Overview

URL m.m.need.jamaicaexposed.com/newslist/945
IP168.76.201.230
ASNClayer Limited
Location South Africa
Report completed2022-11-25 09:16:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 m.m.need.jamaicaexposed.com/newslist/945 Phishing
2022-11-25 2 m.m.need.jamaicaexposed.com/template/news/xs03/js/87b2493f.js Phishing
2022-11-25 2 m.m.need.jamaicaexposed.com/template/news/xs03/js/index.js Phishing
2022-11-25 2 m.m.need.jamaicaexposed.com/template/news/xs03/js/yw_risk_verify.js Phishing
2022-11-25 2 m.m.need.jamaicaexposed.com/template/news/xs03/js/vue.min.js Phishing
2022-11-25 2 m.m.need.jamaicaexposed.com/template/news/xs03/js/8628e719.js Phishing
2022-11-25 2 m.m.need.jamaicaexposed.com/js/orsxg5a.script Phishing
2022-11-25 2 m.m.need.jamaicaexposed.com/template/news/xs03/style/qd_iconfont.89b51.woff Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.162.110.205
mnemonic passive DNS static.geetest.com (1) 28117 2018-10-16 08:35:16 UTC 2020-04-10 07:41:59 UTC 54.230.111.5
mnemonic passive DNS ocsp.digicert.cn (2) 37572 No data No data 47.246.44.205
mnemonic passive DNS hm.baidu.com (4) 8254 2012-05-26 08:38:45 UTC 2020-02-11 02:47:13 UTC 103.235.46.191
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
mnemonic passive DNS m.m.need.jamaicaexposed.com (14) 0 No data No data 168.76.201.230 Unknown ranking
mnemonic passive DNS gzyykf.com (1) 0 2021-03-03 04:53:19 UTC 2022-11-21 06:49:45 UTC 154.38.246.38 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS baidu.sina.cn.sunbronzetan.com (1) 0 2022-11-21 06:33:27 UTC 2022-11-21 06:49:44 UTC 23.224.78.187 Unknown ranking
mnemonic passive DNS ww.bat-carrers.com (17) 0 2022-10-18 08:22:51 UTC 2022-11-21 06:49:45 UTC 23.224.78.186 Unknown ranking
mnemonic passive DNS cn.cnguigui.com (9) 0 No data No data 58.218.208.91 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (4) 344 No data No data 23.36.76.226
mnemonic passive DNS pv.sohu.com (1) 19261 2012-06-20 07:29:39 UTC 2019-11-24 11:20:38 UTC 52.156.120.137
mnemonic passive DNS ssl.captcha.qq.com (1) 53252 2012-11-03 19:41:33 UTC 2022-11-25 08:35:41 UTC 203.205.235.65
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 168.76.201.230

Date UQ / IDS / BL URL IP
2022-11-25 09:16:01 +0000
0 - 0 - 8 m.m.need.jamaicaexposed.com/newslist/945 168.76.201.230
2022-11-24 21:16:19 +0000
0 - 0 - 7 m.m.feel.enlaceradiofm.com/ 168.76.201.230
2022-11-24 21:16:20 +0000
0 - 0 - 7 m.m.feel.enlaceradiofm.com/ 168.76.201.230

Last 5 reports on ASN: Clayer Limited

Date UQ / IDS / BL URL IP
2022-12-08 11:58:48 +0000
0 - 0 - 2 eastereggspecialties.com/ 168.206.71.163
2022-12-08 08:11:05 +0000
0 - 0 - 30 jljne.com/ 160.121.5.194
2022-12-08 02:07:29 +0000
0 - 0 - 1 paraspikavippi.com/ 168.206.255.66
2022-12-07 23:52:52 +0000
0 - 0 - 27 zmdjn.com/ 160.121.150.142
2022-12-07 15:59:57 +0000
0 - 0 - 1 shunganjiaoshui.com/ 155.159.102.179

Last 1 reports on domain: jamaicaexposed.com

Date UQ / IDS / BL URL IP
2022-11-25 09:16:01 +0000
0 - 0 - 8 m.m.need.jamaicaexposed.com/newslist/945 168.76.201.230

No other reports with similar screenshot



JavaScript

Executed Scripts (22)


Executed Evals (1)

#1 JavaScript::Eval (size: 469, repeated: 1) - SHA256: 85542226f39c03e685cc658dc0d8328e4a4d3d6d91b34d12717f3b8f401003d9

                                        document.write('<div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" width="1400" height="100%" src="http://baidu.sina.cn.sunbronzetan.com"></iframe></div><style type="text/css">html{width:100%;height:100%}body {width:100%;height:100%;overflow:hidden}</style>');
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 450, repeated: 1) - SHA256: c5cd4717d946a5eafb134bd6cac2ea727ec7e294416d235ffdf339f3983407e5

                                        < div id = "showcloneshengxiaon"
style = "height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;" > < iframe scrolling = "yes"
marginheight = 0 marginwidth = 0 frameborder = "0"
width = "100%"
width = "1400"
height = "100%"
src = "http://baidu.sina.cn.sunbronzetan.com" > < /iframe></div > < style type = "text/css" > html {
    width: 100 % ;height: 100 %
}
body {
    width: 100 % ;height: 100 % ;overflow: hidden
} < /style>
                                    


HTTP Transactions (70)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12066
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 09:15:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4538
Cache-Control: max-age=95462
Date: Fri, 25 Nov 2022 09:15:47 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:46:49 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4910
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 09:15:47 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:19:04 GMT
cache-control: public,max-age=3600
age: 3403
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: uzd1DIRQyIfg+sYp7DjfhXLGMxGt4vBw0xQT1i5z5FMIpoDXeQkS32S9oxvSeSSGy5CrGLHD3TA=
x-amz-request-id: 2VDHT2HA11KNNQ09
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:40:44 GMT
age: 2103
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 09:15:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 277
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4247
Cache-Control: max-age=90108
Date: Fri, 25 Nov 2022 09:15:48 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:17:36 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y2MPQWRjv8cNadbDD1Sihw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.162.110.205
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JPiaqw95ImmCgBGXoN9o0mz5zj8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2624
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:15:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2624
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:15:50 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 25702
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
age: 42049
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6130
Md5:    ba7b9c131ab7e5998f25b069ba3860a0
Sha1:   0214fc0deecb1115766802f42cfd256e3c479490
Sha256: 717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2351
x-amzn-requestid: 141bbf99-5d78-4b9c-a537-491718aee68a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b43YGE_SoAMFlbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d29a-00017cd344caea2b6408aeb3;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:09:14 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 1-8WM-7tNqakPDW9-K0GVbOKdotndEXj2QeJzw3cJol-g9TT5IVyOQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 16:45:53 GMT
age: 59397
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2351
Md5:    66d06d3cac1784e4ce6c8c89c300f10a
Sha1:   41ef94d198bbf98185eb332a3b6934c3c26c3afc
Sha256: 55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e4ptr__XHPd9Qsf8lEDqiZGKptuB9en72UAucNWxlGG_mEbhpFgdA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:43:51 GMT
age: 5519
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10950
Md5:    4abf25d4a15ce58edadd54994b3434a2
Sha1:   18800e21d05596f7b64213072dee7dda5c1faf61
Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:59:49 GMT
age: 36961
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6ibPrCdDNQqWzxiVYDsl87yUfTP8sUmu22GbhBdDHJruil0qxbw7Fw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:00 GMT
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
age: 42050
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8917
Md5:    5863138af1ddbba34a7856242a7b3a06
Sha1:   2eba66ff6539388c48562503e8d11ff0e060350a
Sha256: d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
                                        
                                            GET /newslist/945 HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CR line terminators
Size:   4431
Md5:    1a42ccfcc07a59574a75326ca61c259e
Sha1:   4cd27f3e903e1be504a2dbbc7a5039c500a319fb
Sha256: d586b60f9b3a163e837f9c0a240d8507b97b64aebf78da4ef1583b598e8f3dce

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /template/news/xs03/js/87b2493f.js HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Last-Modified: Mon, 14 Mar 2022 12:54:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3b08-81fa"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (33268), with no line terminators
Size:   16694
Md5:    236accf051851eb0cd6a8c90819ddcd0
Sha1:   31c03f285e5a557892d749d66f8b5d32a26427b1
Sha256: 44c7e840b4a06e78f46c71ef699a7a06f9bd000d12668abe0d6a9520d6c37c7e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /template/news/xs03/js/index.js HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Last-Modified: Mon, 14 Mar 2022 13:01:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cb6-6591"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (26000)
Size:   10030
Md5:    974637cf7c68d28637ba8617ea9eccea
Sha1:   fcfdae2bf98be208aa7d41cfaa4d9c46c7d29ae3
Sha256: b7142c7c63db06112a60b19b27e449526fa444f78dbaf953060a60725362adc7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /template/news/xs03/js/yw_risk_verify.js HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Last-Modified: Mon, 14 Mar 2022 13:01:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cbc-2346"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   3091
Md5:    994f3b9a8da777a0ace4c9a90c4a983a
Sha1:   4d2306de5fb9241e85b56a2d9f3cd396fe8d9892
Sha256: 77169215db72482c1a58bd8917696aac49eab6d887bd86892feac2db50d06d41

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /template/news/xs03/css/vote_popup.3f2e7.css HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Last-Modified: Mon, 14 Mar 2022 13:01:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cb6-3646c"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size:   40667
Md5:    22929c59d24fe2660de533b52edecfd0
Sha1:   2e6bfc0ff3d39f9b5b4b7f2ef3cb139998046858
Sha256: d2f85db5428bc9a95dc6f2e3ca968e4452e4e76aac0180b8530f7dea9fdfd685
                                        
                                            GET /template/news/xs03/js/vue.min.js HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Last-Modified: Mon, 14 Mar 2022 13:01:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cbe-16deb"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65449)
Size:   37963
Md5:    83064958eb297e3f201535aeee6237bb
Sha1:   7cf29370c352aa7a5fa2196605c19b470025d3be
Sha256: b2ebe722d2afb3548812b9fc0b5e82b125d8c178005e90be2b9311752a977025

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /template/news/xs03/js/8628e719.js HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Last-Modified: Mon, 14 Mar 2022 13:01:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cb8-2f8fb"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   73395
Md5:    ad13bd7c92519b2acf63a8e748b84593
Sha1:   4e5c71f43ea6d989ea9502313058d7ec64aa4a8a
Sha256: 9f00addefc362bfc7bdd8933cad9c3a08aeb26741b1b15aa7408b7a886c17301

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/orsxg5a.script HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (469), with CRLF line terminators
Size:   768
Md5:    beb4cfb02e7d6494b4c21a57b799e640
Sha1:   0afb18a4f08b795691e091ceb4b49ddcbbea03d7
Sha256: af1a8ad43f481c022fe3f940766d9fb5272759c06e203b9cb041c470c5c5e992

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /template/news/xs03/style/body_base_bg.5988a.png HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:52 GMT
Content-Length: 749
Last-Modified: Mon, 14 Mar 2022 13:00:44 GMT
Connection: keep-alive
ETag: "622f3c7c-2ed"
Expires: Sun, 25 Dec 2022 09:15:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 50 x 50, 2-bit colormap, non-interlaced\012- data
Size:   749
Md5:    5988a4df869f8595ded9f00c462073dc
Sha1:   87d646ef37d27ad1f16dd7ebceabb84738e8fb4f
Sha256: f1ddcb56476e6e4795ba35ff5f27b23c00f53104331bafebfe2f0530d183e4aa
                                        
                                            GET /template/news/xs03/style/logo.d41d3.png HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:52 GMT
Content-Length: 675
Last-Modified: Mon, 14 Mar 2022 13:00:36 GMT
Connection: keep-alive
ETag: "622f3c74-2a3"
Expires: Sun, 25 Dec 2022 09:15:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size:   675
Md5:    d41d31597fe6e8a0ae55f3055108954a
Sha1:   5d537f9010a9062ac8efb1733d42d9ab718a67bb
Sha256: 8a9a58f2d3459018c134d343529c37d56374246f9511323cea539c19709c10c1
                                        
                                            GET /template/news/xs03/style/basic_bg.edf95.png HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:52 GMT
Content-Length: 559
Last-Modified: Mon, 14 Mar 2022 13:00:38 GMT
Connection: keep-alive
ETag: "622f3c76-22f"
Expires: Sun, 25 Dec 2022 09:15:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 50 x 50, 2-bit colormap, non-interlaced\012- data
Size:   559
Md5:    edf95374c95def46f168a37ffb50a6ff
Sha1:   9152a6ec9a675abb4bcb8936c677c92dab5f8658
Sha256: 645eac5eda6270e4dcae14cbfe30eb26bb3b796661adad752c1287e1b5240188
                                        
                                            GET /template/news/xs03/style/qd_iconfont.89b51.woff HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css

                                         
                                         168.76.201.230
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:53 GMT
Content-Length: 36540
Last-Modified: Mon, 14 Mar 2022 13:00:22 GMT
Connection: keep-alive
ETag: "622f3c66-8ebc"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 36540, version 0.0\012- data
Size:   36540
Md5:    89b5125a782e80a3a621dd00221a637c
Sha1:   6393b3b6854c8ed81aa42ee6a2d611f73dd765ec
Sha256: 019c711dbbb29626135cabe95a72e52ddf4336f2d2794b117a1a3604dcc92c26

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /uploads/images/423029.jpg HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945

                                         
                                         168.76.201.230
HTTP/1.1 301 Moved Permanently
Content-Type: image/jpg; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location:

                                        
                                            GET / HTTP/1.1 
Host: baidu.sina.cn.sunbronzetan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Upgrade-Insecure-Requests: 1

                                         
                                         23.224.78.187
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1756), with CRLF line terminators
Size:   9899
Md5:    c55c00702751952c7d48b5ad6fca3aae
Sha1:   2290b0dd8d9e63bc167111ffa4e95f79d4648ec6
Sha256: be19a104add1021ba372b9bf0207f4d7ac5ed91bf5a8f3c451d8099a1ec7052e
                                        
                                            GET /static/tools/gt.js HTTP/1.1 
Host: static.geetest.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.5
HTTP/2 200 OK
content-type: text/javascript
                                        
last-modified: Mon, 07 Mar 2022 03:04:37 GMT
x-amz-meta-mtime: 1623160262
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Nov 2022 08:16:07 GMT
etag: W/"b7ef83f69e18bd9c2c631a41286a7b0b"
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dA5MbuQtYNaLez52GH6bJr-FMfxhu13AnZPgvtDTK0ySPYmGOOohTg==
age: 521987
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 text
Size:   2914
Md5:    c0114b842177a0c58f1a81fa20e96e2b
Sha1:   ad81893d7af367f90b99a233e7c9188c2250d416
Sha256: 3abfed7b5b2d450de59385134b6d9d7d5a8e1702ebd09a5a3480c0211cd3c3f8
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:15:54 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 05:29:03 GMT
ETag: "046b2504cd1ea4b2ffff546294d01424a87ee1df"
Last-Modified: Fri, 25 Nov 2022 05:29:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3286
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9484fe97fb50c-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    9c097ef29db61ce9a3682e9cf73d9547
Sha1:   046b2504cd1ea4b2ffff546294d01424a87ee1df
Sha256: 2cc460e5a0fe2a3d8960df02950065d7b5643acd061bf8348b0be836d8472c04
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:15:54 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 05:29:03 GMT
ETag: "046b2504cd1ea4b2ffff546294d01424a87ee1df"
Last-Modified: Fri, 25 Nov 2022 05:29:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3286
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9484ff986b50c-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    9c097ef29db61ce9a3682e9cf73d9547
Sha1:   046b2504cd1ea4b2ffff546294d01424a87ee1df
Sha256: 2cc460e5a0fe2a3d8960df02950065d7b5643acd061bf8348b0be836d8472c04
                                        
                                            GET //js/common.js HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Last-Modified: Sun, 05 Dec 2021 11:58:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca97c-442"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   504
Md5:    2995a7190c5a9b6b8b4c6687c554afdc
Sha1:   05398282f3f0fe25f39973c9666923e8932a629d
Sha256: c83d26d939249b16682dae2853e2a43a2ecf60a72b2356117db7734ce26b8729
                                        
                                            GET /css/iconfont.css HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Length: 898
Last-Modified: Mon, 03 Jan 2022 04:24:20 GMT
Connection: keep-alive
ETag: "61d27a74-382"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text
Size:   898
Md5:    bb3b6aedcf16dac97eb1395eef782d00
Sha1:   7fc0ea825524f0167e92a9ca0ef3ec9cf4e908d1
Sha256: a34d9de56ec54027b93f921b8520f0c9c3db2474b0cdc2dddc40eadcbd03047d
                                        
                                            GET /css/common.css HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Last-Modified: Sat, 10 Sep 2022 14:33:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"631ca047-6ccc"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text
Size:   6605
Md5:    751b30d529f201cdb2971957d58afd35
Sha1:   a368b2a49883d606e0c076c14ccc7685a1a22142
Sha256: cef92aa6677e32f1a1ac65ef5956b49df8b8aeac356aa6aa1391f6ba37a9a7d5
                                        
                                            GET //css/style.css HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Last-Modified: Mon, 03 Jan 2022 04:24:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d27a82-ba6"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   1078
Md5:    62f9e79d41133f00ec8477aa0bcd7ace
Sha1:   41939474e59b0334e4ffff9fcb0c24c9dc22a9a1
Sha256: 75684961f21ff0ea0e31ac480375593c1f7e48085be798f08aca8085704d987b
                                        
                                            GET /css/swiper-bundle.min.css HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Last-Modified: Sun, 05 Dec 2021 11:56:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca8e5-2db0"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (11440)
Size:   2753
Md5:    bf0ca6e80f3f053ed8eace126253fab5
Sha1:   766bf7d9f21ab9cc59c451b76d1b7a971aebf744
Sha256: 72359398a79e5e9dc11d37a541dbad00c3f1c29779444ddf0f0d65631c8d511a
                                        
                                            GET //css/index.css HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Length: 357
Last-Modified: Sun, 05 Dec 2021 11:56:20 GMT
Connection: keep-alive
ETag: "61aca8e4-165"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  troff or preprocessor input, Unicode text, UTF-8 (with BOM) text
Size:   357
Md5:    e05c1975031f1fa86951ce176b11a050
Sha1:   c7419b4a1a1b2b6c164cf2c480be379a89c2291f
Sha256: 5396516ab3b919c4733b82cd8091799915680ec279c5af93ef9c4bde4ec7d567
                                        
                                            GET //js/base64.js HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Last-Modified: Sun, 05 Dec 2021 11:58:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca97b-ab8"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1268
Md5:    a644dce3631a223024118c5e09b4c589
Sha1:   515eb87ae4fa2a5d871366845c3707b70a804911
Sha256: 66d0cf4c18d607f563c6afccd894886f28ef41ba5ee941c546ee4e6106b52a29
                                        
                                            GET /js/base.js HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Last-Modified: Sun, 05 Dec 2021 11:58:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca97a-43d"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   494
Md5:    bab56507d22811dff068b8ed1b5cf76c
Sha1:   561a8f155f01dd4d33e055e70437bc24d329f6d2
Sha256: b96f9e7b9365b7d096b61f345df62808926a31233d303638feb860f56ecb040a
                                        
                                            GET /css/style.css HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Last-Modified: Mon, 03 Jan 2022 04:24:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d27a82-ba6"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   1078
Md5:    62f9e79d41133f00ec8477aa0bcd7ace
Sha1:   41939474e59b0334e4ffff9fcb0c24c9dc22a9a1
Sha256: 75684961f21ff0ea0e31ac480375593c1f7e48085be798f08aca8085704d987b
                                        
                                            GET /js/modal.js HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Last-Modified: Sun, 05 Dec 2021 11:58:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca979-26db"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   3039
Md5:    be7a7ac32b5d9791c6b46b96f44f05eb
Sha1:   8c9fa928512d862c331ada80e2b9b64b27752f2a
Sha256: 432c36e8803d5eacb76fb87420c09a3d98be863f38ef5bd24b193991e4ddb0c5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:15:55 GMT
Last-Modified: Fri, 25 Nov 2022 02:19:06 GMT
ETag: "6380261a-1d7"
Expires: Sun, 27 Nov 2022 02:19:06 GMT
Cache-Control: max-age=147791
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669367755
Via: cache25.l2de2[293,292,200-0,M], cache25.l2de2[294,0], cache4.se1[317,316,200-0,M], cache4.se1[318,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 09:15:55 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816693677547513376e

                                        
                                            GET /hm.js?d3fae4155d7740586a2f740fb9be8dc1 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Date: Fri, 25 Nov 2022 09:15:54 GMT
Etag: 73fbcc01ca4ec0f1f3d9f293af5b13f1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=817B7B90F4471021; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (616)
Size:   11254
Md5:    413204901dbea7e67888d8f3ec745406
Sha1:   4f33b0b36653bcb2bfa2e1c6075438507f781d9c
Sha256: 31481fac55487a9e1042e570618f3d4f3eb0868dc9a058841fefffc26aec2689
                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Last-Modified: Sun, 05 Dec 2021 11:58:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca978-15d9d"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   34778
Md5:    581d5dbdcf26ba2614721e41b238c2c7
Sha1:   bfde8b5e1d2a57ceafcaf76fc5088a48f2964745
Sha256: cb0ae46753c8b5f437bb72dc01417690f0b520bbabecc486d06bd421d552d3d0
                                        
                                            GET /js/swiper.min.js HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Last-Modified: Sat, 27 Nov 2021 11:24:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61a21573-21fb7"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65280)
Size:   41404
Md5:    21d7e53ea970b281eb10984bac11d7f1
Sha1:   31eb0f4fa6027ddd5c103dd8b1a4d78e95413e3a
Sha256: fb1ea2b5e494711771a0717afdeb0ca073d512c38d68893e703673c73420f995
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:15:55 GMT
Last-Modified: Fri, 25 Nov 2022 02:19:06 GMT
ETag: "6380261a-1d7"
Expires: Sun, 27 Nov 2022 02:19:06 GMT
Cache-Control: max-age=147791
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669367755
Via: cache16.l2de2[278,277,200-0,M], cache16.l2de2[278,0], cache8.se1[299,299,200-0,M], cache8.se1[301,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 09:15:55 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16693677549373542e

                                        
                                            GET /images/screen-help-close.png HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /hm.js?5ebe115b0cb7e80916994e584d4c1d7b HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Date: Fri, 25 Nov 2022 09:15:54 GMT
Etag: 468db1d16850b3e3dd12a2261aa7d8ba
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=53563F22FF543646; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (621)
Size:   11259
Md5:    8f0f5fc8fd98a1df1f20ed174caa1304
Sha1:   20e8342fd307e5923d02c59203375f838d974ca9
Sha256: 4e0cdce6bf9ccc83e61c54a2db61f65b0ddeb191c9ced38ab61bde4aa84e42fc
                                        
                                            GET /images/screen-help.png HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         23.224.78.186
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /images/bg-header-block.jpg HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.bat-carrers.com/css/common.css

                                         
                                         23.224.78.186
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Length: 1289
Last-Modified: Sat, 17 Sep 2022 10:55:53 GMT
Connection: keep-alive
ETag: "6325a7b9-509"
Expires: Sun, 25 Dec 2022 09:15:42 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 184x90, components 3\012- data
Size:   1289
Md5:    e9c25977e4643fcd242a4af2a90df357
Sha1:   02f74a5a56496ef57fee570943dc0befbadd5d84
Sha256: 4b796c23be540a3a5a4306d09ba9a673f54c0ff5a8183a422867e5c2982c39ba
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=622693146&si=d3fae4155d7740586a2f740fb9be8dc1&v=1.3.0&lv=1&sn=60235&r=0&ww=1280&u=http%3A%2F%2Fm.m.need.jamaicaexposed.com%2Fnewslist%2F945&tt=%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9C%8B%E7%9A%84www%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91%E5%8A%A8%E6%BC%AB-%E5%AE%8C%E6%95%B4%E7%89%88%E7%BB%BC%E8%89%BA%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-%E5%85%A8%E9%9B%86%E7%8B%AC%E6%92%AD HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 25 Nov 2022 09:15:55 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DD0B6E4B1E8DE91E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /images/decoration-1.png HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.bat-carrers.com/css/common.css

                                         
                                         23.224.78.186
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /images/decoration-3.png HTTP/1.1 
Host: ww.bat-carrers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.bat-carrers.com/css/common.css

                                         
                                         23.224.78.186
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /images//googlelogo_color_92x30dp.png HTTP/1.1 
Host: gzyykf.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         154.38.246.38
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:55 GMT
Content-Length: 2919
Last-Modified: Wed, 21 Sep 2022 09:34:48 GMT
Connection: keep-alive
ETag: "632adab8-b67"
Expires: Sun, 25 Dec 2022 09:15:55 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 184 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   2919
Md5:    82749163055f6fb9893d781e2d78b773
Sha1:   e221bacd6ab355196e19a7d11be01d5225103a1d
Sha256: 90ce32006cbe9897c5f84f9cad1207df13ff14e9a6b2f762eb5d9f8e67f4cccb
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=325712484&si=5ebe115b0cb7e80916994e584d4c1d7b&v=1.3.0&lv=1&sn=60235&r=0&ww=1280&u=http%3A%2F%2Fm.m.need.jamaicaexposed.com%2Fnewslist%2F945&tt=%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9C%8B%E7%9A%84www%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91%E5%8A%A8%E6%BC%AB-%E5%AE%8C%E6%95%B4%E7%89%88%E7%BB%BC%E8%89%BA%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-%E5%85%A8%E9%9B%86%E7%8B%AC%E6%92%AD HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 25 Nov 2022 09:15:55 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D503D91ED426D998; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /a054.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 41905
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:32:29 GMT
x-oss-request-id: 63807D9DDF727131317DD6BE
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "575D9D9B7C896960541DE2B4258C458D"
Last-Modified: Sat, 01 Oct 2022 12:51:28 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16325485807125219944
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: V12dm3yJaWBUHeK0JYxFjQ==
x-oss-server-time: 11
Ali-Swift-Global-Savetime: 1669365149
Via: cache54.l2cn2647[85,85,304-0,M], cache18.l2cn2647[86,0], kunlun2.cn192[0,0,200-0,H], kunlun2.cn192[1,0]
Content-Encoding: gzip
Age: 2606
X-Cache: HIT TCP_MEM_HIT dirn:10:210722742
X-Swift-SaveTime: Fri, 25 Nov 2022 08:32:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01616693677555874545e


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 150\012- data
Size:   41905
Md5:    5bbf8d2eddf8483d7a8eed6edefa4ea8
Sha1:   32d0499d12a8eaa6a34b1662b4402c4fff97377e
Sha256: eb650860a7e1da8575d15db8e0ad74e6cc57e4f411f281071f6f2eb9593260a3
                                        
                                            GET /cityjson?ie=utf-8 HTTP/1.1 
Host: pv.sohu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         52.156.120.137
HTTP/1.1 200 OK
Content-Type: text/json; charset=utf-8
                                        
Content-Length: 75
Connection: keep-alive
Server: nginx/1.0.15
Date: Fri, 25 Nov 2022 09:15:55 GMT
FSS-Proxy: Powered by 5903434.9966676.7083656, Powered by 4544051.5002813.7960634


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   75
Md5:    934a357fd3ad6076a7f58d261ba00954
Sha1:   f4ab1edfa4311740384f25428920197975fe264d
Sha256: 9bde6ed426879fb7fdeef921fc59f131415616766067c55ca39fe8f6fd573e75
                                        
                                            GET /a038.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 17174
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:00:19 GMT
x-oss-request-id: 63808423DC44E039328DBA6C
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "5506775B9BE6FCDD2FC2D9EE95BDF23C"
Last-Modified: Tue, 20 Sep 2022 08:47:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5777599305542440974
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: VQZ3W5vm/N0vwtnulb3yPA==
x-oss-server-time: 11
Ali-Swift-Global-Savetime: 1669366819
Via: cache8.l2cn2647[62,62,304-0,M], cache8.l2cn2647[64,0], kunlun3.cn192[0,0,200-0,H], kunlun10.cn192[1,0]
Content-Encoding: gzip
Age: 936
X-Cache: HIT TCP_MEM_HIT dirn:11:1144957896
X-Swift-SaveTime: Fri, 25 Nov 2022 09:00:19 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01e16693677556024787e


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3\012- data
Size:   17174
Md5:    ee3793fed5731e81a2b2f163f8848af1
Sha1:   93e8e26540e1dcf8bdd210dc1053eb28ea99dd31
Sha256: 29ad335b071d6d2722e420acda11d5ca89a7e692dd51dc2f7e40b84c0bebefd1
                                        
                                            GET /uploads/images/423029.jpg HTTP/1.1 
Host: m.m.need.jamaicaexposed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
Connection: keep-alive

                                         
                                         168.76.201.230
HTTP/1.1 301 Moved Permanently
Content-Type: image/jpg; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 09:15:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location:

                                        
                                            GET /TCaptcha.js HTTP/1.1 
Host: ssl.captcha.qq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         203.205.235.65
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Fri, 25 Nov 2022 09:15:55 GMT
Content-Length: 61608
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=600
P3P: CP=CAO PSA OUR
Server: Trpc httpd, tencent http server


--- Additional Info ---
Magic:  ASCII text, with very long lines (61608), with no line terminators
Size:   61608
Md5:    754474319e201ad7f617c26362377187
Sha1:   9a93094cc0866f4fc88ea75a28fcf11dcdc11471
Sha256: 0f8ea50872295020c73c5410f7a6c5d7f5e36ea767dcdb48166a3ddf78841261
                                        
                                            GET /a047.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 24553
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:10:42 GMT
x-oss-request-id: 638086927CF8423539B51CCC
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E6D99EB321F76B4329EF056D371733D5"
Last-Modified: Tue, 20 Sep 2022 08:47:55 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 413461704522414045
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: 5tmesyH3a0Mp7wVtNxcz1Q==
x-oss-server-time: 11
Ali-Swift-Global-Savetime: 1669367442
Via: cache60.l2cn2647[86,85,304-0,M], cache14.l2cn2647[87,0], kunlun3.cn192[0,0,200-0,H], kunlun2.cn192[7,0]
Content-Encoding: gzip
Age: 314
X-Cache: HIT TCP_MEM_HIT dirn:10:1434159675
X-Swift-SaveTime: Fri, 25 Nov 2022 09:10:42 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01616693677561316088e


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 76\012- data
Size:   24553
Md5:    df845b71f64ad4d06f1928b906033055
Sha1:   d4b74f2cc260a97a843df48a139e088a09dc6522
Sha256: f811ce910e8730f44a8078a7b7c7c4f3ca6401204c8d878c2d783546abd9f6e3
                                        
                                            GET /a016.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 159449
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:53:28 GMT
x-oss-request-id: 638082886FB42B32369434B2
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E9F61DB633787BD3FF12B62AA386674B"
Last-Modified: Tue, 20 Sep 2022 08:47:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9719082534943310534
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: 6fYdtjN4e9P/ErYqo4ZnSw==
x-oss-server-time: 12
Ali-Swift-Global-Savetime: 1669366408
Via: cache70.l2cn2647[51,51,304-0,M], cache4.l2cn2647[53,0], kunlun4.cn192[0,0,200-0,H], kunlun2.cn192[1,0]
Content-Encoding: gzip
Age: 1347
X-Cache: HIT TCP_MEM_HIT dirn:11:314766226
X-Swift-SaveTime: Fri, 25 Nov 2022 08:53:28 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01616693677555944580e


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   159449
Md5:    cf74bbfe0bef74d1837130c4d6907d55
Sha1:   4ea48b063a7192860cfc472b00552376f4dcb4d9
Sha256: 84e887e9c4c94468384b78703fb14ed28549f7b9dd341718e57f80ab7faba40c
                                        
                                            GET /a010.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 202853
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:10:52 GMT
x-oss-request-id: 6380869C29A53C3333D69264
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "16F72305EC7FE78001148E3BF3F00B10"
Last-Modified: Tue, 20 Sep 2022 08:47:55 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2223447802733899889
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: FvcjBex/54ABFI478/ALEA==
x-oss-server-time: 12
Ali-Swift-Global-Savetime: 1669367452
Via: cache46.l2cn2647[47,46,304-0,M], cache31.l2cn2647[48,0], kunlun8.cn192[0,0,200-0,H], kunlun10.cn192[2,0]
Content-Encoding: gzip
Age: 303
X-Cache: HIT TCP_MEM_HIT dirn:11:333032514
X-Swift-SaveTime: Fri, 25 Nov 2022 09:10:52 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01e16693677555964771e


--- Additional Info ---
Magic:  GIF image data, version 89a, 294 x 320\012- data
Size:   202853
Md5:    80e66441bd36a029ff069eb746a07306
Sha1:   c261446c17808dd87edabfe22fd5e4f3c7d75804
Sha256: 771da06843ff26f6b60aee74f21d4f40cae289bf86673b1f2c65092fe6db4d38
                                        
                                            GET /a048.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 37233
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:00:31 GMT
x-oss-request-id: 6380842FA7BABC37386FB4A0
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "573D00AE150AF56CB5225DDE7F4D7713"
Last-Modified: Tue, 20 Sep 2022 08:47:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11353893665884646454
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: Vz0ArhUK9Wy1Il3ef013Ew==
x-oss-server-time: 23
Ali-Swift-Global-Savetime: 1669366831
Via: cache23.l2cn2647[90,90,304-0,M], cache54.l2cn2647[92,0], kunlun6.cn192[0,0,200-0,H], kunlun10.cn192[1,0]
Content-Encoding: gzip
Age: 925
X-Cache: HIT TCP_MEM_HIT dirn:10:478569032
X-Swift-SaveTime: Fri, 25 Nov 2022 09:00:31 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01e16693677561686127e


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x120, components 3\012- data
Size:   37233
Md5:    612106cf6233685ab010ccaef729e2d4
Sha1:   1fa03c62fc53819e05c9b1aaccf840582a13e2bc
Sha256: 205a82807744e8d774f681466943cb5ed758a8aed346eca2e572f98d56f4d2a0
                                        
                                            GET /a067.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 359087
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:34:45 GMT
x-oss-request-id: 63807E25716A9C35367FC754
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "9DFDCECDEC961B7EED0B137AC559FF9F"
Last-Modified: Tue, 25 Oct 2022 13:28:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7315473247942663303
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: nf3OzeyWG37tCxN6xVn/nw==
x-oss-server-time: 10
Ali-Swift-Global-Savetime: 1669365285
Via: cache60.l2cn2647[119,119,304-0,M], cache42.l2cn2647[120,0], kunlun9.cn192[0,0,200-0,H], kunlun1.cn192[2,0]
Content-Encoding: gzip
Age: 2470
X-Cache: HIT TCP_MEM_HIT dirn:10:168835393
X-Swift-SaveTime: Fri, 25 Nov 2022 08:34:45 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01516693677555975375e


--- Additional Info ---
                                        
                                            GET /a004.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 62634
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:32:41 GMT
x-oss-request-id: 63807DA92E5F22353434D978
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "509F0E9D9B22A5819C57A5E2580FAC2E"
Last-Modified: Tue, 20 Sep 2022 08:47:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6710044364652934040
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: UJ8OnZsipYGcV6XiWA+sLg==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1669365161
Via: cache41.l2cn2647[0,0,304-0,H], cache57.l2cn2647[0,0], kunlun2.cn192[0,0,200-0,H], kunlun2.cn192[1,0]
Content-Encoding: gzip
Age: 2595
X-Cache: HIT TCP_MEM_HIT dirn:10:210768461
X-Swift-SaveTime: Fri, 25 Nov 2022 08:32:57 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01616693677564136873e


--- Additional Info ---
                                        
                                            GET /a068%20.js HTTP/1.1 
Host: cn.cnguigui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/

                                         
                                         58.218.208.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 926969
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:32:42 GMT
x-oss-request-id: 63807DAA2C1E9335317D4EA2
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "D47200175759E74ED3A0B32E85C9CA05"
Last-Modified: Wed, 26 Oct 2022 03:09:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5395955882890256467
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: 1HIAF1dZ507ToLMuhcnKBQ==
x-oss-server-time: 62
Ali-Swift-Global-Savetime: 1669365162
Via: cache76.l2cn2647[0,0,304-0,H], cache77.l2cn2647[1,0], kunlun9.cn192[0,0,200-0,H], kunlun1.cn192[1,0]
Content-Encoding: gzip
Age: 2593
X-Cache: HIT TCP_MEM_HIT dirn:9:304313558
X-Swift-SaveTime: Fri, 25 Nov 2022 08:32:58 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01516693677555955370e


--- Additional Info ---