74fff

HTTP Headers

GET /upload/vod/20221127-1/a080c20674d0997442155ee2f90b8cf6.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: image/jpeg
Content-Length: 8174
Last-Modified: Sat, 26 Nov 2022 17:19:57 GMT
Connection: keep-alive
ETag: "63824abd-1fee"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1358603564&si=258a2e13a5ac06641ab1a740990c965e&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1358603564&si=258a2e13a5ac06641ab1a740990c965e&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1358603564&si=258a2e13a5ac06641ab1a740990c965e&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4B2FD2ABDAB93662; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.rj58.cc/template/m1938pc/ads/0.gif

216.83.52.98

200 OK

162 kB

URL HTTP/1.1
www.rj58.cc/template/m1938pc/ads/0.gif
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 960 x 60\012- data
Size
162 kB (162131 bytes)
Hash
9f9e168a23ce5a4fd7954a2f58d42061
7569472cfb5557df037bfe6fac430f7b996f76f3
0ef791f1b817168b7b3624743ec3f259541f5ce8588e3a0f049e6a98ae9d1f95

HTTP Headers

GET /template/m1938pc/ads/0.gif HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "de2fcde4bbf9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 162131

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
0a2d079aba514cb1f2e4fa7350095835
42a0f36117103b4b51269a081d653ddec662ffac
a8ace68f7887c0d201c14260cd2530d141ce277ca8497546bde48e3bd6c25350

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4783
Cache-Control: max-age=132838
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: "638e68b8-2d7"
Expires: Wed, 07 Dec 2022 23:14:46 GMT
Last-Modified: Mon, 05 Dec 2022 21:55:04 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 727

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
0a2d079aba514cb1f2e4fa7350095835
42a0f36117103b4b51269a081d653ddec662ffac
a8ace68f7887c0d201c14260cd2530d141ce277ca8497546bde48e3bd6c25350

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1526
Cache-Control: max-age=129582
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: "638e68b8-2d7"
Expires: Wed, 07 Dec 2022 22:20:30 GMT
Last-Modified: Mon, 05 Dec 2022 21:55:04 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 727

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
0a2d079aba514cb1f2e4fa7350095835
42a0f36117103b4b51269a081d653ddec662ffac
a8ace68f7887c0d201c14260cd2530d141ce277ca8497546bde48e3bd6c25350

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3378
Cache-Control: max-age=131434
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: "638e68b8-2d7"
Expires: Wed, 07 Dec 2022 22:51:22 GMT
Last-Modified: Mon, 05 Dec 2022 21:55:04 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 727

img.ywtuchuang4.com/upload/vod/20221127-1/a834085973663cef2ce75b62cc03f157.jpg

154.12.54.84

200 OK

6.6 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/a834085973663cef2ce75b62cc03f157.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.6 kB (6594 bytes)
Hash
5071970155638420266e32ee3bf967aa
b7e856a21e1e93a52140302d94575ade60da40d8
d1190f3fd7d58f554eedb75179ee3142dfcd6a5b2657277dc8d2ce6cf085c429

HTTP Headers

GET /upload/vod/20221127-1/a834085973663cef2ce75b62cc03f157.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:48 GMT
Content-Type: image/jpeg
Content-Length: 6594
Last-Modified: Sat, 26 Nov 2022 17:22:15 GMT
Connection: keep-alive
ETag: "63824b47-19c2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

c995tp1.com/960-100.gif

162.250.140.222

200 OK

379 kB

URL HTTP/1.1
c995tp1.com/960-100.gif
IP
162.250.140.222:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 100\012- data
Size
379 kB (379403 bytes)
Hash
d4c5e28b998a0f06843ce154b2eba246
ad5fa8f21600f517deff62d06fca563e426c1584
bc9fe7277d54d00ebe4c5cf810970f5028dc48dc0387c990bd62f039281f3258

HTTP Headers

GET /960-100.gif HTTP/1.1
Host: c995tp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 06 Dec 2022 10:20:47 GMT
Content-Type: image/gif
Content-Length: 379403
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 01:43:13 GMT
ETag: "637ecc31-5ca0b"
Expires: Sat, 24 Dec 2022 02:37:25 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Via: 162.250.140.218
CDN-Cache: HIT
Accept-Ranges: bytes

kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif

18.155.68.89

200 OK

497 kB

URL HTTP/2
kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP
18.155.68.89:0
ASN
#0

File type
GIF image data, version 89a, 960 x 60\012- data
Size
497 kB (497175 bytes)
Hash
308dfc606f51875abeaddaf59af06f44
fbc86f1ca7aaf6132c4643c7138b539a170fb6c1
1e1e5e16afd234768c984ee2f2551abbf8af6de533f12b80dbee9ab06a857bf3

HTTP Headers

GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: kzett.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 497175
date: Mon, 05 Dec 2022 10:42:27 GMT
last-modified: Thu, 01 Dec 2022 15:50:53 GMT
etag: "308dfc606f51875abeaddaf59af06f44"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-amz-cf-id: m6p7yDDG_iPk6NINCVkzBlDGaip-FufT5cVhGuuLpAqbt9m3ECkUqw==
age: 85100
X-Firefox-Spdy: h2

img.ywtuchuang4.com/upload/vod/20221127-1/8955a4e565fe0b36a118efe9b099afc5.jpg

154.12.54.84

200 OK

8.4 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/8955a4e565fe0b36a118efe9b099afc5.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 17336x17255, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.4 kB (8417 bytes)
Hash
460525203af0fec00038cd044c25e8a6
269202ee44a30d05e93f080f087c89fdab86caef
067454885e101466f4aded8cd1eab58523921fc7222a5b5e0b5115ab6970eb80

HTTP Headers

GET /upload/vod/20221127-1/8955a4e565fe0b36a118efe9b099afc5.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:48 GMT
Content-Type: image/jpeg
Content-Length: 8417
Last-Modified: Sat, 26 Nov 2022 17:19:42 GMT
Connection: keep-alive
ETag: "63824aae-20e1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang4.com/upload/vod/20221127-1/efd79cb64f5313a252bcb9db1361217e.jpg

154.12.54.84

200 OK

6.8 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/efd79cb64f5313a252bcb9db1361217e.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.8 kB (6791 bytes)
Hash
a33b23978e1b43406c3d8e78098841d8
26626a9124b274a19235eefd174c76b8a128004b
e1cdc76331a9bf56a873c40c91ab31601d2fb3cfc05dc02abbed767c981ce0f7

HTTP Headers

GET /upload/vod/20221127-1/efd79cb64f5313a252bcb9db1361217e.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:48 GMT
Content-Type: image/jpeg
Content-Length: 6791
Last-Modified: Sat, 26 Nov 2022 17:19:58 GMT
Connection: keep-alive
ETag: "63824abe-1a87"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang4.com/upload/vod/20221127-1/6e772c2953c4954fbdb6d0e3e57cdc16.jpg

154.12.54.84

200 OK

7.1 kB

URL HTTP/1.1
img.ywtuchuang4.com/upload/vod/20221127-1/6e772c2953c4954fbdb6d0e3e57cdc16.jpg
IP
154.12.54.84:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.1 kB (7053 bytes)
Hash
68ce4d3e68649b779cd0d3e6f4d109b2
d63cc4f7e20d1bcc2253b9ff1b9f2de38cb9808f
22c62f51956868c8ab212c46eae8aa5e195ed1b831475b3623f6cfa9604d9596

HTTP Headers

GET /upload/vod/20221127-1/6e772c2953c4954fbdb6d0e3e57cdc16.jpg HTTP/1.1
Host: img.ywtuchuang4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 10:20:48 GMT
Content-Type: image/jpeg
Content-Length: 7053
Last-Modified: Sat, 26 Nov 2022 17:19:58 GMT
Connection: keep-alive
ETag: "63824abe-1b8d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

hm.baidu.com/hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
bd82284490e05c3477b886fa61b5c7a1
d74a536a2c4ce8a3100de92e535a05a2673fb9f7
96d46f063e494d9235ec07b38df6f8fc8f3f0432ac0726f44086715a0a34a1aa

HTTP Headers

GET /hm.js?8b0295edbcfa9cd8148a5e6bf52a2a2f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 06ee2643f74acfd6039ad68b5feeb62a

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:47 GMT
Etag: 5879a6fc7ba9985466cce7ab9d812239
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=158886D2AC269F1C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

p3.douyinpic.com/obj/tos-cn-i-dy/f4ed244615484283b5725547078cd4fa

47.246.44.225

200 OK

551 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/f4ed244615484283b5725547078cd4fa
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 750 x 120\012- data
Size
551 kB (551008 bytes)
Hash
b1be50bccc855e963553c7b9bd413c46
c08d6051be3f385d0b43f5dd3df762fd6a5debf4
805eed2b190d204362253dd6b1ae035f7d461e9d9a82a2b4767b7d52c4d64b31

HTTP Headers

GET /obj/tos-cn-i-dy/f4ed244615484283b5725547078cd4fa HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 551008
date: Sat, 03 Dec 2022 13:07:05 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 03 Dec 2022 13:07:05 GMT
nw-session-id: 202212032107050101351601670AF7C850lsr7l01dy
nw-session-trace: 2022-12-03T21:07:05.233298754+08:00 106
x-bdcdn-cache-status: TCP_MISS
x-length: 551008
x-powered-by: ImageX
x-response-date: Sat, 03 Dec 2022 21:07:05 GMT
x-tt-logid: 202212032107050101351601670AF7C850
via: n132-069-106, cache26.l2de2[0,0,206-0,H], cache12.l2de2[8,0], cache12.l2de2[9,0], cache8.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc03:8:579::167
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c6e184f2a89a47afcb4871df36be1faec9aca67ad9df94e2eab49037a5ef035746744544ad58e08d60b4f0b9a32ac4ae5b13bed35a480b5a7edc96207272e71c67514ae4b824eec82f75e061eeac5c78100a3c2981bc4d5fe34e96856b84f43d
x-response-lb: image
ali-swift-global-savetime: 1670072825
age: 249223
x-cache: HIT TCP_HIT dirn:1:258648068 mlen:0
x-swift-savetime: Mon, 05 Dec 2022 00:01:15 GMT
x-swift-cachetime: 31410350
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516703220480713020e
X-Firefox-Spdy: h2

img.cuphf.xyz/images/6346711e5655a5a08f5be738.gif

185.239.226.87

302 Found

274 kB

URL HTTP/2
img.cuphf.xyz/images/6346711e5655a5a08f5be738.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type
GIF image data, version 89a, 200 x 200\012- data
Size
274 kB (273715 bytes)
Hash
861dfe01844a99e30fe199070510d06d
aca4c3d0899d413ebf1e3068a677b88de75339a7
0374e9aba033b4e4330adb7b81dd0a7663c9a85952f21a0e0d4fa6cd548218a6

HTTP Headers

GET /images/6346711e5655a5a08f5be738.gif HTTP/1.1
Host: img.cuphf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/db25de6254b74c8db7385b25686425fb
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/39ff8d0d2cca4540b5ec031b48a08cef

47.246.44.225

200 OK

275 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/39ff8d0d2cca4540b5ec031b48a08cef
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 350 x 250\012- data
Size
275 kB (275361 bytes)
Hash
a6868f098b826f6353bc5cff0f4bb519
2b99ca697fd5a1ceb709d734f2eac8e375b5c421
9fbe7172e79bc11411b1965d877e5bdc221bdb8af668bd6fdb0d3bf55cd7c761

HTTP Headers

GET /obj/tos-cn-i-dy/39ff8d0d2cca4540b5ec031b48a08cef HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 275361
date: Mon, 05 Dec 2022 13:40:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:09:23 GMT
nw-session-id: 202212051909230101581651493CD5C1F88k7ph02dy
nw-session-trace: 2022-12-05T19:09:23.167585597+08:00 60
x-bdcdn-cache-status: TCP_HIT
x-length: 275361
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:09:23 GMT
x-tt-logid: 202212051909230101581651493CD5C1F8
via: n132-082-163, cache11.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[2,0], cache2.se1[0,0,200-0,H], cache1.se1[2,0]
x-request-ip: fdbd:dc03:11:628::202
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01410983f870bde7a2d2183b3c6f071839eaa91f81a9e6b99562be5eb4c69dbe892e6115973ab0d1ffe18edd063306c8533f246c3ce0dfa89f3f84bd847d801fb5695d35663de6d2226fa656f1d4008b8bd23e9c9e3e73a1f26a94e562a5b28f99
x-response-lb: image
ali-swift-global-savetime: 1670247626
age: 74422
x-cache: HIT TCP_HIT dirn:11:385097967
x-swift-savetime: Mon, 05 Dec 2022 15:26:12 GMT
x-swift-cachetime: 31529654
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516703220481223061e
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1340913025&si=2b3db8253435b071db99935eb54e99bb&v=1.3.0&lv=1&sn=31503&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1340913025&si=2b3db8253435b071db99935eb54e99bb&v=1.3.0&lv=1&sn=31503&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1340913025&si=2b3db8253435b071db99935eb54e99bb&v=1.3.0&lv=1&sn=31503&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=ED8DF7957E775191; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

p3.douyinpic.com/obj/tos-cn-i-dy/25bbc4f3f3c14938b4a124f66ab71ee9

47.246.44.225

200 OK

571 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/25bbc4f3f3c14938b4a124f66ab71ee9
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 70\012- data
Size
571 kB (570812 bytes)
Hash
291d932e82cee0f4cb4df244f2544bd6
8c5d232bdcc5b889f19df07617e985a8e4fbdc99
f3bfcf12830f6bdd2e6fc24d0dd55cbfa4acbd128adb55e9ecdbc64cd400e158

HTTP Headers

GET /obj/tos-cn-i-dy/25bbc4f3f3c14938b4a124f66ab71ee9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 570812
date: Mon, 05 Dec 2022 07:38:12 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 07:38:12 GMT
nw-session-id: 202212051538120101351600234FBA2EE8crvv603dy
nw-session-trace: 2022-12-05T15:38:12.079495256+08:00 54
x-bdcdn-cache-status: TCP_MISS
x-length: 570812
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 15:38:12 GMT
x-tt-logid: 202212051538120101351600234FBA2EE8
via: n132-090-149, cache19.l2de2[323,323,206-0,M], cache11.l2de2[325,0], cache11.l2de2[325,0], cache8.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc03:8:577::23
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015753073c6eb795804c878ce4635158b04b44aefe71cfff406be3e3cf3810354826042faa06cd5309cb1898c743a27c1b7c3ffb03f7003f547ea8c09e37e04f0f10afe4bc58f397916ef2ddede27ac8cad7f0b52072b3d014e859cf69921ac4e2
x-response-lb: image
ali-swift-global-savetime: 1670225892
age: 96156
x-cache: HIT TCP_MEM_HIT dirn:1:308634398 mlen:0
x-swift-savetime: Mon, 05 Dec 2022 07:38:12 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516703220481243063e
X-Firefox-Spdy: h2

sj86.cc/template/m1938pc/ads/33.gif

216.83.52.115

200 OK

141 kB

URL HTTP/1.1
sj86.cc/template/m1938pc/ads/33.gif
IP
216.83.52.115:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 500 x 200\012- data
Size
141 kB (141377 bytes)
Hash
e6f6abe8f4376f887afbf1176b4eef5f
053024001885155c854fe7c2a6e9debfc8a3839d
ead0ec2e39f8d2391b330cedf92eb85c55b61444c62cafd7e6c7a37dfcc4a907

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/33.gif HTTP/1.1
Host: sj86.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 17 Nov 2022 05:57:53 GMT
Accept-Ranges: bytes
ETag: "922c8849fad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 141377

u1055.com/359a5215574a408fa1b4848851a3bdc5.gif

45.61.212.135

200 OK

5.4 kB

URL HTTP/2
u1055.com/359a5215574a408fa1b4848851a3bdc5.gif
IP
45.61.212.135:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 128 x 128\012- data
Size
5.4 kB (5401 bytes)
Hash
a0438d7c62b550cd7ddd9e2e610985c5
30ce913fb9d79ff3d3d3c0416d4f23273db581ea
f79805b07dd476b307facd24cd474fff1007d5241bc3a4aaba3f9bb2a63a5273

HTTP Headers

GET /359a5215574a408fa1b4848851a3bdc5.gif HTTP/1.1
Host: u1055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "63886665-1519"
server: nginx
date: Sun, 04 Dec 2022 10:58:25 GMT
content-type: image/gif
last-modified: Thu, 01 Dec 2022 08:31:33 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-05
content-length: 5401
X-Firefox-Spdy: h2

sj86.cc/template/m1938pc/ads/31.gif

216.83.52.115

200 OK

111 kB

URL HTTP/1.1
sj86.cc/template/m1938pc/ads/31.gif
IP
216.83.52.115:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 500 x 200\012- data
Size
111 kB (110778 bytes)
Hash
aa21f22d01ef2cd02b1a0efd4b29c86a
f2e17a29aefe4c94976a971479f5ad526e923751
3cbb82a743d3209db517dad385712e5981706cf55e3c4d2dc231a6a684ec0ffd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/31.gif HTTP/1.1
Host: sj86.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 17 Nov 2022 05:57:53 GMT
Accept-Ranges: bytes
ETag: "922c8849fad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 110778

u1055.com/dc07d39950c3431cae69f1580b7745d0.gif

45.61.212.135

200 OK

322 kB

URL HTTP/2
u1055.com/dc07d39950c3431cae69f1580b7745d0.gif
IP
45.61.212.135:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
322 kB (322130 bytes)
Hash
6e9a6af4964e174da5597e2be162e59c
a75f9890ad7e1334f11b4dbe0da134266d78e329
b43e284062fe514e5108a9c8601616ea2771a2d64a3b32644ae7adea063599d3

HTTP Headers

GET /dc07d39950c3431cae69f1580b7745d0.gif HTTP/1.1
Host: u1055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "63886673-4ea52"
server: nginx
date: Thu, 01 Dec 2022 09:04:11 GMT
content-type: image/gif
last-modified: Thu, 01 Dec 2022 08:31:47 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-05
content-length: 322130
X-Firefox-Spdy: h2

u1077.com/55ac5963682a4368850eaf9197d9ec69.gif

45.61.212.135

200 OK

358 kB

URL HTTP/2
u1077.com/55ac5963682a4368850eaf9197d9ec69.gif
IP
45.61.212.135:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
358 kB (358522 bytes)
Hash
677dab97fd11d2343aed327e66c5a29e
72835b9544fb5562003588064f415bb9362b7cb6
feb70e6f842abc981c0d7bac60bb6fac4e602065bfecf386adcafa5d2e303d48

HTTP Headers

GET /55ac5963682a4368850eaf9197d9ec69.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "637b5400-5787a"
server: nginx
date: Thu, 24 Nov 2022 08:38:25 GMT
content-type: image/gif
last-modified: Mon, 21 Nov 2022 10:33:36 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-05
content-length: 358522
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?34d80a7dc169cac3dfc63d36a888e85d

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?34d80a7dc169cac3dfc63d36a888e85d
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
a1741259b7402f59897726540b486309
2402d8de0d7e5a4bf12a10a82e287b5cabd5dd42
8f6b1909edfda8f55e23c45d6382d8a2b7e84c7faf0d860db08409be0aa4ade5

HTTP Headers

GET /hm.js?34d80a7dc169cac3dfc63d36a888e85d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: cf41d270cbadf1bcdfea9c73458ee706
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5AF21FF0D8CAB281; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?2b3db8253435b071db99935eb54e99bb

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2b3db8253435b071db99935eb54e99bb
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
668d62e64a8a4c3f600230fa88a45746
403f522e29950ed8a91a0ef33ce67c30d72d3541
2d54c7644dd721546eca4e8c97289294ccf6b5d3f259912dbec1ce3afcb0cf93

HTTP Headers

GET /hm.js?2b3db8253435b071db99935eb54e99bb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: d8be59acb57caa0ab673cb12f04ef9a9

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: d5210de9c2dd96c54d3f2aee025b4a8d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C63AF4A617825539; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=717918649&si=675e2d63db7bfa79b1e530352f68a041&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=717918649&si=675e2d63db7bfa79b1e530352f68a041&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=717918649&si=675e2d63db7bfa79b1e530352f68a041&v=1.3.0&lv=1&sn=31502&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E6A2F87928DF0093; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
4bef3c34e77deb2efd6500ce42f18e6b
f824c7e68f4db07d32f4b036f811eea35d562ebe
fca797eeca7cf1831bc6bb95383e7ccd473201a32ed71f4f3d44b49dab6be0bd

HTTP Headers

GET /hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: 5d77098cbd2bc9f9f889183da7ea35cc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=059BD2D17FDD2973; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?debe76ff0e8bf8a9bce3535f8890ee6c

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?debe76ff0e8bf8a9bce3535f8890ee6c
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
a2f4ce08c0cf496df73086c9aa7c04e7
8a5e937604cf1e1ca83a4fcb8666ba1b5e9f3703
2683e770f3151ae269268cead6dc90be96bb895f2c98fcb1807e17d898df8d5c

HTTP Headers

GET /hm.js?debe76ff0e8bf8a9bce3535f8890ee6c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: 25917720d8269ba463d8d0e1e8b8d1e2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=21FFBDDD3F092663; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=30387330&si=8b0295edbcfa9cd8148a5e6bf52a2a2f&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=30387330&si=8b0295edbcfa9cd8148a5e6bf52a2a2f&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=30387330&si=8b0295edbcfa9cd8148a5e6bf52a2a2f&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=39A2B4D7FB719950; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

img.1138555.com/images/638deadd09ca91e002014501.gif

185.239.226.87

302 Found

145 kB

URL HTTP/2
img.1138555.com/images/638deadd09ca91e002014501.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type
GIF image data, version 89a, 128 x 128\012- data
Size
145 kB (145431 bytes)
Hash
ee0cfc81104f246dbc67d977b6f296c9
3e276d70d967d8683294f5b80f5cfd43a1b5ea5c
4d9cdc5aabed45dcf2f79a2419794013cc0cb5af8a58e63731c5d311be796432

HTTP Headers

GET /images/638deadd09ca91e002014501.gif HTTP/1.1
Host: img.1138555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367
X-Firefox-Spdy: h2

8499753.com/8499/960x60.gif

23.224.101.37

200 OK

331 kB

URL HTTP/2
8499753.com/8499/960x60.gif
IP
23.224.101.37:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /8499/960x60.gif HTTP/1.1
Host: 8499753.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 10:20:47 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

n0499.com/a5190dbb8cd0403a8a4746ccf9705eb0.png

20.89.95.197

200 OK

21 kB

URL HTTP/2
n0499.com/a5190dbb8cd0403a8a4746ccf9705eb0.png
IP
20.89.95.197:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21207 bytes)
Hash
32843a5ebf2e0a3a980fa183c41fbc47
6848405aecb5f993051a408808334a7601fa3ccd
82aaebe9f883cb1b71e100048ae6cdc916e1fc4d436190df05f4296fd127c3f2

HTTP Headers

GET /a5190dbb8cd0403a8a4746ccf9705eb0.png HTTP/1.1
Host: n0499.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 10:20:47 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Mon, 21 Nov 2022 10:33:24 GMT
etag: W/"637b53f4-2803"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

n0544.com/a2c272e672d641478475498e9b273d4d.png

20.222.160.211

200 OK

20 kB

URL HTTP/2
n0544.com/a2c272e672d641478475498e9b273d4d.png
IP
20.222.160.211:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
20 kB (20298 bytes)
Hash
98af8d89c99d6339b3a1427d52f471a8
f371a5ed162bbe4a8a3d3867a03c80e5943a2ee0
d89843dbae162c5148aeb71358395ec67ce44609e91c21caf5f12db0e75b52bc

HTTP Headers

GET /a2c272e672d641478475498e9b273d4d.png HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 10:20:47 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Sat, 05 Nov 2022 08:49:55 GMT
etag: W/"636623b3-4ff7"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9

47.246.44.225

200 OK

460 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
460 kB (459882 bytes)
Hash
9755d798f1df0ff90ff281daf889c27e
6684c546dc5b1e65c84786cf929562e4bf5a4854
86943358042194179070f2e3fa41e8296cd53999c5d025fdcaf6ddff98714f87

HTTP Headers

GET /obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 459882
date: Mon, 05 Dec 2022 11:57:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:29:24 GMT
nw-session-id: 202212051929240102090950660FC6D0DCgkhk903dy
nw-session-trace: 2022-12-05T19:29:24.652328753+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 459882
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:29:24 GMT
x-tt-logid: 202212051929240102090950660FC6D0DC
via: n132-078-099, cache9.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e53d331f021ee346a4a71cd251f620c397b4785e133000e4fcc6a1414827e76105afaf9318ee148ff06afa2468c0c77cf2a1905b0e38acce52cf9db0363cd74a65d3a109f76bc5c653c18372cd8b87f98cdbbed705c989cbdb2708cf3e5eac60
x-response-lb: image
ali-swift-global-savetime: 1670241457
age: 80591
x-cache: HIT TCP_MEM_HIT dirn:2:442320201
x-swift-savetime: Mon, 05 Dec 2022 12:00:14 GMT
x-swift-cachetime: 31535843
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516703220487263497e
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=124250905&si=2b3db8253435b071db99935eb54e99bb&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=124250905&si=2b3db8253435b071db99935eb54e99bb&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=124250905&si=2b3db8253435b071db99935eb54e99bb&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31503&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=47F642816F2FB222; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
d6b4ff5fcf787a606f071cf18157939d
310e91e9238d0cad3bfdef9ff9afd25c212174f8
a93a6c29ebe86701bd46d02fed70c7770afc87e838049d00aa6ab3a6648ec15f

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:48 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 10:57:28 GMT
Expires: Mon, 12 Dec 2022 10:57:27 GMT
Etag: "310e91e9238d0cad3bfdef9ff9afd25c212174f8"
Cache-Control: max-age=519998,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a842cd30b4d-OSL

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=422458623&si=48b4dd21f87e9ab3442fdd3d9eff1b40&v=1.3.0&lv=1&sn=31504&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=422458623&si=48b4dd21f87e9ab3442fdd3d9eff1b40&v=1.3.0&lv=1&sn=31504&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=422458623&si=48b4dd21f87e9ab3442fdd3d9eff1b40&v=1.3.0&lv=1&sn=31504&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=321F5B84AC175376; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1360316503&si=debe76ff0e8bf8a9bce3535f8890ee6c&v=1.3.0&lv=1&sn=31504&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1360316503&si=debe76ff0e8bf8a9bce3535f8890ee6c&v=1.3.0&lv=1&sn=31504&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8!
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1360316503&si=debe76ff0e8bf8a9bce3535f8890ee6c&v=1.3.0&lv=1&sn=31504&r=0&ww=1152&u=http%3A%2F%2Fseyedbehnambarabadi.com%2Fbooks%2FttjLz.asp&tt=%E9%9B%84%E6%B3%B0%E6%AC%A2%E8%BF%8E%E6%82%A8! HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seyedbehnambarabadi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1721CD80641CF19A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

p.qlogo.cn/qqmail_head/PiajxSqBRaELqPahYLFZH9ouhuYRQGvOE6Jpic2zTvndUd2fLK5VTTWuF3XXEic6vI1DJGhfs86jaA/0

43.129.255.47

200 OK

331 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaELqPahYLFZH9ouhuYRQGvOE6Jpic2zTvndUd2fLK5VTTWuF3XXEic6vI1DJGhfs86jaA/0
IP
43.129.255.47:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /qqmail_head/PiajxSqBRaELqPahYLFZH9ouhuYRQGvOE6Jpic2zTvndUd2fLK5VTTWuF3XXEic6vI1DJGhfs86jaA/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 06 Dec 2022 10:20:47 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:42:24 GMT
cache-control: max-age=2592000
x-delay: 49815 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: c4eae423-e4aa-4481-be4d-102dd34af63b
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

95.101.10.193

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.193:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
3a8e1441d399d01eaa495b2d6e2d6cad
7859520151ba54bd1ea0e3079116afb707b493b7
be875fcdf8548ecd4eb7e6173c11c20b611174e843d3f5d1a77fd8b750a638e2

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 06 Dec 2022 10:20:49 GMT
Connection: keep-alive
X-N: S

hm.baidu.com/hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
decb566d68f0df6b36861c1c0e00667f
f8081ff0ba907e44717e4db04ba83effc2243f54
20a30f3d9c68a98a3d2fb646e89d84550114cc0995f917cabce60f3955a2f8af

HTTP Headers

GET /hm.js?48b4dd21f87e9ab3442fdd3d9eff1b40 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 5d77098cbd2bc9f9f889183da7ea35cc

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: 7c4fd4a286301c3e4c7d1a2f58f7a972
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7F8A70F6570513A2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?debe76ff0e8bf8a9bce3535f8890ee6c

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?debe76ff0e8bf8a9bce3535f8890ee6c
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
39e80aaa793f3d9275464fab87b9ad95
de3a2aed09cdf774ae6ac5008b1212ef085bca77
f966b2c05696ab83be11fc68c7736e94189a95363a9d56d1fbff2a07a747cc3f

HTTP Headers

GET /hm.js?debe76ff0e8bf8a9bce3535f8890ee6c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 25917720d8269ba463d8d0e1e8b8d1e2

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 10:20:48 GMT
Etag: 423151ee1aeed81f4760042fd83c2609
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F1F199E35FE079A6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1326005147&si=34d80a7dc169cac3dfc63d36a888e85d&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1326005147&si=34d80a7dc169cac3dfc63d36a888e85d&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1326005147&si=34d80a7dc169cac3dfc63d36a888e85d&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A9721460509D1DF9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
a48dd3a23c4e87d0614387f7834916f2
3b779909e0ddfe1aad4093da8f6f75e11cf78e9e
f6674f5aca882e3a6c317e9006334a6ebc641b511cea483917b17178c0dffe70

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:49 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 05:46:02 GMT
Expires: Sun, 11 Dec 2022 05:46:01 GMT
Etag: "3b779909e0ddfe1aad4093da8f6f75e11cf78e9e"
Cache-Control: max-age=414911,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a876f680b4d-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
a48dd3a23c4e87d0614387f7834916f2
3b779909e0ddfe1aad4093da8f6f75e11cf78e9e
f6674f5aca882e3a6c317e9006334a6ebc641b511cea483917b17178c0dffe70

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:20:49 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 05:46:02 GMT
Expires: Sun, 11 Dec 2022 05:46:01 GMT
Etag: "3b779909e0ddfe1aad4093da8f6f75e11cf78e9e"
Cache-Control: max-age=414911,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77544a87af590b3d-OSL

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1742329670&si=48b4dd21f87e9ab3442fdd3d9eff1b40&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1742329670&si=48b4dd21f87e9ab3442fdd3d9eff1b40&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=1742329670&si=48b4dd21f87e9ab3442fdd3d9eff1b40&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2E53EBBA615C64C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

8499133.com/8499/150x150.gif

172.247.50.228

200 OK

135 kB

URL HTTP/2
8499133.com/8499/150x150.gif
IP
172.247.50.228:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 150 x 150\012- data
Size
135 kB (134747 bytes)
Hash
48c8ab8ae6b52201e71decda0b783d26
5817a61ac305b0b96542b5aced965e79cf67d010
011e88ae2efb7e2c7a98115adcc443c2b965206d34a45c98f7012d476de9aeb8

HTTP Headers

GET /8499/150x150.gif HTTP/1.1
Host: 8499133.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 10:20:48 GMT
content-type: image/gif
content-length: 134747
last-modified: Sun, 13 Nov 2022 10:03:32 GMT
etag: "20e5b-5ed573c48c405"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=828852612&si=debe76ff0e8bf8a9bce3535f8890ee6c&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=828852612&si=debe76ff0e8bf8a9bce3535f8890ee6c&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=828852612&si=debe76ff0e8bf8a9bce3535f8890ee6c&su=http%3A%2F%2Fseyedbehnambarabadi.com%2F&v=1.3.0&lv=1&sn=31504&r=0&ww=1140&u=http%3A%2F%2Fwww.rj58.cc%2F&tt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86-%E5%85%8D%E8%B4%B9%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 10:20:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=633A26E46D334C76; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.rj58.cc/template/m1938pc/ads/zb.gif

216.83.52.98

200 OK

87 kB

URL HTTP/1.1
www.rj58.cc/template/m1938pc/ads/zb.gif
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 960 x 120\012- data
Size
87 kB (86697 bytes)
Hash
c93b3ed293066d747d880ea368f305c3
7847cf128db1b0cc6f25cbfb54125348bf6dda97
79a2ddaa98a1421d78798163acdce3928ac97d2f63e5a7a64ff011180661a2b3

HTTP Headers

GET /template/m1938pc/ads/zb.gif HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "ca1ad9e4bbf9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 86697

84998085.com/8499/250x200.gif

154.39.67.234

200 OK

47 kB

URL HTTP/2
84998085.com/8499/250x200.gif
IP
154.39.67.234:0
ASN
#174 COGENT-174

File type
GIF image data, version 89a, 250 x 200\012- data
Size
47 kB (46627 bytes)
Hash
9fc3ae6f442b3c8a8a9c7b9fab94520c
87a52288414a9648291633b8d842c461749952b6
521a8fd0bfcbfa1688e794efd84da726edcd29eeff8e511ad31bbba964e888e4

HTTP Headers

GET /8499/250x200.gif HTTP/1.1
Host: 84998085.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 10:20:49 GMT
content-type: image/gif
content-length: 46627
last-modified: Wed, 16 Nov 2022 10:35:02 GMT
etag: "b623-5ed9406763d9a"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

img.9617x.com/images/638dc42e8f3963d46af13144.gif

185.239.226.87

302 Found

0 B

URL HTTP/2
img.9617x.com/images/638dc42e8f3963d46af13144.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638dc42e8f3963d46af13144.gif HTTP/1.1
Host: img.9617x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/25bbc4f3f3c14938b4a124f66ab71ee9
X-Firefox-Spdy: h2

n0633.com/01e26b6cbfb7497dba2c6a4b3db18d9a.gif

20.222.57.42

200 OK

0 B

URL HTTP/2
n0633.com/01e26b6cbfb7497dba2c6a4b3db18d9a.gif
IP
20.222.57.42:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /01e26b6cbfb7497dba2c6a4b3db18d9a.gif HTTP/1.1
Host: n0633.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 10:20:47 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sat, 05 Nov 2022 08:49:12 GMT
etag: W/"63662388-93d48"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

img.1180555.com/images/638de5bc09ca91e0020143c5.gif

185.239.226.87

302 Found

0 B

URL HTTP/2
img.1180555.com/images/638de5bc09ca91e0020143c5.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638de5bc09ca91e0020143c5.gif HTTP/1.1
Host: img.1180555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
X-Firefox-Spdy: h2

ss011642.foshanduokai.com/upload/20221110/5057b636445c023f8c244c50fa6c2518.js

27.155.82.10

200 OK

0 B

URL HTTP/2
ss011642.foshanduokai.com/upload/20221110/5057b636445c023f8c244c50fa6c2518.js
IP
27.155.82.10:0
ASN
#133774 Fuzhou

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /upload/20221110/5057b636445c023f8c244c50fa6c2518.js HTTP/1.1
Host: ss011642.foshanduokai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NgxFence
date: Tue, 06 Dec 2022 10:20:49 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 10:22:13 GMT
vary: Accept-Encoding
etag: W/"637df455-ad41"
expires: Sat, 03 Dec 2022 07:31:47 GMT
cache-control: max-age=43200
content-encoding: gzip
x-cache: HIT
X-Firefox-Spdy: h2

www.rj58.cc/template/m1938pc/ads/003.gif

216.83.52.98

200 OK

0 B

URL HTTP/1.1
www.rj58.cc/template/m1938pc/ads/003.gif
IP
216.83.52.98:0
ASN
#64050 BGPNET Global ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/ads/003.gif HTTP/1.1
Host: www.rj58.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rj58.cc/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 16 Nov 2022 13:04:00 GMT
Accept-Ranges: bytes
ETag: "957d4e4bbf9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:20:06 GMT
Content-Length: 1925473

img.9275x.com/images/636e4eaefb917b7701d25504.gif

185.239.226.87

302 Found

0 B

URL HTTP/2
img.9275x.com/images/636e4eaefb917b7701d25504.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/636e4eaefb917b7701d25504.gif HTTP/1.1
Host: img.9275x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/f4ed244615484283b5725547078cd4fa
X-Firefox-Spdy: h2

ss011642.foshanduokai.com/upload/20221110/b49721ad24a287f699c9f520582a31c5.js

27.155.82.10

200 OK

0 B

URL HTTP/2
ss011642.foshanduokai.com/upload/20221110/b49721ad24a287f699c9f520582a31c5.js
IP
27.155.82.10:0
ASN
#133774 Fuzhou

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /upload/20221110/b49721ad24a287f699c9f520582a31c5.js HTTP/1.1
Host: ss011642.foshanduokai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NgxFence
date: Tue, 06 Dec 2022 10:20:49 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 10:22:13 GMT
vary: Accept-Encoding
etag: W/"637df455-9a93"
expires: Sat, 03 Dec 2022 07:31:33 GMT
cache-control: max-age=43200
content-encoding: gzip
x-cache: HIT
X-Firefox-Spdy: h2

img.1198555.com/images/638de5c509ca91e0020143c6.gif

185.239.226.87

302 Found

0 B

URL HTTP/2
img.1198555.com/images/638de5c509ca91e0020143c6.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638de5c509ca91e0020143c6.gif HTTP/1.1
Host: img.1198555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rj58.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/39ff8d0d2cca4540b5ec031b48a08cef
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations