r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12066
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 09:15:47 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4538
Cache-Control: max-age=95462
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:15:47 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:46:49 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4910
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 09:15:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:19:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3403
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uzd1DIRQyIfg+sYp7DjfhXLGMxGt4vBw0xQT1i5z5FMIpoDXeQkS32S9oxvSeSSGy5CrGLHD3TA=
x-amz-request-id: 2VDHT2HA11KNNQ09
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:40:44 GMT
age: 2103
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 09:15:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 277
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4247
Cache-Control: max-age=90108
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:15:48 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:17:36 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y2MPQWRjv8cNadbDD1Sihw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JPiaqw95ImmCgBGXoN9o0mz5zj8=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2624
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:15:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2624
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:15:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 25702
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
age: 42049
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 141bbf99-5d78-4b9c-a537-491718aee68a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b43YGE_SoAMFlbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d29a-00017cd344caea2b6408aeb3;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:09:14 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 1-8WM-7tNqakPDW9-K0GVbOKdotndEXj2QeJzw3cJol-g9TT5IVyOQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 16:45:53 GMT
age: 59397
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4abf25d4a15ce58edadd54994b3434a2
18800e21d05596f7b64213072dee7dda5c1faf61
633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e4ptr__XHPd9Qsf8lEDqiZGKptuB9en72UAucNWxlGG_mEbhpFgdA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:43:51 GMT
age: 5519
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:59:49 GMT
age: 36961
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6ibPrCdDNQqWzxiVYDsl87yUfTP8sUmu22GbhBdDHJruil0qxbw7Fw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:00 GMT
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
age: 42050
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m.m.need.jamaicaexposed.com/newslist/945
200 OK 4.4 kB URL HTTP/1.1 m.m.need.jamaicaexposed.com/newslist/945
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CR line terminators
Hash 1a42ccfcc07a59574a75326ca61c259e
4cd27f3e903e1be504a2dbbc7a5039c500a319fb
d586b60f9b3a163e837f9c0a240d8507b97b64aebf78da4ef1583b598e8f3dce
Analyzer Verdict Alert fortinet Phishing
GET /newslist/945 HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
m.m.need.jamaicaexposed.com/template/news/xs03/js/87b2493f.js
200 OK 17 kB URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/js/87b2493f.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (33268), with no line terminators
Hash 236accf051851eb0cd6a8c90819ddcd0
31c03f285e5a557892d749d66f8b5d32a26427b1
44c7e840b4a06e78f46c71ef699a7a06f9bd000d12668abe0d6a9520d6c37c7e
Analyzer Verdict Alert fortinet Phishing
GET /template/news/xs03/js/87b2493f.js HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Mar 2022 12:54:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3b08-81fa"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
m.m.need.jamaicaexposed.com/template/news/xs03/js/index.js
200 OK 10 kB URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/js/index.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (26000)
Hash 974637cf7c68d28637ba8617ea9eccea
fcfdae2bf98be208aa7d41cfaa4d9c46c7d29ae3
b7142c7c63db06112a60b19b27e449526fa444f78dbaf953060a60725362adc7
Analyzer Verdict Alert fortinet Phishing
GET /template/news/xs03/js/index.js HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Mar 2022 13:01:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cb6-6591"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
m.m.need.jamaicaexposed.com/template/news/xs03/js/yw_risk_verify.js
200 OK 3.1 kB URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/js/yw_risk_verify.js
IP
ASN #137951 Clayer Limited
Hash 994f3b9a8da777a0ace4c9a90c4a983a
4d2306de5fb9241e85b56a2d9f3cd396fe8d9892
77169215db72482c1a58bd8917696aac49eab6d887bd86892feac2db50d06d41
Analyzer Verdict Alert fortinet Phishing
GET /template/news/xs03/js/yw_risk_verify.js HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Mar 2022 13:01:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cbc-2346"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css
200 OK 41 kB URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 22929c59d24fe2660de533b52edecfd0
2e6bfc0ff3d39f9b5b4b7f2ef3cb139998046858
d2f85db5428bc9a95dc6f2e3ca968e4452e4e76aac0180b8530f7dea9fdfd685
GET /template/news/xs03/css/vote_popup.3f2e7.css HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Mar 2022 13:01:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cb6-3646c"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
m.m.need.jamaicaexposed.com/template/news/xs03/js/vue.min.js
200 OK 38 kB URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/js/vue.min.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65449)
Hash 83064958eb297e3f201535aeee6237bb
7cf29370c352aa7a5fa2196605c19b470025d3be
b2ebe722d2afb3548812b9fc0b5e82b125d8c178005e90be2b9311752a977025
Analyzer Verdict Alert fortinet Phishing
GET /template/news/xs03/js/vue.min.js HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Mar 2022 13:01:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cbe-16deb"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
m.m.need.jamaicaexposed.com/template/news/xs03/js/8628e719.js
200 OK 73 kB URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/js/8628e719.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash ad13bd7c92519b2acf63a8e748b84593
4e5c71f43ea6d989ea9502313058d7ec64aa4a8a
9f00addefc362bfc7bdd8933cad9c3a08aeb26741b1b15aa7408b7a886c17301
Analyzer Verdict Alert fortinet Phishing
GET /template/news/xs03/js/8628e719.js HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:51 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Mar 2022 13:01:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622f3cb8-2f8fb"
Expires: Fri, 25 Nov 2022 21:15:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
m.m.need.jamaicaexposed.com/js/orsxg5a.script
200 OK 768 B URL HTTP/1.1 m.m.need.jamaicaexposed.com/js/orsxg5a.script
IP
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with very long lines (469), with CRLF line terminators
Hash beb4cfb02e7d6494b4c21a57b799e640
0afb18a4f08b795691e091ceb4b49ddcbbea03d7
af1a8ad43f481c022fe3f940766d9fb5272759c06e203b9cb041c470c5c5e992
Analyzer Verdict Alert fortinet Phishing
GET /js/orsxg5a.script HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
m.m.need.jamaicaexposed.com/template/news/xs03/style/body_base_bg.5988a.png
200 OK 749 B URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/style/body_base_bg.5988a.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 50 x 50, 2-bit colormap, non-interlaced\012- data
Hash 5988a4df869f8595ded9f00c462073dc
87d646ef37d27ad1f16dd7ebceabb84738e8fb4f
f1ddcb56476e6e4795ba35ff5f27b23c00f53104331bafebfe2f0530d183e4aa
GET /template/news/xs03/style/body_base_bg.5988a.png HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:52 GMT
Content-Type: image/png
Content-Length: 749
Last-Modified: Mon, 14 Mar 2022 13:00:44 GMT
Connection: keep-alive
ETag: "622f3c7c-2ed"
Expires: Sun, 25 Dec 2022 09:15:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
m.m.need.jamaicaexposed.com/template/news/xs03/style/logo.d41d3.png
200 OK 675 B URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/style/logo.d41d3.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash d41d31597fe6e8a0ae55f3055108954a
5d537f9010a9062ac8efb1733d42d9ab718a67bb
8a9a58f2d3459018c134d343529c37d56374246f9511323cea539c19709c10c1
GET /template/news/xs03/style/logo.d41d3.png HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:52 GMT
Content-Type: image/png
Content-Length: 675
Last-Modified: Mon, 14 Mar 2022 13:00:36 GMT
Connection: keep-alive
ETag: "622f3c74-2a3"
Expires: Sun, 25 Dec 2022 09:15:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
m.m.need.jamaicaexposed.com/template/news/xs03/style/basic_bg.edf95.png
200 OK 559 B URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/style/basic_bg.edf95.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 50 x 50, 2-bit colormap, non-interlaced\012- data
Hash edf95374c95def46f168a37ffb50a6ff
9152a6ec9a675abb4bcb8936c677c92dab5f8658
645eac5eda6270e4dcae14cbfe30eb26bb3b796661adad752c1287e1b5240188
GET /template/news/xs03/style/basic_bg.edf95.png HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:52 GMT
Content-Type: image/png
Content-Length: 559
Last-Modified: Mon, 14 Mar 2022 13:00:38 GMT
Connection: keep-alive
ETag: "622f3c76-22f"
Expires: Sun, 25 Dec 2022 09:15:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
m.m.need.jamaicaexposed.com/template/news/xs03/style/qd_iconfont.89b51.woff
200 OK 36 kB URL HTTP/1.1 m.m.need.jamaicaexposed.com/template/news/xs03/style/qd_iconfont.89b51.woff
IP
ASN #137951 Clayer Limited
File type Web Open Font Format, TrueType, length 36540, version 0.0\012- data
Hash 89b5125a782e80a3a621dd00221a637c
6393b3b6854c8ed81aa42ee6a2d611f73dd765ec
019c711dbbb29626135cabe95a72e52ddf4336f2d2794b117a1a3604dcc92c26
Analyzer Verdict Alert fortinet Phishing
GET /template/news/xs03/style/qd_iconfont.89b51.woff HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/template/news/xs03/css/vote_popup.3f2e7.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:53 GMT
Content-Type: font/woff
Content-Length: 36540
Last-Modified: Mon, 14 Mar 2022 13:00:22 GMT
Connection: keep-alive
ETag: "622f3c66-8ebc"
Accept-Ranges: bytes
m.m.need.jamaicaexposed.com/uploads/images/423029.jpg
301 Moved Permanently 0 B URL HTTP/1.1 m.m.need.jamaicaexposed.com/uploads/images/423029.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/423029.jpg HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 09:15:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location:
baidu.sina.cn.sunbronzetan.com/
200 OK 9.9 kB URL HTTP/1.1 baidu.sina.cn.sunbronzetan.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1756), with CRLF line terminators
Hash c55c00702751952c7d48b5ad6fca3aae
2290b0dd8d9e63bc167111ffa4e95f79d4648ec6
be19a104add1021ba372b9bf0207f4d7ac5ed91bf5a8f3c451d8099a1ec7052e
GET / HTTP/1.1
Host: baidu.sina.cn.sunbronzetan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
static.geetest.com/static/tools/gt.js
200 OK 2.9 kB URL HTTP/2 static.geetest.com/static/tools/gt.js
IP
File type C source, Unicode text, UTF-8 text
Hash c0114b842177a0c58f1a81fa20e96e2b
ad81893d7af367f90b99a233e7c9188c2250d416
3abfed7b5b2d450de59385134b6d9d7d5a8e1702ebd09a5a3480c0211cd3c3f8
GET /static/tools/gt.js HTTP/1.1
Host: static.geetest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Mon, 07 Mar 2022 03:04:37 GMT
x-amz-meta-mtime: 1623160262
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Nov 2022 08:16:07 GMT
etag: W/"b7ef83f69e18bd9c2c631a41286a7b0b"
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dA5MbuQtYNaLez52GH6bJr-FMfxhu13AnZPgvtDTK0ySPYmGOOohTg==
age: 521987
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 9c097ef29db61ce9a3682e9cf73d9547
046b2504cd1ea4b2ffff546294d01424a87ee1df
2cc460e5a0fe2a3d8960df02950065d7b5643acd061bf8348b0be836d8472c04
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:15:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 05:29:03 GMT
ETag: "046b2504cd1ea4b2ffff546294d01424a87ee1df"
Last-Modified: Fri, 25 Nov 2022 05:29:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3286
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9484fe97fb50c-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 9c097ef29db61ce9a3682e9cf73d9547
046b2504cd1ea4b2ffff546294d01424a87ee1df
2cc460e5a0fe2a3d8960df02950065d7b5643acd061bf8348b0be836d8472c04
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:15:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 05:29:03 GMT
ETag: "046b2504cd1ea4b2ffff546294d01424a87ee1df"
Last-Modified: Fri, 25 Nov 2022 05:29:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3286
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9484ff986b50c-OSL
ww.bat-carrers.com//js/common.js
200 OK 504 B URL HTTP/1.1 ww.bat-carrers.com//js/common.js
IP
Hash 2995a7190c5a9b6b8b4c6687c554afdc
05398282f3f0fe25f39973c9666923e8932a629d
c83d26d939249b16682dae2853e2a43a2ecf60a72b2356117db7734ce26b8729
GET //js/common.js HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 11:58:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca97c-442"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ww.bat-carrers.com/css/iconfont.css
200 OK 898 B URL HTTP/1.1 ww.bat-carrers.com/css/iconfont.css
IP
File type Unicode text, UTF-8 (with BOM) text
Hash bb3b6aedcf16dac97eb1395eef782d00
7fc0ea825524f0167e92a9ca0ef3ec9cf4e908d1
a34d9de56ec54027b93f921b8520f0c9c3db2474b0cdc2dddc40eadcbd03047d
GET /css/iconfont.css HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Type: text/css
Content-Length: 898
Last-Modified: Mon, 03 Jan 2022 04:24:20 GMT
Connection: keep-alive
ETag: "61d27a74-382"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
ww.bat-carrers.com/css/common.css
200 OK 6.6 kB URL HTTP/1.1 ww.bat-carrers.com/css/common.css
IP
File type Unicode text, UTF-8 (with BOM) text
Hash 751b30d529f201cdb2971957d58afd35
a368b2a49883d606e0c076c14ccc7685a1a22142
cef92aa6677e32f1a1ac65ef5956b49df8b8aeac356aa6aa1391f6ba37a9a7d5
GET /css/common.css HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Type: text/css
Last-Modified: Sat, 10 Sep 2022 14:33:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"631ca047-6ccc"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ww.bat-carrers.com//css/style.css
200 OK 1.1 kB URL HTTP/1.1 ww.bat-carrers.com//css/style.css
IP
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 62f9e79d41133f00ec8477aa0bcd7ace
41939474e59b0334e4ffff9fcb0c24c9dc22a9a1
75684961f21ff0ea0e31ac480375593c1f7e48085be798f08aca8085704d987b
GET //css/style.css HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Type: text/css
Last-Modified: Mon, 03 Jan 2022 04:24:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d27a82-ba6"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ww.bat-carrers.com/css/swiper-bundle.min.css
200 OK 2.8 kB URL HTTP/1.1 ww.bat-carrers.com/css/swiper-bundle.min.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (11440)
Hash bf0ca6e80f3f053ed8eace126253fab5
766bf7d9f21ab9cc59c451b76d1b7a971aebf744
72359398a79e5e9dc11d37a541dbad00c3f1c29779444ddf0f0d65631c8d511a
GET /css/swiper-bundle.min.css HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Dec 2021 11:56:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca8e5-2db0"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ww.bat-carrers.com//css/index.css
200 OK 357 B URL HTTP/1.1 ww.bat-carrers.com//css/index.css
IP
File type troff or preprocessor input, Unicode text, UTF-8 (with BOM) text
Hash e05c1975031f1fa86951ce176b11a050
c7419b4a1a1b2b6c164cf2c480be379a89c2291f
5396516ab3b919c4733b82cd8091799915680ec279c5af93ef9c4bde4ec7d567
GET //css/index.css HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:41 GMT
Content-Type: text/css
Content-Length: 357
Last-Modified: Sun, 05 Dec 2021 11:56:20 GMT
Connection: keep-alive
ETag: "61aca8e4-165"
Expires: Fri, 25 Nov 2022 21:15:41 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
ww.bat-carrers.com//js/base64.js
200 OK 1.3 kB URL HTTP/1.1 ww.bat-carrers.com//js/base64.js
IP
Hash a644dce3631a223024118c5e09b4c589
515eb87ae4fa2a5d871366845c3707b70a804911
66d0cf4c18d607f563c6afccd894886f28ef41ba5ee941c546ee4e6106b52a29
GET //js/base64.js HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 11:58:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca97b-ab8"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ww.bat-carrers.com/js/base.js
200 OK 494 B URL HTTP/1.1 ww.bat-carrers.com/js/base.js
IP
Hash bab56507d22811dff068b8ed1b5cf76c
561a8f155f01dd4d33e055e70437bc24d329f6d2
b96f9e7b9365b7d096b61f345df62808926a31233d303638feb860f56ecb040a
GET /js/base.js HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 11:58:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca97a-43d"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ww.bat-carrers.com/css/style.css
200 OK 1.1 kB URL HTTP/1.1 ww.bat-carrers.com/css/style.css
IP
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 62f9e79d41133f00ec8477aa0bcd7ace
41939474e59b0334e4ffff9fcb0c24c9dc22a9a1
75684961f21ff0ea0e31ac480375593c1f7e48085be798f08aca8085704d987b
GET /css/style.css HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: text/css
Last-Modified: Mon, 03 Jan 2022 04:24:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61d27a82-ba6"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ww.bat-carrers.com/js/modal.js
200 OK 3.0 kB URL HTTP/1.1 ww.bat-carrers.com/js/modal.js
IP
Hash be7a7ac32b5d9791c6b46b96f44f05eb
8c9fa928512d862c331ada80e2b9b64b27752f2a
432c36e8803d5eacb76fb87420c09a3d98be863f38ef5bd24b193991e4ddb0c5
GET /js/modal.js HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 11:58:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca979-26db"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
200 OK 471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2f3a0ee53268d25dac69e5c28d947e8c
70378111261fe583a11a4016fc3162bf774d265c
e312b57bc2b77adaeffb05fa355aaa3e18f88660c2666009ca2178d25dd2d94c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:15:55 GMT
Last-Modified: Fri, 25 Nov 2022 02:19:06 GMT
ETag: "6380261a-1d7"
Expires: Sun, 27 Nov 2022 02:19:06 GMT
Cache-Control: max-age=147791
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669367755
Via: cache25.l2de2[293,292,200-0,M], cache25.l2de2[294,0], cache4.se1[317,316,200-0,M], cache4.se1[318,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 09:15:55 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816693677547513376e
hm.baidu.com/hm.js?d3fae4155d7740586a2f740fb9be8dc1
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d3fae4155d7740586a2f740fb9be8dc1
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 413204901dbea7e67888d8f3ec745406
4f33b0b36653bcb2bfa2e1c6075438507f781d9c
31481fac55487a9e1042e570618f3d4f3eb0868dc9a058841fefffc26aec2689
GET /hm.js?d3fae4155d7740586a2f740fb9be8dc1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:15:54 GMT
Etag: 73fbcc01ca4ec0f1f3d9f293af5b13f1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=817B7B90F4471021; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ww.bat-carrers.com/js/jquery.min.js
200 OK 35 kB URL HTTP/1.1 ww.bat-carrers.com/js/jquery.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 581d5dbdcf26ba2614721e41b238c2c7
bfde8b5e1d2a57ceafcaf76fc5088a48f2964745
cb0ae46753c8b5f437bb72dc01417690f0b520bbabecc486d06bd421d552d3d0
GET /js/jquery.min.js HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 11:58:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61aca978-15d9d"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ww.bat-carrers.com/js/swiper.min.js
200 OK 41 kB URL HTTP/1.1 ww.bat-carrers.com/js/swiper.min.js
IP
File type ASCII text, with very long lines (65280)
Hash 21d7e53ea970b281eb10984bac11d7f1
31eb0f4fa6027ddd5c103dd8b1a4d78e95413e3a
fb1ea2b5e494711771a0717afdeb0ca073d512c38d68893e703673c73420f995
GET /js/swiper.min.js HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: application/javascript
Last-Modified: Sat, 27 Nov 2021 11:24:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61a21573-21fb7"
Expires: Fri, 25 Nov 2022 21:15:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
200 OK 471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2f3a0ee53268d25dac69e5c28d947e8c
70378111261fe583a11a4016fc3162bf774d265c
e312b57bc2b77adaeffb05fa355aaa3e18f88660c2666009ca2178d25dd2d94c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:15:55 GMT
Last-Modified: Fri, 25 Nov 2022 02:19:06 GMT
ETag: "6380261a-1d7"
Expires: Sun, 27 Nov 2022 02:19:06 GMT
Cache-Control: max-age=147791
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669367755
Via: cache16.l2de2[278,277,200-0,M], cache16.l2de2[278,0], cache8.se1[299,299,200-0,M], cache8.se1[301,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 09:15:55 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16693677549373542e
ww.bat-carrers.com/images/screen-help-close.png
404 Not Found 146 B URL HTTP/1.1 ww.bat-carrers.com/images/screen-help-close.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /images/screen-help-close.png HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?5ebe115b0cb7e80916994e584d4c1d7b
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5ebe115b0cb7e80916994e584d4c1d7b
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 8f0f5fc8fd98a1df1f20ed174caa1304
20e8342fd307e5923d02c59203375f838d974ca9
4e0cdce6bf9ccc83e61c54a2db61f65b0ddeb191c9ced38ab61bde4aa84e42fc
GET /hm.js?5ebe115b0cb7e80916994e584d4c1d7b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:15:54 GMT
Etag: 468db1d16850b3e3dd12a2261aa7d8ba
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=53563F22FF543646; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ww.bat-carrers.com/images/screen-help.png
404 Not Found 146 B URL HTTP/1.1 ww.bat-carrers.com/images/screen-help.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /images/screen-help.png HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ww.bat-carrers.com/images/bg-header-block.jpg
200 OK 1.3 kB URL HTTP/1.1 ww.bat-carrers.com/images/bg-header-block.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 184x90, components 3\012- data
Hash e9c25977e4643fcd242a4af2a90df357
02f74a5a56496ef57fee570943dc0befbadd5d84
4b796c23be540a3a5a4306d09ba9a673f54c0ff5a8183a422867e5c2982c39ba
GET /images/bg-header-block.jpg HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.bat-carrers.com/css/common.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: image/jpeg
Content-Length: 1289
Last-Modified: Sat, 17 Sep 2022 10:55:53 GMT
Connection: keep-alive
ETag: "6325a7b9-509"
Expires: Sun, 25 Dec 2022 09:15:42 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=622693146&si=d3fae4155d7740586a2f740fb9be8dc1&v=1.3.0&lv=1&sn=60235&r=0&ww=1280&u=http%3A%2F%2Fm.m.need.jamaicaexposed.com%2Fnewslist%2F945&tt=%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9C%8B%E7%9A%84www%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91%E5%8A%A8%E6%BC%AB-%E5%AE%8C%E6%95%B4%E7%89%88%E7%BB%BC%E8%89%BA%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-%E5%85%A8%E9%9B%86%E7%8B%AC%E6%92%AD
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=622693146&si=d3fae4155d7740586a2f740fb9be8dc1&v=1.3.0&lv=1&sn=60235&r=0&ww=1280&u=http%3A%2F%2Fm.m.need.jamaicaexposed.com%2Fnewslist%2F945&tt=%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9C%8B%E7%9A%84www%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91%E5%8A%A8%E6%BC%AB-%E5%AE%8C%E6%95%B4%E7%89%88%E7%BB%BC%E8%89%BA%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-%E5%85%A8%E9%9B%86%E7%8B%AC%E6%92%AD
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=622693146&si=d3fae4155d7740586a2f740fb9be8dc1&v=1.3.0&lv=1&sn=60235&r=0&ww=1280&u=http%3A%2F%2Fm.m.need.jamaicaexposed.com%2Fnewslist%2F945&tt=%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9C%8B%E7%9A%84www%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91%E5%8A%A8%E6%BC%AB-%E5%AE%8C%E6%95%B4%E7%89%88%E7%BB%BC%E8%89%BA%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-%E5%85%A8%E9%9B%86%E7%8B%AC%E6%92%AD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 09:15:55 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DD0B6E4B1E8DE91E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ww.bat-carrers.com/images/decoration-1.png
404 Not Found 146 B URL HTTP/1.1 ww.bat-carrers.com/images/decoration-1.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /images/decoration-1.png HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.bat-carrers.com/css/common.css
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ww.bat-carrers.com/images/decoration-3.png
404 Not Found 146 B URL HTTP/1.1 ww.bat-carrers.com/images/decoration-3.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /images/decoration-3.png HTTP/1.1
Host: ww.bat-carrers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.bat-carrers.com/css/common.css
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 09:15:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
gzyykf.com/images//googlelogo_color_92x30dp.png
200 OK 2.9 kB URL HTTP/1.1 gzyykf.com/images//googlelogo_color_92x30dp.png
IP
File type PNG image data, 184 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 82749163055f6fb9893d781e2d78b773
e221bacd6ab355196e19a7d11be01d5225103a1d
90ce32006cbe9897c5f84f9cad1207df13ff14e9a6b2f762eb5d9f8e67f4cccb
GET /images//googlelogo_color_92x30dp.png HTTP/1.1
Host: gzyykf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 09:15:55 GMT
Content-Type: image/png
Content-Length: 2919
Last-Modified: Wed, 21 Sep 2022 09:34:48 GMT
Connection: keep-alive
ETag: "632adab8-b67"
Expires: Sun, 25 Dec 2022 09:15:55 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=325712484&si=5ebe115b0cb7e80916994e584d4c1d7b&v=1.3.0&lv=1&sn=60235&r=0&ww=1280&u=http%3A%2F%2Fm.m.need.jamaicaexposed.com%2Fnewslist%2F945&tt=%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9C%8B%E7%9A%84www%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91%E5%8A%A8%E6%BC%AB-%E5%AE%8C%E6%95%B4%E7%89%88%E7%BB%BC%E8%89%BA%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-%E5%85%A8%E9%9B%86%E7%8B%AC%E6%92%AD
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=325712484&si=5ebe115b0cb7e80916994e584d4c1d7b&v=1.3.0&lv=1&sn=60235&r=0&ww=1280&u=http%3A%2F%2Fm.m.need.jamaicaexposed.com%2Fnewslist%2F945&tt=%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9C%8B%E7%9A%84www%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91%E5%8A%A8%E6%BC%AB-%E5%AE%8C%E6%95%B4%E7%89%88%E7%BB%BC%E8%89%BA%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-%E5%85%A8%E9%9B%86%E7%8B%AC%E6%92%AD
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=325712484&si=5ebe115b0cb7e80916994e584d4c1d7b&v=1.3.0&lv=1&sn=60235&r=0&ww=1280&u=http%3A%2F%2Fm.m.need.jamaicaexposed.com%2Fnewslist%2F945&tt=%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9C%8B%E7%9A%84www%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91%E5%8A%A8%E6%BC%AB-%E5%AE%8C%E6%95%B4%E7%89%88%E7%BB%BC%E8%89%BA%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-%E5%85%A8%E9%9B%86%E7%8B%AC%E6%92%AD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 09:15:55 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D503D91ED426D998; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cn.cnguigui.com/a054.js
200 OK 42 kB IP
File type GIF image data, version 89a, 150 x 150\012- data
Hash 5bbf8d2eddf8483d7a8eed6edefa4ea8
32d0499d12a8eaa6a34b1662b4402c4fff97377e
eb650860a7e1da8575d15db8e0ad74e6cc57e4f411f281071f6f2eb9593260a3
GET /a054.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 41905
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:32:29 GMT
x-oss-request-id: 63807D9DDF727131317DD6BE
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "575D9D9B7C896960541DE2B4258C458D"
Last-Modified: Sat, 01 Oct 2022 12:51:28 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16325485807125219944
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: V12dm3yJaWBUHeK0JYxFjQ==
x-oss-server-time: 11
Ali-Swift-Global-Savetime: 1669365149
Via: cache54.l2cn2647[85,85,304-0,M], cache18.l2cn2647[86,0], kunlun2.cn192[0,0,200-0,H], kunlun2.cn192[1,0]
Content-Encoding: gzip
Age: 2606
X-Cache: HIT TCP_MEM_HIT dirn:10:210722742
X-Swift-SaveTime: Fri, 25 Nov 2022 08:32:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01616693677555874545e
pv.sohu.com/cityjson?ie=utf-8
200 OK 75 B URL HTTP/1.1 pv.sohu.com/cityjson?ie=utf-8
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 934a357fd3ad6076a7f58d261ba00954
f4ab1edfa4311740384f25428920197975fe264d
9bde6ed426879fb7fdeef921fc59f131415616766067c55ca39fe8f6fd573e75
GET /cityjson?ie=utf-8 HTTP/1.1
Host: pv.sohu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Content-Type: text/json; charset=utf-8
Content-Length: 75
Connection: keep-alive
Server: nginx/1.0.15
Date: Fri, 25 Nov 2022 09:15:55 GMT
FSS-Proxy: Powered by 5903434.9966676.7083656, Powered by 4544051.5002813.7960634
cn.cnguigui.com/a038.js
200 OK 17 kB IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3\012- data
Hash ee3793fed5731e81a2b2f163f8848af1
93e8e26540e1dcf8bdd210dc1053eb28ea99dd31
29ad335b071d6d2722e420acda11d5ca89a7e692dd51dc2f7e40b84c0bebefd1
GET /a038.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 17174
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:00:19 GMT
x-oss-request-id: 63808423DC44E039328DBA6C
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "5506775B9BE6FCDD2FC2D9EE95BDF23C"
Last-Modified: Tue, 20 Sep 2022 08:47:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5777599305542440974
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: VQZ3W5vm/N0vwtnulb3yPA==
x-oss-server-time: 11
Ali-Swift-Global-Savetime: 1669366819
Via: cache8.l2cn2647[62,62,304-0,M], cache8.l2cn2647[64,0], kunlun3.cn192[0,0,200-0,H], kunlun10.cn192[1,0]
Content-Encoding: gzip
Age: 936
X-Cache: HIT TCP_MEM_HIT dirn:11:1144957896
X-Swift-SaveTime: Fri, 25 Nov 2022 09:00:19 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01e16693677556024787e
m.m.need.jamaicaexposed.com/uploads/images/423029.jpg
301 Moved Permanently 0 B URL HTTP/1.1 m.m.need.jamaicaexposed.com/uploads/images/423029.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/423029.jpg HTTP/1.1
Host: m.m.need.jamaicaexposed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://m.m.need.jamaicaexposed.com/newslist/945
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 09:15:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location:
ssl.captcha.qq.com/TCaptcha.js
200 OK 62 kB URL HTTP/1.1 ssl.captcha.qq.com/TCaptcha.js
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (61608), with no line terminators
Hash 754474319e201ad7f617c26362377187
9a93094cc0866f4fc88ea75a28fcf11dcdc11471
0f8ea50872295020c73c5410f7a6c5d7f5e36ea767dcdb48166a3ddf78841261
GET /TCaptcha.js HTTP/1.1
Host: ssl.captcha.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m.m.need.jamaicaexposed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:15:55 GMT
Content-Type: text/javascript
Content-Length: 61608
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=600
P3P: CP=CAO PSA OUR
Server: Trpc httpd, tencent http server
cn.cnguigui.com/a047.js
200 OK 25 kB IP
File type GIF image data, version 89a, 320 x 76\012- data
Hash df845b71f64ad4d06f1928b906033055
d4b74f2cc260a97a843df48a139e088a09dc6522
f811ce910e8730f44a8078a7b7c7c4f3ca6401204c8d878c2d783546abd9f6e3
GET /a047.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 24553
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:10:42 GMT
x-oss-request-id: 638086927CF8423539B51CCC
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E6D99EB321F76B4329EF056D371733D5"
Last-Modified: Tue, 20 Sep 2022 08:47:55 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 413461704522414045
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: 5tmesyH3a0Mp7wVtNxcz1Q==
x-oss-server-time: 11
Ali-Swift-Global-Savetime: 1669367442
Via: cache60.l2cn2647[86,85,304-0,M], cache14.l2cn2647[87,0], kunlun3.cn192[0,0,200-0,H], kunlun2.cn192[7,0]
Content-Encoding: gzip
Age: 314
X-Cache: HIT TCP_MEM_HIT dirn:10:1434159675
X-Swift-SaveTime: Fri, 25 Nov 2022 09:10:42 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01616693677561316088e
cn.cnguigui.com/a016.js
200 OK 159 kB IP
File type GIF image data, version 89a, 200 x 200\012- data
Size 159 kB (159449 bytes)
Hash cf74bbfe0bef74d1837130c4d6907d55
4ea48b063a7192860cfc472b00552376f4dcb4d9
84e887e9c4c94468384b78703fb14ed28549f7b9dd341718e57f80ab7faba40c
GET /a016.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 159449
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:53:28 GMT
x-oss-request-id: 638082886FB42B32369434B2
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E9F61DB633787BD3FF12B62AA386674B"
Last-Modified: Tue, 20 Sep 2022 08:47:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9719082534943310534
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: 6fYdtjN4e9P/ErYqo4ZnSw==
x-oss-server-time: 12
Ali-Swift-Global-Savetime: 1669366408
Via: cache70.l2cn2647[51,51,304-0,M], cache4.l2cn2647[53,0], kunlun4.cn192[0,0,200-0,H], kunlun2.cn192[1,0]
Content-Encoding: gzip
Age: 1347
X-Cache: HIT TCP_MEM_HIT dirn:11:314766226
X-Swift-SaveTime: Fri, 25 Nov 2022 08:53:28 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01616693677555944580e
cn.cnguigui.com/a010.js
200 OK 203 kB IP
File type GIF image data, version 89a, 294 x 320\012- data
Size 203 kB (202853 bytes)
Hash 80e66441bd36a029ff069eb746a07306
c261446c17808dd87edabfe22fd5e4f3c7d75804
771da06843ff26f6b60aee74f21d4f40cae289bf86673b1f2c65092fe6db4d38
GET /a010.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 202853
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:10:52 GMT
x-oss-request-id: 6380869C29A53C3333D69264
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "16F72305EC7FE78001148E3BF3F00B10"
Last-Modified: Tue, 20 Sep 2022 08:47:55 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2223447802733899889
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: FvcjBex/54ABFI478/ALEA==
x-oss-server-time: 12
Ali-Swift-Global-Savetime: 1669367452
Via: cache46.l2cn2647[47,46,304-0,M], cache31.l2cn2647[48,0], kunlun8.cn192[0,0,200-0,H], kunlun10.cn192[2,0]
Content-Encoding: gzip
Age: 303
X-Cache: HIT TCP_MEM_HIT dirn:11:333032514
X-Swift-SaveTime: Fri, 25 Nov 2022 09:10:52 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01e16693677555964771e
cn.cnguigui.com/a048.js
200 OK 37 kB IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x120, components 3\012- data
Hash 612106cf6233685ab010ccaef729e2d4
1fa03c62fc53819e05c9b1aaccf840582a13e2bc
205a82807744e8d774f681466943cb5ed758a8aed346eca2e572f98d56f4d2a0
GET /a048.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 37233
Connection: keep-alive
Date: Fri, 25 Nov 2022 09:00:31 GMT
x-oss-request-id: 6380842FA7BABC37386FB4A0
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "573D00AE150AF56CB5225DDE7F4D7713"
Last-Modified: Tue, 20 Sep 2022 08:47:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11353893665884646454
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: Vz0ArhUK9Wy1Il3ef013Ew==
x-oss-server-time: 23
Ali-Swift-Global-Savetime: 1669366831
Via: cache23.l2cn2647[90,90,304-0,M], cache54.l2cn2647[92,0], kunlun6.cn192[0,0,200-0,H], kunlun10.cn192[1,0]
Content-Encoding: gzip
Age: 925
X-Cache: HIT TCP_MEM_HIT dirn:10:478569032
X-Swift-SaveTime: Fri, 25 Nov 2022 09:00:31 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01e16693677561686127e
cn.cnguigui.com/a067.js
200 OK 0 B IP
GET /a067.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 359087
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:34:45 GMT
x-oss-request-id: 63807E25716A9C35367FC754
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "9DFDCECDEC961B7EED0B137AC559FF9F"
Last-Modified: Tue, 25 Oct 2022 13:28:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7315473247942663303
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: nf3OzeyWG37tCxN6xVn/nw==
x-oss-server-time: 10
Ali-Swift-Global-Savetime: 1669365285
Via: cache60.l2cn2647[119,119,304-0,M], cache42.l2cn2647[120,0], kunlun9.cn192[0,0,200-0,H], kunlun1.cn192[2,0]
Content-Encoding: gzip
Age: 2470
X-Cache: HIT TCP_MEM_HIT dirn:10:168835393
X-Swift-SaveTime: Fri, 25 Nov 2022 08:34:45 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01516693677555975375e
cn.cnguigui.com/a004.js
200 OK 0 B IP
GET /a004.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 62634
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:32:41 GMT
x-oss-request-id: 63807DA92E5F22353434D978
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "509F0E9D9B22A5819C57A5E2580FAC2E"
Last-Modified: Tue, 20 Sep 2022 08:47:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6710044364652934040
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: UJ8OnZsipYGcV6XiWA+sLg==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1669365161
Via: cache41.l2cn2647[0,0,304-0,H], cache57.l2cn2647[0,0], kunlun2.cn192[0,0,200-0,H], kunlun2.cn192[1,0]
Content-Encoding: gzip
Age: 2595
X-Cache: HIT TCP_MEM_HIT dirn:10:210768461
X-Swift-SaveTime: Fri, 25 Nov 2022 08:32:57 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01616693677564136873e
cn.cnguigui.com/a068%20.js
200 OK 0 B URL HTTP/1.1 cn.cnguigui.com/a068%20.js
IP
GET /a068%20.js HTTP/1.1
Host: cn.cnguigui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.sina.cn.sunbronzetan.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 926969
Connection: keep-alive
Date: Fri, 25 Nov 2022 08:32:42 GMT
x-oss-request-id: 63807DAA2C1E9335317D4EA2
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "D47200175759E74ED3A0B32E85C9CA05"
Last-Modified: Wed, 26 Oct 2022 03:09:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5395955882890256467
x-oss-storage-class: Standard
Vary: Accept-Encoding
Content-MD5: 1HIAF1dZ507ToLMuhcnKBQ==
x-oss-server-time: 62
Ali-Swift-Global-Savetime: 1669365162
Via: cache76.l2cn2647[0,0,304-0,H], cache77.l2cn2647[1,0], kunlun9.cn192[0,0,200-0,H], kunlun1.cn192[1,0]
Content-Encoding: gzip
Age: 2593
X-Cache: HIT TCP_MEM_HIT dirn:9:304313558
X-Swift-SaveTime: Fri, 25 Nov 2022 08:32:58 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01516693677555955370e
168.76.201.230
154.38.246.38
58.218.208.91
203.205.235.65
93.184.220.29
47.246.44.205
104.18.20.226
23.36.76.226