Overview

URLwww.tanguqi.com/
IP 23.230.58.117 (United States)
ASN#18779 EGIHOSTING
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-18 14:31:08 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ii2.ii2-daxiangjiao.com (3) 0 2022-01-25 10:38:58 UTC 2022-09-16 14:33:27 UTC 156.243.30.220 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-18 06:05:25 UTC 143.204.55.49
www.tanguqi.com (4) 0 No data No data 23.230.58.117 Unknown ranking
api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2022-09-17 22:06:14 UTC 180.101.212.103
ccapi.api-daxiangjiao.com (1) 0 2022-01-25 10:37:09 UTC 2022-09-18 04:23:07 UTC 156.243.30.140 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-18 04:48:15 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-18 06:05:26 UTC 52.88.220.109
ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-18 05:19:30 UTC 104.18.20.226
ia.51.la (1) 59607 2017-10-31 08:01:51 UTC 2022-09-18 04:23:06 UTC 103.143.19.103
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-18 11:46:24 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-18 04:20:51 UTC 34.120.237.76
api.dssac9dh.life (4) 0 2022-09-16 14:22:50 UTC 2022-09-17 19:25:28 UTC 156.243.30.172 Unknown ranking
r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-18 05:00:37 UTC 23.36.76.226
firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-18 12:39:06 UTC 143.204.55.27
push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-09-18 04:23:08 UTC 112.34.113.148
api.5i88qv3y.cc (3) 0 2022-09-16 05:58:06 UTC 2022-09-18 04:23:13 UTC 156.243.30.139 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-18 2 tanguqi.com Sinkholed
2022-09-18 2 tanguqi.com Sinkholed
2022-09-18 2 tanguqi.com Sinkholed
2022-09-18 2 tanguqi.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 23.230.58.117
Date UQ / IDS / BL URL IP
2022-09-18 14:31:08 +0000 0 - 0 - 4 www.tanguqi.com/ 23.230.58.117


Last 5 reports on ASN: EGIHOSTING
Date UQ / IDS / BL URL IP
2023-02-08 03:26:54 +0000 0 - 0 - 2 innoviansacademy.com/backup/wp-includes/wells (...) 172.120.139.238
2023-02-08 02:55:49 +0000 0 - 2 - 7 escuelamontecatini.com/petty/admin.php 216.172.143.100
2023-02-08 02:51:27 +0000 0 - 7 - 1 accurapower.com/service/images/ext/login.php 23.27.244.39
2023-02-08 01:01:42 +0000 0 - 0 - 2 innoviansacademy.com/backup/wp-includes/wells (...) 172.120.139.238
2023-02-08 00:56:24 +0000 0 - 2 - 4 0urtlme.com/auth/0nline/guest/0urtime.zip 45.39.166.132


Last 1 reports on domain: tanguqi.com
Date UQ / IDS / BL URL IP
2022-09-18 14:31:08 +0000 0 - 0 - 4 www.tanguqi.com/ 23.230.58.117


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-09-13 14:09:46 +0000 0 - 0 - 5 www.heshigou.net/ 172.120.198.173
2022-09-11 14:58:52 +0000 0 - 0 - 3 estococa.com/ 45.192.212.137
2022-09-11 14:36:50 +0000 0 - 0 - 4 typeb2typea.com/ 104.164.247.16
2022-09-10 14:32:26 +0000 0 - 0 - 4 adianareversal.com/ 104.166.92.142
2022-09-10 14:29:48 +0000 0 - 0 - 3 9737067.com/ 160.202.114.50

JavaScript

Executed Scripts (12)

Executed Evals (2)
#1 JavaScript::Eval (size: 510) - SHA256: b2fcd6846043dd23f6e772fd04a9b8b6e44da9451b66988f0cde5738bb0cf1b5
document.write('<title>H��э�
        Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="https:/ / ii2.ii2 - daxiangjiao.com / 1663511649. html " allowfullscreen="
        true "></iframe></div><style type="
        text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');
#2 JavaScript::Eval (size: 258) - SHA256: 264bc504c44acc89345a2a05be818c4db242271ea50f2e439d2fc899350cca9e
var _hmt = _hmt || [];
(function() {
    var hm = document.createElement("script");
    hm.src = "https://hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab";
    var s = document.getElementsByTagName("script")[0];
    s.parentNode.insertBefore(hm, s);
})();

Executed Writes (2)
#1 JavaScript::Write (size: 491) - SHA256: 3c4b99e2c940ab0323183ba1e79d78ce8fafd04662975f4bcfcf94021234c58c
< title > H�� э� Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="https:/ / ii2.ii2 - daxiangjiao.com / 1663511649. html " allowfullscreen="
true "></iframe></div><style type="
text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
#2 JavaScript::Write (size: 148) - SHA256: 9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8
< meta name = "viewport"
content = "width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, viewport-fit=cover" / >


HTTP Transactions (40)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5196
Expires: Sun, 18 Sep 2022 15:57:33 GMT
Date: Sun, 18 Sep 2022 14:30:57 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 14:12:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sNJ3u8wfRQ-6CaT7g6RX9oVtpSXofqvS-RS7fxgTugTqHpTjwzxtgg==
Age: 1128


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SzlxgQ7fQV1Lb3cMxWAdNBeovHWf-UN68PAEBN539b0DagfpjLzqEw==
age: 39614
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET / HTTP/1.1 
Host: www.tanguqi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         23.230.58.117
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 18 Sep 2022 14:30:58 GMT
Content-Length: 801
Server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   801
Md5:    9096a7ef734f89d5ef85c993386b22f5
Sha1:   9e5a09845df21d341f15d611e7a9a9e97df0f3f4
Sha256: cadda06349501d0692444980eb6f618604beb5fe06d5131abc18c497c0da8e7a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 14:30:57 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /common.js HTTP/1.1 
Host: www.tanguqi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tanguqi.com/

search
                                         23.230.58.117
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sun, 18 Sep 2022 14:30:59 GMT
Content-Length: 3989
Server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (466), with CRLF line terminators
Size:   3989
Md5:    ff69f1e1044801500523119b373990fa
Sha1:   5581df40f97c3de3bdb1ed1f8584cbe28024bafe
Sha256: e4c47d296f44417b65ccb3fb97527325495ac4b52cb8ad1b5bdba4998a925de5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 14:03:22 GMT
Expires: Sun, 18 Sep 2022 14:40:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ps6N10w-cKkWxxkG3VsnvRfmI91MO7Nuz6Ok-3M0man0NJhlymnScQ==
Age: 1655


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.tanguqi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tanguqi.com/

search
                                         23.230.58.117
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sun, 18 Sep 2022 14:30:59 GMT
Content-Length: 18894
Server: nginx


--- Additional Info ---
Magic:  ASCII text, with very long lines (17702), with CRLF line terminators
Size:   18894
Md5:    b43c97a9e26e2439a7ee73c4a74a2f71
Sha1:   a3bfb6de3706d3f44f5f5e1b8ea8b4fbd84d7019
Sha256: 4534ab96fe01c6c6ee81b5a7c0cb13e9ddb080413a72b4ae18880da5cbf8ef9e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1966
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 14:30:58 GMT
Last-Modified: Sun, 18 Sep 2022 13:58:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ihKWiNZFS/Ij7q3Q3GWkFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.88.220.109
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NBL3I7lKaLovBGm2COmO5+cnVNk=

                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tanguqi.com/

search
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Sun, 18 Sep 2022 14:30:58 GMT
Etag: "4078521116"
Expires: Mon, 18 Sep 2023 14:30:58 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=0052771F8243702EF7212F8FF9DE3526:FG=1; max-age=31536000; expires=Mon, 18-Sep-23 14:30:58 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.tanguqi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tanguqi.com/
Cookie: __tins__21261447=%7B%22sid%22%3A%201663511439640%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201663513239640%7D; __51cke__=; __51laig__=1

search
                                         23.230.58.117
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 18 Sep 2022 14:31:00 GMT
Content-Length: 801
Server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   801
Md5:    9096a7ef734f89d5ef85c993386b22f5
Sha1:   9e5a09845df21d341f15d611e7a9a9e97df0f3f4
Sha256: cadda06349501d0692444980eb6f618604beb5fe06d5131abc18c497c0da8e7a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 14:30:58 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Sep 2022 12:56:38 GMT
ETag: "492ab58704079d2cc0e755914e64b91f274674b9"
Last-Modified: Sun, 18 Sep 2022 12:56:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cac858cd78b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    6a7828d130bbd311543c19b9b775a9af
Sha1:   492ab58704079d2cc0e755914e64b91f274674b9
Sha256: 9e34be0b00acee655c365331a21af33097e70d232f1bbf687361b8323b202d83
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "50E4FEF10C789825EB9D67346C01EBD3DC4CDFD221896F8784EC73EF7F178B8F"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21076
Expires: Sun, 18 Sep 2022 20:22:14 GMT
Date: Sun, 18 Sep 2022 14:30:58 GMT
Connection: keep-alive

                                        
                                            GET /go1?id=21261447&rt=1663511439640&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1663511439640&tt=%25E6%2585%2588%25E6%25BA%25AA%25E5%2587%25B8%25E6%2590%259C%25E9%2587%2591%25E8%259E%258D%25E6%259C%258D%25E5%258A%25A1%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.tanguqi.com%252F&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tanguqi.com/

search
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Sun, 18 Sep 2022 14:30:58 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=552e27a5469155b80b6; path=/ HWWAFSESTIME=1663511456017; path=/

                                        
                                            GET /s.gif?l=http://www.tanguqi.com/ HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tanguqi.com/

search
                                         180.101.212.103
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Sun, 18 Sep 2022 14:30:58 GMT

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7452
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 14:30:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7452
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 14:30:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7452
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 14:30:59 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5570
x-amzn-requestid: a20f5fb2-9c4a-4124-bc27-6b7cf99c5a73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn64FEKXoAMFbzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e99-0edcfdf505c4467b31355e71;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WEu1c8M48RawhRPEq5G0ejo4cZFfxeiEXmOngUFNxJ-Rkycj1BAEiQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:01 GMT
age: 60118
etag: "7deb4e0fc838bcfffb532ff1f92f4036b35571f2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5570
Md5:    5b174f977a78acf5f28935f44cac702d
Sha1:   7deb4e0fc838bcfffb532ff1f92f4036b35571f2
Sha256: 7e87fe13d3127a1c8e89f72c1455349d9edcb89eeb2a9b103d191095ddc69751
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6869
x-amzn-requestid: e4e424a6-6c79-405b-8d1b-d40749ae3f0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5yLHi8oAMFpXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cda-22f6dae17ded045177976eaf;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:32:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eSPLuSCIr6IOor8bQh1STKcy6i_bS6nPhndKrN_g7IrXl6U43TogYw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:29:35 GMT
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
age: 57684
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6869
Md5:    51d067e534c477ce996b3e806f6a132e
Sha1:   451c1f67948e45909e636828e3d2a3099de922f0
Sha256: e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
                                        
                                            GET /common.php?val=daxiangjiao&t=0.333399550440979?v=0058762220348605676 HTTP/1.1 
Host: ccapi.api-daxiangjiao.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.tanguqi.com
Connection: keep-alive
Referer: http://www.tanguqi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         156.243.30.140
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 18 Sep 2022 14:30:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
strict-transport-security: max-age=31536000
server: RielCDN
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5236
Md5:    9a03950d5e26af5f1add2a8af6eba937
Sha1:   03a9be0753bb2948e4a942fb46e4f0ee5c926e72
Sha256: 4d7a6ffa1e654613680be1b721011289f83f2dce213cc21c5aa771b4d23f8fac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 31314
etag: "786c333cf08456aea446a55c547520572e1c2df9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11919
Md5:    f003d8b6e12692fb16dddd6827deead8
Sha1:   786c333cf08456aea446a55c547520572e1c2df9
Sha256: d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BLfMTudduK95E9WeV9h987RYPa2RjQTtcl6jkjAZxgSWmCfUTnxU4A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:43:11 GMT
age: 60468
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10554
Md5:    7334a6bdb209350f41e4640960c9ce2a
Sha1:   0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
Sha256: bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c956a4-db39-47fc-87b0-5c576f15441b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8989
x-amzn-requestid: cb45074f-f130-41a6-b253-6bc6654e8ebb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KXH3gIAMFwnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d75-32ffacde1e1eb46117c61fe9;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:45 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P60MPAXw-2lxWTjCtqk9Cd1oga6yuq6lcApDeSIWfIAehDHdXsCFIw==
via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:10:23 GMT
age: 58836
etag: "a247157989727bf0d4598679f7f0cc9646299cbd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8989
Md5:    97d0fb7f2e5c544eb87b803a153d8763
Sha1:   a247157989727bf0d4598679f7f0cc9646299cbd
Sha256: cfff9f9aaad7b3dc4949c917df6096ee65a3392d8a8dceddf94261af5480ac56
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6104F08E5D61C7ED132ABD699A1D43B86009F54B053E3BEA9C648B8485B9228E"
Last-Modified: Fri, 16 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21497
Expires: Sun, 18 Sep 2022 20:29:17 GMT
Date: Sun, 18 Sep 2022 14:31:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63CBE736ADB4962B18659D6975E1F0D39B6A2CD44EE7676C12ABB9F295CFCB22"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11704
Expires: Sun, 18 Sep 2022 17:46:05 GMT
Date: Sun, 18 Sep 2022 14:31:01 GMT
Connection: keep-alive

                                        
                                            POST /js/api.php HTTP/1.1 
Host: ii2.ii2-daxiangjiao.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://ii2.ii2-daxiangjiao.com
Connection: keep-alive
Referer: https://ii2.ii2-daxiangjiao.com/1663511649.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

search
                                         156.243.30.220
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 18 Sep 2022 14:31:01 GMT
vary: Accept-Encoding
cache-control: max-age=1
strict-transport-security: max-age=31536000
content-encoding: gzip
server: RielCDN
x-cache-status: MISS
X-Firefox-Spdy: h2

                                        
                                            GET /static/index.2772579d.css HTTP/1.1 
Host: api.dssac9dh.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.dssac9dh.life/?tt=1663511651
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         156.243.30.172
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 18 Sep 2022 14:31:02 GMT
last-modified: Fri, 16 Sep 2022 06:03:22 GMT
vary: Accept-Encoding
etag: W/"632411aa-17031"
expires: Fri, 16 Sep 2022 18:30:05 GMT
cache-control: max-age=43200
content-encoding: gzip
server: RielCDN
strict-transport-security: max-age=31536000;
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31424
Md5:    1ac0168675acc51e7ce048b7baf783d9
Sha1:   36e7408e39e79516f6a69d713937627247fcb123
Sha256: 625b4544cb05e26867682b2bcd6b8de04715f1156ce34a2aab27c0efba5eea1f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F599A5B31B4884EEBB260827B0B2B3A3F77770A7E0747B43E45F1D514181B262"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20878
Expires: Sun, 18 Sep 2022 20:19:03 GMT
Date: Sun, 18 Sep 2022 14:31:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F599A5B31B4884EEBB260827B0B2B3A3F77770A7E0747B43E45F1D514181B262"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20878
Expires: Sun, 18 Sep 2022 20:19:03 GMT
Date: Sun, 18 Sep 2022 14:31:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F599A5B31B4884EEBB260827B0B2B3A3F77770A7E0747B43E45F1D514181B262"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20878
Expires: Sun, 18 Sep 2022 20:19:03 GMT
Date: Sun, 18 Sep 2022 14:31:05 GMT
Connection: keep-alive

                                        
                                            GET /static/js/chunk-vendors.cbebd8a9.js HTTP/1.1 
Host: api.dssac9dh.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.dssac9dh.life/?tt=1663511651
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         156.243.30.172
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 18 Sep 2022 14:31:02 GMT
last-modified: Fri, 16 Sep 2022 06:03:22 GMT
vary: Accept-Encoding
etag: W/"632411aa-b4f96"
expires: Fri, 16 Sep 2022 18:30:05 GMT
cache-control: max-age=43200
content-encoding: gzip
server: RielCDN
strict-transport-security: max-age=31536000;
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   268732
Md5:    bc210cb81010db26a3c6ecc60411c772
Sha1:   c942d79dceaa84c796f3dc1a9ec790736527b35d
Sha256: 0735c92b34b6557072fdd5ff1c2e26b7c7c6c8a3bb66b9abb762ce998200e136
                                        
                                            GET /web.php/index/showType HTTP/1.1 
Host: api.5i88qv3y.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.dssac9dh.life
Connection: keep-alive
Referer: https://api.dssac9dh.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         156.243.30.139
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sun, 18 Sep 2022 14:31:05 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
server: RielCDN
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/index.c5ae810e.js HTTP/1.1 
Host: api.dssac9dh.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.dssac9dh.life/?tt=1663511651
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         156.243.30.172
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 18 Sep 2022 14:31:02 GMT
last-modified: Fri, 16 Sep 2022 06:03:22 GMT
vary: Accept-Encoding
etag: W/"632411aa-1bb75"
expires: Fri, 16 Sep 2022 18:30:05 GMT
cache-control: max-age=43200
content-encoding: gzip
server: RielCDN
strict-transport-security: max-age=31536000;
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8f674fad.js HTTP/1.1 
Host: api.dssac9dh.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.dssac9dh.life/?tt=1663511651
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         156.243.30.172
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 18 Sep 2022 14:31:04 GMT
last-modified: Fri, 16 Sep 2022 06:03:22 GMT
vary: Accept-Encoding
etag: W/"632411aa-d9e2"
expires: Fri, 16 Sep 2022 18:30:06 GMT
cache-control: max-age=43200
content-encoding: gzip
server: RielCDN
strict-transport-security: max-age=31536000;
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /web.php/index/tj HTTP/1.1 
Host: api.5i88qv3y.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.dssac9dh.life
Connection: keep-alive
Referer: https://api.dssac9dh.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         156.243.30.139
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sun, 18 Sep 2022 14:31:05 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
server: RielCDN
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1663511649.html HTTP/1.1 
Host: ii2.ii2-daxiangjiao.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tanguqi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         156.243.30.220
HTTP/2 200 OK
content-type: text/html
                                        
date: Sun, 18 Sep 2022 14:31:00 GMT
last-modified: Sat, 18 Dec 2021 07:18:36 GMT
vary: Accept-Encoding
etag: W/"61bd8b4c-427"
strict-transport-security: max-age=31536000
content-encoding: gzip
server: RielCDN
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/jquery.js HTTP/1.1 
Host: ii2.ii2-daxiangjiao.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ii2.ii2-daxiangjiao.com/1663511649.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         156.243.30.220
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 18 Sep 2022 14:31:00 GMT
last-modified: Tue, 28 Dec 2021 07:35:02 GMT
vary: Accept-Encoding
etag: W/"61cabe26-109b"
expires: Wed, 14 Sep 2022 10:50:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
server: RielCDN
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /web.php/index/type HTTP/1.1 
Host: api.5i88qv3y.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.dssac9dh.life
Connection: keep-alive
Referer: https://api.dssac9dh.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         156.243.30.139
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Sun, 18 Sep 2022 14:31:05 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
server: RielCDN
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---