Overview

URL www.akhbarjagat.com/uploads/photos-gallery/Celebrity-Pics/Sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00
IP23.19.132.94
ASNLEASEWEB-USA-PHX
Location United States
Report completed2022-10-03 01:34:06 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-03 2 dxjyy110.xyz Sinkholed


Files

No files detected



Passive DNS (33)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.globalsign.com (3) 2075 2012-05-25 06:20:55 UTC 2022-10-02 11:33:30 UTC 104.18.21.226
mnemonic passive DNS dimg04.c-ctrip.com (3) 139731 2014-05-08 16:11:10 UTC 2022-10-02 17:43:05 UTC 104.110.17.24
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-10-02 11:43:48 UTC 104.18.20.226
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS www.akhbarjagat.com (4) 0 2022-09-22 02:54:16 UTC 2022-10-01 04:25:15 UTC 23.19.132.94 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS p3.douyinpic.com (1) 23536 2020-12-18 11:20:50 UTC 2022-10-02 17:43:06 UTC 47.246.44.225
mnemonic passive DNS pic.picnewsss.com (1) 0 2022-06-14 11:57:58 UTC 2022-10-02 15:40:14 UTC 23.225.139.251 Unknown ranking
mnemonic passive DNS 66377311795.com (1) 0 2022-08-09 09:37:37 UTC 2022-10-02 17:04:12 UTC 45.61.212.59 Unknown ranking
mnemonic passive DNS yaoji666.oss-cn-hongkong.aliyuncs.com (1) 0 2022-07-12 23:48:19 UTC 2022-10-02 17:04:00 UTC 47.75.19.62 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-02 22:37:38 UTC 18.164.68.8
mnemonic passive DNS push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-10-02 17:43:04 UTC 182.61.240.101
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 35.167.231.108
mnemonic passive DNS www.dxjyy110.xyz (1) 0 2022-09-14 10:05:08 UTC 2022-10-01 04:25:17 UTC 173.231.38.159 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 34.160.144.191
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS rootnetworksdv.ocsp-certum.com (1) 0 2022-06-01 19:17:44 UTC 2022-10-01 04:25:43 UTC 23.36.79.10 Domain (ocsp-certum.com) ranked at: 9356
mnemonic passive DNS kvemm.com (1) 222018 2021-10-18 01:51:02 UTC 2022-10-02 17:04:00 UTC 78.46.107.74
mnemonic passive DNS ocsp.digicert.cn (1) 37572 2020-03-20 17:45:56 UTC 2022-10-02 12:10:58 UTC 47.246.44.205
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS 566ben.com.999nan.com.999hen.com.bbz20.xyz (25) 0 2022-10-01 02:24:08 UTC 2022-10-01 04:25:15 UTC 142.91.194.42 Unknown ranking
mnemonic passive DNS js.users.51.la (2) 53024 2012-05-30 15:10:11 UTC 2022-10-02 12:29:09 UTC 103.143.19.103
mnemonic passive DNS hm.baidu.com (4) 8254 2012-05-26 08:38:45 UTC 2022-10-02 11:36:19 UTC 103.235.46.191
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-10-02 20:33:06 UTC 104.18.32.68
mnemonic passive DNS si1.go2yd.com (1) 325918 2017-02-02 11:37:19 UTC 2022-10-02 17:01:39 UTC 163.171.140.79
mnemonic passive DNS img.x995.xyz (1) 0 2022-07-18 13:16:51 UTC 2022-10-01 04:25:16 UTC 23.225.222.2 Unknown ranking
mnemonic passive DNS facai688.xyz (1) 0 2022-06-01 19:17:43 UTC 2022-10-01 04:25:15 UTC 108.62.14.8 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.77.32
mnemonic passive DNS tj.facai688.xyz (1) 0 2022-06-01 19:17:42 UTC 2022-10-01 04:25:15 UTC 108.62.14.8 Unknown ranking
mnemonic passive DNS api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2022-10-02 17:43:07 UTC 182.61.240.101
mnemonic passive DNS ia.51.la (2) 59607 2017-10-31 08:01:51 UTC 2022-10-02 12:29:10 UTC 103.143.19.103
mnemonic passive DNS kvkiii.top (1) 0 2022-08-16 22:28:55 UTC 2022-10-02 16:46:52 UTC 104.21.234.205 Unknown ranking
mnemonic passive DNS 539397377.com (1) 0 2022-09-15 08:58:39 UTC 2022-10-01 04:25:16 UTC 47.75.19.14 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.19.132.94

Date UQ / IDS / BL URL IP
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-21 03:10:07 +0000
0 - 0 - 4 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-19 05:26:22 +0000
0 - 0 - 3 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-19 05:25:46 +0000
0 - 0 - 3 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-18 04:10:28 +0000
0 - 0 - 2 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

Last 5 reports on ASN: LEASEWEB-USA-PHX

Date UQ / IDS / BL URL IP
2022-12-02 01:08:54 +0000
0 - 0 - 1 www.munkakereso.com/excel/eafe28349e97f8b8c62 (...) 23.81.237.225
2022-12-02 01:08:39 +0000
0 - 0 - 2 munkakereso.com/excel/eafe28349e97f8b8c6276db (...) 23.81.237.225
2022-11-25 01:20:07 +0000
0 - 0 - 2 23.81.227.197/ 23.81.227.197
2022-11-23 03:54:36 +0000
0 - 0 - 4 www.cunetong.com/ 23.19.133.213
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

Last 5 reports on domain: akhbarjagat.com

Date UQ / IDS / BL URL IP
2022-11-21 03:10:25 +0000
0 - 0 - 4 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-21 03:10:07 +0000
0 - 0 - 4 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-19 05:26:22 +0000
0 - 0 - 3 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94
2022-11-19 05:25:46 +0000
0 - 0 - 3 akhbarjagat.com/uploads/photos-gallery/celebr (...) 23.19.132.94
2022-11-18 04:10:28 +0000
0 - 0 - 2 www.akhbarjagat.com/uploads/photos-gallery/ce (...) 23.19.132.94

No other reports with similar screenshot



JavaScript

Executed Scripts (26)


Executed Evals (1)

#1 JavaScript::Eval (size: 462, repeated: 1) - SHA256: a0b595d2246e129c3862e21182936f4eb966da13c113b909b897a779c7ad8fa9

                                        document.write('<title>�3�
        F8 Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="http:/ / facai688.xyz / tz.html "></iframe></div><style type="
        text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');
                                    

Executed Writes (6)

#1 JavaScript::Write (size: 489, repeated: 1) - SHA256: 9eb87cdca5d7ed87434803b14a745d241d0730b819a428d0b043ff217808717e

                                        < style > .duilian {
    z - index: 9999;
    position: fixed;
    border - bottom: 1 px dashed red;
    border - right: 1 px dashed red;
    border - left: 1 px dashed red;
}.dlclose {
    height: 30 px;line - height: 30 px;text - align: center;display: block;background - color: # fff;color: # f00;
}.dlad {
    display: block;
}@
media screen and(min - width: 768 px) {.dlad img {
        width: 120 px;
    }.duilian {
        top: 310 px;
    }
}@
media screen and(max - width: 767 px) {.dlad img {
        width: 60 px;
    }.duilian {
        top: 300 px;
    }
}
# duilianl {
    float: left;left: 0 px;
}
# duilianr {
    float: right;right: 0 px;
} < /style>
                                    

#2 JavaScript::Write (size: 42, repeated: 1) - SHA256: 9051e7bba294757012e701ae014a85297c6a40dec8f7e4f7f97f722d31e4ce99

                                        566 ben.com.999 nan.com.999 hen.com.bbz20.xyz
                                    

#3 JavaScript::Write (size: 443, repeated: 1) - SHA256: f905d0e7c2388e6caf64b22eec971777fbfaff831c004e364afe931ccf5c8360

                                        < title > �3� F8 Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="http:/ / facai688.xyz / tz.html "></iframe></div><style type="
text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
                                    

#4 JavaScript::Write (size: 82, repeated: 1) - SHA256: 3129c6cb3e6c985557cb775967d4b4beedc5f979f655dbc4c5750a9d2fc23655

                                        < script type = "text/javascript"
src = "https://js.users.51.la/21340601.js" > < /script>
                                    

#5 JavaScript::Write (size: 201, repeated: 1) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca

                                        < style > # o63092 {
    animation - duration: 10000 ms;
    animation - iteration - count: infinite;
    animation - timing - function: linear;
}@
keyframes spin {
    from {
        transform: rotate(0 deg);
    }
    to {
        transform: rotate(360 deg);
    }
} < /style>
                                    

#6 JavaScript::Write (size: 545, repeated: 1) - SHA256: 345d9c24fbaf685a85cc508b41bfb7401953b960c4af9674ded642f4da15dc36

                                        < div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 30%; z-index: 19999 !important; right: 2px;" > < img src = "https://www.dxjyy110.xyz/static/images/pngtree-icon-close-button-png-image_1357955.jpg"
onclick = "$('#o63092').remove()"
style = "border-radius:50%;position:absolute;top:3px;right:3px;cursor:pointer;width:20px;height:20px;z-index:19000;"
id = "c63092" > < a target = "_blank"
href = "https://5468.nl/" > < img src = "/guang/tupian/xtb1.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>
                                    


HTTP Transactions (86)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5368
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Mon, 03 Oct 2022 01:33:54 GMT
Connection: keep-alive

                                        
                                            GET /uploads/photos-gallery/Celebrity-Pics/Sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00 HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 03 Oct 2022 01:33:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (547), with CRLF line terminators
Size:   743
Md5:    9b4824d4f096012f20cb546d557aff39
Sha1:   a8c144e5f11d0b649f04521b9f8e724d02a4211b
Sha256: 0941e02c9c9f0fdca526e8342391a5af8623a782f459b1994eaf18cbaf09137f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "69D097718CAC37CC6B77D417711C4356557F2B47C78026303BFE5F985B94A5A5"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4313
Expires: Mon, 03 Oct 2022 02:45:47 GMT
Date: Mon, 03 Oct 2022 01:33:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 01:03:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 10941cc38a4a46e6d9b0644cce542a52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: zYx_DvGLXWTqBGWP-jHZ86s7IyoSNn8mvPUN66Mn74Z5fT722hYaFg==
Age: 1832


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: RIoMOPUkoGxnM/8Mr0/OHFjcV4D9buE4SAgnmwoL+woI9jT6+1Y+agJ6bUNupZ23i0Vq5Ni5rmbtkyIJ7WzUdg==
x-amz-request-id: GVXTTA0XSJBRFQME
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 03 Oct 2022 00:53:14 GMT
age: 2440
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 01:33:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /common.js HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/photos-gallery/Celebrity-Pics/Sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 03 Oct 2022 01:33:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size:   736
Md5:    e1937132dc445610755ef97b7ae0bc2f
Sha1:   44eb128036cc75cde0d3cb9d17b0cc0357f7d456
Sha256: 89e6a1c831957332443532e96c9716959189b18cb117ea7006c6b88732329f87
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/photos-gallery/Celebrity-Pics/Sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 03 Oct 2022 01:33:54 GMT
Content-Length: 364
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   364
Md5:    332865220902257fed0762697b2141a9
Sha1:   acb142d77b029d4187f5f28b9cf259ba0ccdc647
Sha256: ad78816c60cb946980c076109cdd9f82d96c35fca6320bfc960439b856fdd6c8
                                        
                                            GET /tjc.js HTTP/1.1 
Host: tj.facai688.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         108.62.14.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Tue, 27 Sep 2022 03:36:46 GMT
Accept-Ranges: bytes
ETag: "95b1585e22d2d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:35 GMT
Content-Length: 276


--- Additional Info ---
Magic:  ISO-8859 text, with no line terminators
Size:   276
Md5:    d57622637b518ca682e97e69331dcc42
Sha1:   01e6cbc6d4a97adbd6d2c8df87511a8fe2d76af1
Sha256: 348ad9f2db00842da676617c90150ef76f7bd7d0753a00329f6e0af3ec635a6d
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 03 Oct 2022 01:32:53 GMT
Expires: Mon, 03 Oct 2022 01:44:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d7a09e17a9797d15006b403215eeebe6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: vNkFiatO9Py0TC5GFsUaad_1L7Z98nS84xF8x4zHTQIh6ZLzPg3v5A==
Age: 62


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /tz.html HTTP/1.1 
Host: facai688.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Upgrade-Insecure-Requests: 1

                                         
                                         108.62.14.8
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Tue, 27 Sep 2022 03:36:29 GMT
Accept-Ranges: bytes
ETag: "e3c2af5422d2d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:36 GMT
Content-Length: 266


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   266
Md5:    0e14b8becdde1703bb34b5f6f4a3fd68
Sha1:   da6558d5544b8ddda06cdafbfc3f3cf400c08e19
Sha256: d1b13629098eb39688e16f2b53f3d8905d38ce46f059effeebb53160ce96d229
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         182.61.240.101
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Mon, 03 Oct 2022 01:33:55 GMT
Etag: "4078521116"
Expires: Tue, 03 Oct 2023 01:33:55 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=DCEA1DEAB487D68CBD79D6C4B6640294:FG=1; max-age=31536000; expires=Tue, 03-Oct-23 01:33:55 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3761
Cache-Control: max-age=113730
Date: Mon, 03 Oct 2022 01:33:55 GMT
Etag: "63394694-1d7"
Expires: Tue, 04 Oct 2022 09:09:25 GMT
Last-Modified: Sun, 02 Oct 2022 08:06:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K5Cr9VUFPimq9BNSaCHUow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.167.231.108
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a/Ndmx062AyiUAr4ImdaqKNP1sI=

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:33:55 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 06 Oct 2022 22:23:42 GMT
ETag: "f2c083a5ed6ce150c4cdfe465e4303018d992741"
Last-Modified: Sun, 02 Oct 2022 22:23:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 654
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541eeb8982bb51e-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    901c709034ae58f5af52101e3b4585ef
Sha1:   f2c083a5ed6ce150c4cdfe465e4303018d992741
Sha256: 3733ca1701fd386bb68e0426cef0467c2fe7b70770c108e1019314d15dbbcdff
                                        
                                            GET /s.gif?l=http://www.akhbarjagat.com/uploads/photos-gallery/Celebrity-Pics/Sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00 HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         182.61.240.101
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Mon, 03 Oct 2022 01:33:55 GMT

                                        
                                            POST / HTTP/1.1 
Host: rootnetworksdv.ocsp-certum.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.10
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1490
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=898
Date: Mon, 03 Oct 2022 01:33:56 GMT
Connection: keep-alive
X-N: S


--- Additional Info ---
Magic:  data
Size:   1490
Md5:    a47aeb34e2a3b65ec7551bc0151ec2b7
Sha1:   8af7ae377612df3d9bca606b47958f33a0b9b395
Sha256: 7f1b670cc32603d10e3650e1088ba12e994077307299a0fa9a90d58a9c32f527
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:33:56 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 06 Oct 2022 23:28:10 GMT
ETag: "7464605ccbf8065aa6611cdd81a69f83444acb2a"
Last-Modified: Sun, 02 Oct 2022 23:28:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3550
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541eeba0919b51e-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    2c13aad07009ad3c88741794e0a9c4ac
Sha1:   7464605ccbf8065aa6611cdd81a69f83444acb2a
Sha256: a6ba3914ba4f4aaa3adc5f36fa9fd4cc0f6c60136fc99675f384c6fe7635db44
                                        
                                            GET / HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://facai688.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.3.33, ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 12610


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   12610
Md5:    231a1a9896fbb6abfa6763669819432b
Sha1:   97865212d50020693ffc7dd83242187fe1f26236
Sha256: 867e372fc46a4575298d5dd8598b9c44cf3ce10692756ae4cede4816bb8a8018
                                        
                                            GET /21340601.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Mon, 03 Oct 2022 01:33:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=f20b573ff90df3a600; path=/ HWWAFSESTIME=1664760836563; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    2ff318a80195125269380e0a04912fd5
Sha1:   c2346db1a1d365a971fc0059363113c03340e2b0
Sha256: e3e5e1740b559ee77b18767fdd8d33e8886a306d74565c288e132f634c2979e4
                                        
                                            GET /hm.js?95261ac534fe80c3a202f1e9e7b7b02c HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Date: Mon, 03 Oct 2022 01:33:56 GMT
Etag: f92d3f6c9bbee7b7f13ed2304fdc9f5b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6F641EC7F7D00F32; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (628)
Size:   11341
Md5:    d9266a32ce0ef67d070dadf690cc1702
Sha1:   849b78eec5ece1df24cc8e002380cd7702455b08
Sha256: 788d65b4910b88f483a3f5094b1b44972e2269dd37da3735d287605edb94d9fa
                                        
                                            GET /template/default_pc/static/css/bootstrap.min.css HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 16:30:00 GMT
Accept-Ranges: bytes
ETag: "0b4ce92cb36d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 20869


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   20869
Md5:    d396b7d3ad370ccd36985d7bc35dfbd9
Sha1:   b54349c3f074289bb2183a20d20275c859944f91
Sha256: b07c213229c2b22c54f600793044ac3e8bcc11dbacb997e23a52cdbb64b696b2
                                        
                                            GET /21304457.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Mon, 03 Oct 2022 01:33:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=adcca4993a0bf79e1d5; path=/ HWWAFSESTIME=1664760833770; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    9dd130e2d6360f9394d135b73733e123
Sha1:   35370c294542e42c3f0a3b2c9412bdc4e6701df7
Sha256: f7db63a3170b1633f70f5053179bee2ee27634141f46727c9926a6818d2909d0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13555
Expires: Mon, 03 Oct 2022 05:19:52 GMT
Date: Mon, 03 Oct 2022 01:33:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13555
Expires: Mon, 03 Oct 2022 05:19:52 GMT
Date: Mon, 03 Oct 2022 01:33:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13555
Expires: Mon, 03 Oct 2022 05:19:52 GMT
Date: Mon, 03 Oct 2022 01:33:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13555
Expires: Mon, 03 Oct 2022 05:19:52 GMT
Date: Mon, 03 Oct 2022 01:33:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13555
Expires: Mon, 03 Oct 2022 05:19:52 GMT
Date: Mon, 03 Oct 2022 01:33:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 13754
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10839
Md5:    36debc920b17e124779c01af9101a59e
Sha1:   b105f7bf041365d644c98c7e11ffa75e4656d29d
Sha256: f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UnHrBSOKrX4XRjDOtvi6MEMUF9BgrHqn4_2zFpaaKh4X3e-lFzA-2A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 17:03:43 GMT
age: 30614
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10490
Md5:    bed17699f6b123b33b8df416b23c4cac
Sha1:   36458cca636c4ffc873df8acd254ff726b1a9544
Sha256: 65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd83b23eb-68b3-46bd-9d4d-05e5e1be89ab.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10899
x-amzn-requestid: 90b0ec9e-a9d7-4f33-9be4-c398c94105fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQumwH5zIAMFhyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336915e-589bc1371a77b528417c5538;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 06:49:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 01vK76TVAQMgefWTWvlDZou5zQ4iamzmFkIQUrO5h6_ger2ErBWEpA==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:59:15 GMT
age: 12882
etag: "a55c26805a7c70997f0821e56e701609e43eca0e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10899
Md5:    6ab1ce00e8c17325c25f149ae89cc52d
Sha1:   a55c26805a7c70997f0821e56e701609e43eca0e
Sha256: 26c6add2b400560f46cb7637550582b55c48e600bc96994339249b19c5c642f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 20:14:10 GMT
age: 19187
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8277
Md5:    6a90e53b55500427aed06efa3a9baa8c
Sha1:   43a66cd291d1413d7147a29b2a7b27277a443f0b
Sha256: 2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf3117fe-8653-4f81-81ca-39c33b5cbd05.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6460
x-amzn-requestid: 23655e0f-f899-4f3d-bac1-070fed558fc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXQ4EnmIAMFjAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a059f-1e08b5111f56ec1163e4eb71;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h_eNZJuiQw_6H2Ppy2D0cxd9EfIqVi6e8k-D33nCS2lZ9myvA7NrSw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:59:39 GMT
age: 12858
etag: "0e9bfd1a3a8f1643aa0b664706e0e45552dbbfc7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6460
Md5:    87d9e7d5b408493b820d35eff2318657
Sha1:   0e9bfd1a3a8f1643aa0b664706e0e45552dbbfc7
Sha256: 6c1d246a7f024b836b4504d2acfaafe8617cc4384ef9c4ba5095ddd6107ad7cb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 75177
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.akhbarjagat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/uploads/photos-gallery/Celebrity-Pics/Sep/02/big_thumb/m20_pay/userlogin.php/xme/uafz/?nose=1etp1h2rggg00
Cookie: __tins__21340601=%7B%22sid%22%3A%201664760836441%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201664762636441%7D; __51cke__=; __51laig__=1

                                         
                                         23.19.132.94
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Mon, 03 Oct 2022 01:33:56 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 08 Oct 2022 01:33:56 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            GET /template/default_pc/static/js/swiper.js HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:35 GMT
Accept-Ranges: bytes
ETag: "8043b0c17a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 23566


--- Additional Info ---
Magic:  ASCII text, with very long lines (31999), with CRLF line terminators
Size:   23566
Md5:    1f0ab62a78bef11558f885e48158c967
Sha1:   febea63527147b66bd2679340b3d85b9c2ffd7f1
Sha256: 63042ddab6019075987f0bb07730151a3164a17e502a2096890018463c3db8a5
                                        
                                            GET /guang/dibu.js HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 29 Sep 2022 02:10:49 GMT
Accept-Ranges: bytes
ETag: "20ec83b1a8d3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 1039


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (543), with CRLF line terminators
Size:   1039
Md5:    b5ef014d21fa2ac1891b6bde5912bab9
Sha1:   17835a8284ea572adfc2f27d372865e3c807348f
Sha256: 358e6c839e28db155cc5bb4662eab62d1b6f7b36b86f0f7f9bfd6fd569c4c472
                                        
                                            GET /template/default_pc/static/css/swiper.css HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:20 GMT
Accept-Ranges: bytes
ETag: "072bfb87a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 2844


--- Additional Info ---
Magic:  ASCII text, with very long lines (17459), with CRLF line terminators
Size:   2844
Md5:    73495b6b6735f3cbfb2bd61190ab1e9b
Sha1:   8e91c8f0db49ce355c937b4bf889e2e28d90e474
Sha256: 25503d8d79625393388b2012fcff75ca11a0ff24e99ab2e96b81477d03d5b8e7
                                        
                                            GET /template/default_pc/static/js/jquery.lazyload.min.js HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 06:41:44 GMT
Accept-Ranges: bytes
ETag: "084263a7dbad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 1301


--- Additional Info ---
Magic:  ASCII text, with very long lines (3309), with CRLF line terminators
Size:   1301
Md5:    585fbfa6aa45a49cae543556ec02359d
Sha1:   0ec7b720081212cb60a5ade175601872315720ed
Sha256: 539fb61395056ca67b9509f7d93e2254d21936d623c90b2bcd805af05be44dc5
                                        
                                            GET /template/default_pc/static/js/function.js HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 13:28:38 GMT
Accept-Ranges: bytes
ETag: "a2fee2c37a21d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 295


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   295
Md5:    edef42c7a7d3068b37c8abd68da1e65f
Sha1:   d3a95e5345ee1409ec1670419954b018d3b87843
Sha256: ecb0bda0eb6a9c3d87e202f0265d0257bba62381e76f250a9fdb69e451fb73e7
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1765537380&si=95261ac534fe80c3a202f1e9e7b7b02c&v=1.2.97&lv=1&sn=40767&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.akhbarjagat.com%2Fuploads%2Fphotos-gallery%2FCelebrity-Pics%2FSep%2F02%2Fbig_thumb%2Fm20_pay%2Fuserlogin.php%2Fxme%2Fuafz%2F%3Fnose%3D1etp1h2rggg00&tt=%E8%BE%BD%E9%98%B3%E8%B8%8A%E8%83%BA%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.akhbarjagat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 03 Oct 2022 01:33:57 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=94B1F896DFDB2F5E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /template/default_pc/static/css/style.css HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 07 Jul 2022 12:06:13 GMT
Accept-Ranges: bytes
ETag: "80a8c3f3f991d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 14400


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   14400
Md5:    42eaf106628c6d050b80a1f5fa147a91
Sha1:   9f3e90a1ff07dc60f2763fbd578cfcb70f6f13ff
Sha256: 4883479ca8e4c5b6383ef28d8c812dabcef69700587b25e4ff08054cf08aaee1
                                        
                                            GET /template/default_pc/static/js/jquery.js HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 06:41:44 GMT
Accept-Ranges: bytes
ETag: "084263a7dbad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:37 GMT
Content-Length: 35104


--- Additional Info ---
Magic:  ASCII text, with very long lines (1144), with CRLF line terminators
Size:   35104
Md5:    fad2c2e24db686d57d74d53806d73fc4
Sha1:   603ff8fc7d29af457fe952445e86578ba73cf56c
Sha256: d4e1367cc59e239603c8d2ac84ec2738e40dc86a87cde8f59ea14a61b6067dac
                                        
                                            GET /go1?id=21340601&rt=1664760836441&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%252C%25E8%2589%25B3%25E6%2583%2585&ing=1&ekc=&sid=1664760836441&tt=%25E8%25BE%25BD%25E9%2598%25B3%25E8%25B8%258A%25E8%2583%25BA%25E5%2595%2586%25E8%25B4%25B8%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E8%25B6%2585%25E7%25A2%25B097%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%252C%25E8%2589%25B3%25E6%2583%2585%25E7%2589%2587%25E7%2599%25BE%25E5%25BA%25A6%25E5%25BD%25B1%25E9%259F%25B3&cu=http%253A%252F%252Fwww.akhbarjagat.com%252Fuploads%252Fphotos-gallery%252FCelebrity-Pics%252FSep%252F02%252Fbig_thumb%252Fm20_pay%252Fuserlogin.php%252Fxme%252Fuafz%252F%253Fnose%253D1etp1h2rggg00&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.akhbarjagat.com/

                                         
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Mon, 03 Oct 2022 01:33:57 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=bfd3c43366680699bda; path=/ HWWAFSESTIME=1664760835540; path=/

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:33:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 12:43:06 GMT
Expires: Sun, 09 Oct 2022 12:43:05 GMT
Etag: "7533a2124e82dea65b4d20d4891071bfe45d0548"
Cache-Control: max-age=557947,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541eec20e140b4d-OSL

                                        
                                            GET /images/03950120009rs7dn26B5E.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=10630945
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Mon, 03 Oct 2022 01:33:57 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   893726
Md5:    1e34697200f13da14c5bfabeba617325
Sha1:   9a18ed38d5d385f885c28a4280b4c61302745b65
Sha256: b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
                                        
                                            GET /images/0100v120009ttax9l722D.gif?proc=autoorient HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 402231
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11253972
expires: Fri, 10 Feb 2023 07:40:09 GMT
date: Mon, 03 Oct 2022 01:33:57 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 240\012- data
Size:   402231
Md5:    6497ef8f223cd0070b904d48ece475e5
Sha1:   7e6dc0a79d9a1feef08b8cfffffb2fef7bf83fc6
Sha256: cfe5826da227b26ad6a5dc15aea3ca217a3ff9bab854cc7b72b40468fb9a73bc
                                        
                                            GET /images/0394n12000a0asaa74C95.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 1495356
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15057232
expires: Sun, 26 Mar 2023 08:07:49 GMT
date: Mon, 03 Oct 2022 01:33:57 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   1495356
Md5:    af737e86fc083a958d9f25203333f0be
Sha1:   cb0ee5d9a71efdf61b622bd4175998bdeecca900
Sha256: e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89838EDB1DBEB4C20F2F727A7E7AF581E9922EC87A883E28857D90FE145372B1"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2640
Expires: Mon, 03 Oct 2022 02:17:57 GMT
Date: Mon, 03 Oct 2022 01:33:57 GMT
Connection: keep-alive

                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvemm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         78.46.107.74
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Mon, 03 Oct 2022 01:33:57 GMT
content-length: 162
location: https://kvkiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /template/default_pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/template/default_pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: font/x-woff
                                        
Last-Modified: Thu, 25 Mar 2021 13:28:51 GMT
Accept-Ranges: bytes
ETag: "d22bbfcb7a21d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:38 GMT
Content-Length: 13408


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size:   13408
Md5:    99af6debcdaba3e7ffe01b4c3cbccacb
Sha1:   4efda64b06cd7c294f6214623bcb634f3def3bd1
Sha256: 1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7FD33318222C79DF793F46C989576BA973061BB005EC87CB9A85FC7AEDC87716"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10110
Expires: Mon, 03 Oct 2022 04:22:28 GMT
Date: Mon, 03 Oct 2022 01:33:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 01:33:58 GMT
Ali-Swift-Global-Savetime: 1664760838
Via: cache3.l2de2[192,192,200-0,M], cache3.l2de2[193,0], cache5.se1[213,212,200-0,M], cache5.se1[215,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 03 Oct 2022 01:33:58 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916647608379494505e

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:33:58 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 06 Oct 2022 23:09:41 GMT
ETag: "50796539da673acf976e0f53547cb2e22a4521b6"
Last-Modified: Sun, 02 Oct 2022 23:09:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 392
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541eec6cbf01c12-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    c4ffff52dba5f7225bb251f7cc934131
Sha1:   50796539da673acf976e0f53547cb2e22a4521b6
Sha256: afe76bea5a7883ab0abd24ed77f0349efa2f13f4bee130433353f44bfb7dc9f2
                                        
                                            GET /get-image/0xmAGT9KS9C HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         163.171.140.79
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 03 Oct 2022 01:33:58 GMT
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:12 (Cdn Cache Server V2.0)
x-ws-request-id: 633a3c06_PShlamstdAMS1se91_7469-16512
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   117593
Md5:    c4caa37b717580e8594587f32ca86470
Sha1:   a645ec82581a0b18f67444b62a062059adf78aa6
Sha256: 208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
                                        
                                            POST /s/gts1p5/K6q0Q6b0WUk HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:33:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "93CE926570EC5964F547715CA42489F9BE72AA002C004A424C11464134301CD9"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 03 Oct 2022 07:33:58 GMT
Date: Mon, 03 Oct 2022 01:33:58 GMT
Connection: keep-alive

                                        
                                            GET /guang/tupian/xtb1.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Sat, 17 Sep 2022 03:35:57 GMT
Accept-Ranges: bytes
ETag: "f65d609946cad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:38 GMT
Content-Length: 75259


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   75259
Md5:    03c13356e00c2033df2c88cb919251eb
Sha1:   f3a334a0366ddda6a87034f7d6c889c4d159dc8d
Sha256: 0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
                                        
                                            POST /s/gts1p5/K6q0Q6b0WUk HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:33:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvkiii.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.205
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 03 Oct 2022 01:33:58 GMT
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Fri, 28 Oct 2022 04:00:59 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 423179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CirOHnQwjdUxrOXGiijrl9X4dWz8NAS9Nt8Rg0GDfLrKEr2uoNy%2F4OqXg9mQqBQ9GG99XtFth3GW8l7zVRLeAl8%2FjoNy0OzrzMWfI5Ccq4tDS5kz2Ra9p6jK%2FuEm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541eec73eb1dd7f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   902313
Md5:    8b4a95ea7cfbb7fb4d2b18efca5145f3
Sha1:   d2966ecbeb7369620cce5dbcd15d0fe591d79648
Sha256: dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
                                        
                                            GET /static/images/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1 
Host: www.dxjyy110.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.231.38.159
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 03 Oct 2022 01:33:58 GMT
content-length: 9166
last-modified: Thu, 30 Jun 2022 06:45:34 GMT
etag: "62bd468e-23ce"
expires: Wed, 02 Nov 2022 01:33:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Size:   9166
Md5:    43ae14560cdbc69ce960a28002f04309
Sha1:   4dc694c2754882f840c77807016676732c38138b
Sha256: af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:33:58 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 07 Oct 2022 00:18:22 GMT
ETag: "51462273ad80b45e4a56bb07a88bf1e39a65b7e4"
Last-Modified: Mon, 03 Oct 2022 00:18:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1737
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541eec898d5b51e-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    42807fbdc2117a90bfe756a22493f5cd
Sha1:   51462273ad80b45e4a56bb07a88bf1e39a65b7e4
Sha256: f91f1364acb2e60720d1a2ed68a713d6ab9623916df081ce0ef865771495d400
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:33:58 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 03:45:13 GMT
Expires: Sun, 09 Oct 2022 03:45:12 GMT
Etag: "2ea06e0db30d52b44913d3ad929f265b83829b63"
Cache-Control: max-age=525673,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541eec778b50b4d-OSL

                                        
                                            GET /guang/cn/cnhf1.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Mon, 30 May 2022 16:09:21 GMT
Accept-Ranges: bytes
ETag: "3ba19f3f74d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:39 GMT
Content-Length: 137392


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   137392
Md5:    a112d6f3413ecd31e05d8176fe9d3f6d
Sha1:   0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
Sha256: 38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
                                        
                                            GET /hm.js?a73c6b3011c388d9ab88e39f4c6115e4 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Date: Mon, 03 Oct 2022 01:33:57 GMT
Etag: 7f985b9265cfac184e51eb332d3891f4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3A79FF26F87F2B2C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (627)
Size:   11340
Md5:    2ebca737aec4c95e240b999be391ac29
Sha1:   c464be29cfd6d0c63bab5071d4df8dc5c5f3bc40
Sha256: 6c2c2897a917b314a95000ffceb99f5b255e3f1acfdcaae60f2461e71cd4ed04
                                        
                                            GET /images/6333d769b343e4feb1c127a4.gif HTTP/1.1 
Host: img.x995.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.222.2
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/2b3f42ed9a9e4a988915ad71e92406ca
cache-control: max-age=3600
X-Firefox-Spdy: h2

                                        
                                            GET /obj/tos-cn-i-dy/2b3f42ed9a9e4a988915ad71e92406ca HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.225
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 384491
date: Wed, 28 Sep 2022 06:29:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 28 Sep 2022 05:11:14 GMT
nw-session-id: 2022092813111401021019602137DDB0C8kfr2s03dy
nw-session-trace: 2022-09-28T13:11:14.332675661+08:00 80
x-bdcdn-cache-status: TCP_HIT
x-length: 384491
x-powered-by: ImageX
x-response-date: Wed, 28 Sep 2022 13:11:14 GMT
x-tt-logid: 2022092813111401021019602137DDB0C8
via: n131-120-212, cache19.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache4.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:15:302::70
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017ecced6b87d18793d82870668b6a8f91ff2e0b4643ee796e576287e6999f1a5aeb216d8b5dd9e7d375b917258cc91dc03a36d492e86c9233c5d636239235aff7b4ce801a60f0ea0dc6ffbd915bd7bd4242382cf1385e38fcbcf80f8ba724545b
x-response-lb: image
ali-swift-global-savetime: 1664346591
age: 414247
x-cache: HIT TCP_MEM_HIT dirn:2:467514351
x-swift-savetime: Wed, 28 Sep 2022 07:23:24 GMT
x-swift-cachetime: 31532787
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916647608387175004e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 80\012- data
Size:   384491
Md5:    627acd5c4c2a9bb3bbf10748f1931947
Sha1:   0529b42ebe54b2cc9ed886ab83b50b8f14642062
Sha256: a62b3a5eba800520fbb7b334c00db2e9f76e438891ae150c3b2d681ef228954a
                                        
                                            GET /tu-2022290039/960-60.gif HTTP/1.1 
Host: pic.picnewsss.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.139.251
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cache-control: max-age=2592000
date: Sun, 02 Oct 2022 17:02:24 GMT
etag: "1664730144"
expires: Tue, 01 Nov 2022 17:02:24 GMT
last-modified: Sun, 02 Oct 2022 17:02:24 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 231270
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   231270
Md5:    2f2c8ec52149276d3ef1c493494dcdd9
Sha1:   f6f8e0965653c402469862d8cdc7e57df1ddc846
Sha256: a1274ed00e690cfe012e394ca855570f6ebb32e625385597f8ecb5110e444a08
                                        
                                            GET /guang/name.html HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2022 11:35:17 GMT
Accept-Ranges: bytes
ETag: "3f8d78ff3d77d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:39 GMT
Content-Length: 725


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   725
Md5:    38e7bb8113e97854cd5f903a1d4544b2
Sha1:   74d991dc005fd03f295f01de3e588344c34f9d1f
Sha256: 795b6fe5fe8bc70643f3cbf8bb528d5fe87d619106ba41667301f17c96542722
                                        
                                            GET /go1?id=21304457&rt=1664760837327&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%258C%2585%25E5%25AD%2590%25E8%25A7%2586%25E9%25A2%2591%2520www.baozishiping.com%2520%25E6%25AC%25A2%25E8%25BF%258E%25E6%2582%25A8%25E7%259A%2584&ing=1&ekc=&sid=1664760837327&tt=%25E5%258C%2585%25E5%25AD%2590%25E8%25A7%2586%25E9%25A2%2591&kw=%25E5%258C%2585%25E5%25AD%2590%25E8%25A7%2586%25E9%25A2%2591%2520www.baozishiping.com&cu=https%253A%252F%252F566ben.com.999nan.com.999hen.com.bbz20.xyz%252F&pu=http%253A%252F%252Ffacai688.xyz%252F HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Mon, 03 Oct 2022 01:33:58 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=9200b8dd7d3631377c5; path=/ HWWAFSESTIME=1664760835263; path=/

                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=706635322&si=a73c6b3011c388d9ab88e39f4c6115e4&su=http%3A%2F%2Ffacai688.xyz%2F&v=1.2.97&lv=1&sn=40768&r=0&ww=1268&ct=!!&u=https%3A%2F%2F566ben.com.999nan.com.999hen.com.bbz20.xyz%2F&tt=%E5%8C%85%E5%AD%90%E8%A7%86%E9%A2%91 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 03 Oct 2022 01:33:58 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1FDF9FCDE07C4A3F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /8b17fd7403f34d279e1a46c3c348684b.gif HTTP/1.1 
Host: 539397377.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Mon, 03 Oct 2022 01:33:57 GMT
Content-Length: 82543
Connection: keep-alive
x-oss-request-id: 633A3C05D14BBC373214C461
Accept-Ranges: bytes
ETag: "B8D480A34455FCE5B4F033EC1D6DC73E"
Last-Modified: Fri, 22 Jul 2022 08:07:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5142895331750986007
x-oss-storage-class: Standard
Content-MD5: uNSAo0RV/OW08DPsHW3HPg==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 100\012- data
Size:   82543
Md5:    b8d480a34455fce5b4f033ec1d6dc73e
Sha1:   fefed07cbe0b2ff6c6d0d68e66957308824000dc
Sha256: 55cbdd63feae1f58c730fc95162545c02d9032f499dff5197c11744d7532d184
                                        
                                            GET /guang/cn/j2.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Sat, 23 Jul 2022 13:55:06 GMT
Accept-Ranges: bytes
ETag: "3469a7d09b9ed81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:38 GMT
Content-Length: 213805


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   213805
Md5:    f410f5836079ff0b5cd79587a13c8dfa
Sha1:   f0962f95bcb436be5121eb66b143c04daeaf74db
Sha256: 38563dbaaf4cb7aa5ff89f1fb50ab63a477cf7772b4065c407bf5d246fa8dcb3
                                        
                                            GET /4fe2b2a7d33f4c66a1aa0bd1ae2b2824.gif HTTP/1.1 
Host: 66377311795.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.59
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62ef736b-f90bb"
Date: Sun, 25 Sep 2022 03:48:02 GMT
Server: nginx
Last-Modified: Sun, 07 Aug 2022 08:10:19 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-29
Content-Length: 1020091


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   1020091
Md5:    b3aedc862671b2fa2e2922fadaa38add
Sha1:   8134113e40aa47b7b0508e81c447ccea8c10e7c0
Sha256: d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
                                        
                                            GET /gg/960X60.gif HTTP/1.1 
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.62
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Mon, 03 Oct 2022 01:33:58 GMT
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 633A3C06FDBA0C353264638A
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   95856
Md5:    57557d6b489d522d480d9b82ce29db65
Sha1:   da2d3b35f0c9534e84e50310aeafe73173037315
Sha256: 4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
                                        
                                            GET /guang/gundong.css HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/guang/name.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 21:57:16 GMT
Accept-Ranges: bytes
ETag: "046aecc8039d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:40 GMT
Content-Length: 79959


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   79959
Md5:    0a071f5e220f737b7f81597c017b7a42
Sha1:   4e90a6dd009d91a0840b7ee6c9e41433c6ceab2b
Sha256: 32f6d52e57c617a3eec55cd8565437304aa8470c958386da2c5a8f308dab3570
                                        
                                            GET /guang/cn/8499.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Sun, 14 Aug 2022 05:14:20 GMT
Accept-Ranges: bytes
ETag: "09e5db59cafd81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:38 GMT
Content-Length: 245730


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   245730
Md5:    e7c9418cc4b1db452845d03cb45877a6
Sha1:   d0706feced92a11abc2cb112d7f031238fd614e9
Sha256: 6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b
                                        
                                            GET /guang/tupian/db2.jpg HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:35 GMT
Accept-Ranges: bytes
ETag: "ca8c9773de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:41 GMT
Content-Length: 7242


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Size:   7242
Md5:    965360a0c06bf3b95a73ea8e5b079524
Sha1:   c131944c0625fc647c7c7c4d355943dbc2c55c34
Sha256: 82a013f5ff2ecd7a01e01a9a87b1fd491f5b4549b42178b54c06af49f77dfe91
                                        
                                            GET /guang/cn/cnhf3.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Mon, 13 Sep 2021 09:15:43 GMT
Accept-Ranges: bytes
ETag: "7249ded7fa8d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:39 GMT
Content-Length: 515093


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   515093
Md5:    715e7d06c21c801c57b951547791e92d
Sha1:   43ac191afa689e92fab81ce6c70a9d2abf72ae9f
Sha256: 27e84b21dfde6efd2edb18feb7aa8f0ddb8316e8d23dacbfd8bfd09b20530405
                                        
                                            GET /guang/cn/j0.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 26 Aug 2022 15:22:31 GMT
Accept-Ranges: bytes
ETag: "42fe8a85fb9d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:38 GMT
Content-Length: 408562


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   408562
Md5:    ab32f3726f3bc4124ed9108bb6a50822
Sha1:   3fe6a612be3f8b245b1843825b715460052949b8
Sha256: f875e2e0210418ee7d7f7e4704ec9f9ce5ae99877ea604c0ff39be93e1b57048
                                        
                                            GET /template/default_pc/static/images/pic.png HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/template/default_pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 25 Mar 2021 13:28:35 GMT
Accept-Ranges: bytes
ETag: "c293f8c17a21d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:42 GMT
Content-Length: 2790


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   2790
Md5:    c4c07b5b1da14c19ea0bf0d7ca186190
Sha1:   49cc1b883734ebbf7f14e94ed9ed30c479e0aa0a
Sha256: 14db7f862e75e11f1e4bdf9ab0f490340f67dffd1bc22d5e66587787e3f9d883
                                        
                                            GET /guang/tupian/db6.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:04 GMT
Accept-Ranges: bytes
ETag: "e3fcd760de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:41 GMT
Content-Length: 905505


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   905505
Md5:    3abde39f91e4a75e550b7e50eb25e68a
Sha1:   75e357b027236d81ea4b1002d992117d53212bd8
Sha256: 2ee18fe5f2dec0caa8ddca814b0f318e2574bd52b389bb8a2348356567a7db7d
                                        
                                            GET /guang/tupian/db4.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:33:19 GMT
Accept-Ranges: bytes
ETag: "446a2822de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:41 GMT
Content-Length: 6977151


--- Additional Info ---
                                        
                                            GET /guang/tupian/db5.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:33:49 GMT
Accept-Ranges: bytes
ETag: "ba7a734de50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:41 GMT
Content-Length: 1241506


--- Additional Info ---
                                        
                                            GET /guang/tupian/db1.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:31:42 GMT
Accept-Ranges: bytes
ETag: "3803ee8dd50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:38 GMT
Content-Length: 576176


--- Additional Info ---
                                        
                                            GET /guang/tupian/db3.gif HTTP/1.1 
Host: 566ben.com.999nan.com.999hen.com.bbz20.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://566ben.com.999nan.com.999hen.com.bbz20.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         142.91.194.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Fri, 15 Apr 2022 15:35:50 GMT
Accept-Ranges: bytes
ETag: "e1b16f7cde50d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 03 Oct 2022 01:33:38 GMT
Content-Length: 1633172


--- Additional Info ---