Report - quantum-torrents.com/downloads/quantum-setup.exe

Report Overview

Submitted URL
quantum-torrents.com/downloads/quantum-setup.exe
IP
160.202.97.47
ASN
#46261 QUICKPACKET
Submitted
2023-01-31 03:31:32
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	1.4 kB	7.6 kB	104.18.20.226
baidu.hnmaccms.xyz	unknown	2022-06-07T17:59:50Z	2023-02-07T23:19:42Z	709 B	642 B	118.107.36.231
www.henniu498.site	unknown	2023-01-28T08:05:44Z	2023-02-17T06:05:11Z	5.3 kB	15 kB	108.171.217.106
mei.netlbtu.com	917912	2022-06-02T03:24:51Z	2023-03-13T00:53:50Z	1.3 kB	47 kB	45.89.208.114
2366317ccc.com	unknown	2022-12-24T11:39:59Z	2023-03-13T07:20:08Z	410 B	145 kB	45.61.212.46
ocsp.digicert.cn	37572	2020-03-20T18:45:56Z	2023-03-13T08:35:28Z	340 B	1.1 kB	47.246.44.205
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	294 B	750 B	182.61.201.93
statuse.digitalcertvalidation.com	16484	2019-06-21T17:00:06Z	2023-03-13T06:00:13Z	357 B	797 B	93.184.220.29
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.0 kB	5.2 kB	93.184.220.29
zhibo128x.xyz	unknown	2022-09-07T01:50:00Z	2023-03-13T00:53:50Z	388 B	418 kB	154.83.25.141
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-13T05:14:15Z	696 B	2.4 kB	172.64.155.188
img.krkfp.com	unknown	2023-01-11T22:37:55Z	2023-03-08T08:53:24Z	528 B	66 kB	172.247.222.51
p3.douyinpic.com	23536	2020-12-18T12:20:50Z	2023-03-13T08:24:37Z	1.2 kB	977 kB	47.246.44.226
8499583.com	unknown	2022-10-27T07:16:30Z	2023-03-13T05:36:49Z	387 B	185 kB	23.225.237.34
gtm-cn-j6730u6sd0b.gtm-a3b8.com	unknown	2022-12-29T14:09:38Z	2023-03-13T05:37:24Z	403 B	400 kB	211.97.85.198
kjimg10.360buyimg.com	unknown	2022-11-25T23:08:29Z	2023-03-13T05:55:46Z	453 B	513 B	121.226.246.3
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	3.3 kB	37 kB	103.235.46.191
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.7 kB	4.8 kB	172.64.155.188
aooacctp.vip	unknown	2022-04-15T19:51:21Z	2023-03-13T05:55:45Z	385 B	90 kB	104.21.82.179
cbu01.alicdn.com	44205	2015-04-17T12:25:48Z	2023-03-13T08:28:00Z	425 B	99 kB	47.246.44.252
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.187.106.193
s2.loli.net	100401	2021-12-08T13:17:10Z	2023-03-13T07:20:08Z	401 B	15 kB	172.67.69.40
ocsp.trust-provider.cn	unknown	2022-02-10T09:18:30Z	2023-03-13T07:40:56Z	346 B	1.5 kB	47.246.44.205
p9.toutiaoimg.com	59405	2021-01-21T18:23:01Z	2023-03-13T05:55:46Z	870 B	896 kB	4.34.42.103
p26.toutiaoimg.com	75286	2021-01-20T18:21:02Z	2023-03-13T07:26:22Z	445 B	302 kB	182.118.39.167
yvzfgigpiwmofux.com	unknown	2022-06-21T10:04:03Z	2023-03-09T17:18:34Z	407 B	325 B	154.198.234.18
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
help.ifeng.com	550386	2014-07-30T19:17:45Z	2023-03-04T03:29:02Z	594 B	918 kB	49.51.190.27
n0522.com	unknown	2021-02-01T02:45:29Z	2023-03-13T05:56:03Z	405 B	216 kB	13.215.163.86
kvezz.com	237784	2021-10-17T10:32:09Z	2023-03-13T08:13:32Z	405 B	401 kB	13.227.254.5
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-13T05:37:01Z	371 B	114 B	182.61.240.101
pic.rmb.bdstatic.com	25157	2017-02-01T18:01:36Z	2023-03-13T05:36:52Z	420 B	903 kB	185.10.104.115
p.qlogo.cn	48578	2014-01-15T12:11:45Z	2023-03-13T07:26:22Z	1.8 kB	3.2 MB	43.154.254.32
n0622.com	unknown	2021-02-01T02:45:28Z	2023-03-09T19:46:01Z	405 B	283 kB	18.143.107.111
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.4 kB	12 kB	23.36.77.32
quantum-torrents.com	unknown	2013-06-10T19:20:57Z	2023-01-31T04:31:35Z	379 B	223 B	160.202.97.47
www.quantum-torrents.com	unknown	2014-10-23T18:19:32Z	2023-01-31T04:31:19Z	1.4 kB	4.0 kB	160.202.97.47
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	70 kB	34.120.237.76
kzeaa.com	unknown	2022-05-22T08:40:48Z	2023-03-13T08:13:33Z	405 B	355 kB	13.227.254.99
kzeoo.com	unknown	2022-11-24T05:24:38Z	2023-03-12T09:10:11Z	405 B	452 kB	172.83.155.45
ddcdn.comtucdncom.com	240637	2021-07-27T17:21:21Z	2023-03-13T00:53:50Z	439 B	465 kB	45.89.208.114
ky891.oss-cn-shenzhen.aliyuncs.com	unknown	2023-01-01T14:04:45Z	2023-03-12T09:10:12Z	409 B	408 kB	120.77.166.22
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	2.0 kB	4.4 kB	23.36.76.226
66668aaa.com	unknown	2022-11-25T13:49:53Z	2023-02-25T19:43:51Z	408 B	857 kB	45.61.212.59
595tuchuang.com	unknown	2022-12-21T13:40:45Z	2023-03-13T05:36:49Z	386 B	370 B	183.255.106.38
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	3.7 kB	20 kB	151.101.2.133
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	714 B	1.4 kB	142.250.74.131
qppicture.oss-cn-shanghai.aliyuncs.com	unknown	2023-01-04T14:05:12Z	2023-03-09T11:09:17Z	421 B	65 kB	106.14.229.206
kvegg.com	unknown	2022-11-17T08:04:49Z	2023-03-12T09:10:10Z	405 B	104 kB	172.83.155.45
img.9376x.com	unknown	2022-11-03T20:44:19Z	2023-03-13T00:53:49Z	408 B	1.6 kB	3.36.126.81
165tuchuang.com	unknown	2023-01-11T22:52:17Z	2023-03-13T08:45:59Z	405 B	629 kB	13.228.24.19
dvcasha2.ocsp-certum.com	71753	2014-11-27T09:04:42Z	2023-03-13T08:02:07Z	1.7 kB	9.3 kB	95.101.10.107
kvtjjj.top	unknown	2022-07-28T13:11:03Z	2023-03-12T04:58:32Z	406 B	174 kB	172.67.217.8
xxx6686.app	unknown	2022-12-16T05:06:15Z	2023-03-13T08:24:38Z	381 B	381 kB	123.253.107.62
www.tupku.top	unknown	2022-06-30T23:26:11Z	2023-03-13T00:53:50Z	389 B	1.6 MB	172.67.200.40
kvexx.com	unknown	2021-10-19T11:24:07Z	2023-03-12T04:58:32Z	405 B	422 B	45.150.164.88
img.3155a.com	unknown	2023-01-15T22:11:31Z	2023-03-13T00:53:50Z	408 B	182 B	3.36.126.81
files.imgopen.vip	unknown	2022-09-09T07:29:54Z	2023-03-13T05:55:45Z	413 B	708 B	104.21.68.49
dimg04.c-ctrip.com	139731	2014-05-08T18:11:10Z	2023-03-13T05:37:25Z	426 B	489 kB	104.110.17.24
383guanggao.oss-cn-shenzhen.aliyuncs.com	unknown	2022-12-08T12:33:55Z	2023-03-13T00:53:49Z	410 B	300 kB	120.77.166.67
vns86.oss-cn-hongkong.aliyuncs.com	unknown	2022-08-08T04:17:07Z	2023-03-12T17:26:39Z	405 B	300 kB	47.75.19.64
img.1137555.com	unknown	2022-11-11T15:40:45Z	2023-03-13T05:36:50Z	410 B	182 B	3.36.126.81

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 03:31:38	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-01-31 03:31:41	low	23.225.237.34	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-01-31 03:31:42	low	154.198.234.18	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-01-31 03:31:42	low	154.198.234.18	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	yvzfgigpiwmofux.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:56:36 Last Seen2023-03-13 12:56:36 Times Seen1 Hash 74da9e8ccb12025870f0ce4805dba787 f961a91626c56510245a81adaea1e139584595ab 7443fa9f6cd3702360a112c0f8123066de93b7b619bbff6802397e7c57f52fe9 Loading...

	www.quantum-torrents.com/downloads/quantum-setup.exe	404 B	2023-03-07	2024-04-26
Pretty URL www.quantum-torrents.com/downloads/quantum-setup.exe IP 160.202.97.47 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 13:23:16 Times Seen2980 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.quantum-torrents.com/common.js	1.5 kB	2023-03-07	2023-03-17
Pretty URL www.quantum-torrents.com/common.js IP 160.202.97.47 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2023-03-17 12:40:02 Times Seen1 Hash 18ac90c0a88951615363d6ee8ceed9a2 e894023834a6c5102cdc4459c57251866382504b 9c78d58924be5f7e66557483cc53def1aa55c8839bda5d6911118d6e709255e9 Loading...

	www.henniu498.site/logo.html	448 B	2023-03-07	2023-04-05
Pretty URL www.henniu498.site/logo.html IP 108.171.217.106 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2023-04-05 02:01:03 Times Seen113 Hash 85ed82b5f9fb4040d4c6e5165e458e6b 43a80e8dedae9ef5e4500d129cfecaf39bbeb2e5 7e40c67aca6c28510901aca57be804353d55494e7a0890d3fd3f31b7243f77ee Loading...

	www.quantum-torrents.com/downloads/quantum-setup.exe	34 B	2023-03-12	2023-04-01
Pretty URL www.quantum-torrents.com/downloads/quantum-setup.exe IP 160.202.97.47 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:08:14 Last Seen2023-04-01 11:19:44 Times Seen2 Hash eea01003bf995184c541f5dfa5ac1358 757851f4b39253b6853250919e981ec6dde8a030 9b7bdf0014107e68a04074cad5b3e6092e0d152cb73057dc66aae57b2736d388 Loading...

	www.quantum-torrents.com/tj.js	520 B	2023-03-08	2023-05-15
Pretty URL www.quantum-torrents.com/tj.js IP 160.202.97.47 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:35 Last Seen2023-05-15 08:34:21 Times Seen3 Hash 8ac2feb6f75da9a4494d21668bff2c56 7525eae132f9b90c0fb983fdb87982791866c7f7 90d00b61bc9b16d4536f3a8fb959a63f8a329f5e75f55e0f6bf80a374552f5cf Loading...

	www.henniu498.site/template/dfcc/html9/ads/dulian.js	3.4 kB	2023-03-13	2023-03-13
Pretty URL www.henniu498.site/template/dfcc/html9/ads/dulian.js IP 108.171.217.106 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:53:54 Last Seen2023-03-13 13:29:17 Times Seen1 Hash e85a531a8d09fceadc5f62da77b3f077 fbe80a59e94abf6c6346f864ba4f29ad7659af81 9ce41f2f5b6cf59b094ffd310cba0a3403ef87e78bb232afdbe063b77ae41b17 Loading...

	www.henniu498.site/	254 B	2023-03-07	2023-04-14
Pretty URL www.henniu498.site/ IP 108.171.217.106 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2023-04-14 00:52:17 Times Seen34 Hash 05f0373ea7e281c385907cb6386e0545 f3bf9f91dcc0e52ce2366cf0880e880539b5f7fc ea2cf285809c5418877d8d21b5fcef883d144ec6bb364bd429c8f54d90da7f19 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-26
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.93 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 16:09:47 Times Seen19027 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	baidu.hnmaccms.xyz/news/data.php	225 B	2023-03-13	2023-03-13
Pretty URL baidu.hnmaccms.xyz/news/data.php IP 118.107.36.231 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:55:08 Last Seen2023-03-13 12:56:36 Times Seen1 Hash af4ceca88aeb73ea3eff6715c5800db4 1688ea58f181bcb70000844aae659d6424c024e8 c1faf5ced4e681461d8d4a222e00f55300e280f72655719f4aaa6426c845a2f1 Loading...

	www.henniu498.site/template/dfcc/static/js/jquery.lazyload.min.js	3.4 kB	2023-03-07	2024-04-26
Pretty URL www.henniu498.site/template/dfcc/static/js/jquery.lazyload.min.js IP 108.171.217.106 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-04-26 05:30:16 Times Seen4077 Hash 112c8d1b40b3e62e883c743e9d71e0bf 338318e930487b2791a7bcf53ad4601630cc41e2 ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e Loading...

	www.henniu498.site/	126 B	2023-03-07	2024-04-18
Pretty URL www.henniu498.site/ IP 108.171.217.106 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-04-18 08:18:14 Times Seen697 Hash 2f869be15fc72c6b1c27b0722717f7b9 4c14a9d014274a315deb6c2066659a5472de3281 86ab4a35529048ff85c373322d7b7cc6bf047551f014c721a210c01c5a070db6 Loading...

	hm.baidu.com/hm.js?f4ff9d85130ece49d1fd1915d2213727	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?f4ff9d85130ece49d1fd1915d2213727 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:56:36 Last Seen2023-03-13 12:56:36 Times Seen1 Hash 7493780573225326c5b07e90083b3033 865cd839e0aca3970281ecd4eea84ad9437429ba c30f9decf77e1990e870ddf9373dd749eb2756a01dadca2347333f4547f3d5ef Loading...

	hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:56:36 Last Seen2023-03-13 12:56:36 Times Seen1 Hash e075337dcce4223aedf502da221c2354 318d7f6e89f46da537af60f24315d8ff0291e7bf 504fec27700ed800e856002083a930ffd3c90327b480523819fa4135689e6161 Loading...

	www.henniu498.site/template/dfcc/static/js/jquery.min.js	97 kB	2023-03-07	2024-04-26
Pretty URL www.henniu498.site/template/dfcc/static/js/jquery.min.js IP 108.171.217.106 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 16:12:14 Times Seen118756 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 912b9409be8a1bbe968a2f3c0571d87d	475 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 11:08:14 Last Seen2023-03-13 12:56:36 Times Seen1 Hash 912b9409be8a1bbe968a2f3c0571d87d 1aabac7c94cf82f620674103e7f306b62a1a177b 79ac33f3cd686202ff3fc26ecb3825747609dd327aa562e7e43fae931675460e Loading...

		Size	First Seen	Last Seen
	#1 Write - 2abeec48000bf1479c396214535d71fe	566 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 14:05:40 Last Seen2023-03-13 17:16:41 Times Seen1 Hash 2abeec48000bf1479c396214535d71fe 25d4555bd453f62d7e5e9d9a1e0174a9e60999a7 2c3357d796033bb7dc3d4c4fccd0d85f5b43b293ce7f59fb3e0075e81c8a219f Loading...

	#2 Write - 7fbb522cce476502465554a44a738569	561 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 06:53:54 Last Seen2023-03-13 13:29:17 Times Seen1 Hash 7fbb522cce476502465554a44a738569 5e0f0e3a63c024ae07fcab4787339c8b8f07a50b 72593d408f9a3b0d0de49fc0a3fb9e732a26855f1ed8d9ca859ff8afffc9fdba Loading...

	#3 Write - 1dbc2825040ac0adbe73512d59441f60	542 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 02:43:58 Last Seen2023-03-14 11:32:56 Times Seen1 Hash 1dbc2825040ac0adbe73512d59441f60 e85f28df0ddf6d3cc9be289aa4e652dd305c238a 6aa22d0350576570675e184e5ba1644120beaa02e3c227cdde6fc4499f3fc4b6 Loading...

	#4 Write - 19d83f4e72506b8b9b5e90e0f0ba9ee3	559 B	2023-03-12	2023-03-14
Pretty Observations First Seen2023-03-12 20:50:21 Last Seen2023-03-14 06:18:52 Times Seen1 Hash 19d83f4e72506b8b9b5e90e0f0ba9ee3 24277849d9ccc53d02addb3416c660e314988c3e 777e9510584b5b0b3c299865b97449085fb7191f143bc63e8a89e97f4cc99b81 Loading...

	#5 Write - cda99b40a39c2b873ddbd1106386cc09	456 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 11:08:14 Last Seen2023-03-13 12:56:36 Times Seen1 Hash cda99b40a39c2b873ddbd1106386cc09 e7f0c9392c0e91de1df647ea32f7a47657fdd1ab ea02b497fa3a54b7cd6ea97ceabcb470c8506db560a40e9f5301a96fecb9e177 Loading...

	#6 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-25 20:37:27 Times Seen3762 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

HTTP Transactions (145)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5034
Expires: Tue, 31 Jan 2023 04:55:13 GMT
Date: Tue, 31 Jan 2023 03:31:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2908
Expires: Tue, 31 Jan 2023 04:19:47 GMT
Date: Tue, 31 Jan 2023 03:31:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 02:43:15 GMT
content-type: application/json
age: 2884
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19675
Expires: Tue, 31 Jan 2023 08:59:14 GMT
Date: Tue, 31 Jan 2023 03:31:19 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: aYEAgTvirVGF/puutn62QmifdHGS7diAIqVEK+KUCCAuiAcGbJbPqIM5XAQkwyVKKw30lQKD3C0=
x-amz-request-id: SYBJ4S5MHGSDGJVT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 02:51:00 GMT
age: 2419
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:19 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

quantum-torrents.com/downloads/quantum-setup.exe

160.202.97.47

301 Moved Permanently

0 B

URL HTTP/1.1
quantum-torrents.com/downloads/quantum-setup.exe
IP
160.202.97.47:0
ASN
#46261 QUICKPACKET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /downloads/quantum-setup.exe HTTP/1.1
Host: quantum-torrents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 03:31:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.quantum-torrents.com/downloads/quantum-setup.exe

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 02:49:04 GMT
age: 2535
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3639
Expires: Tue, 31 Jan 2023 04:31:59 GMT
Date: Tue, 31 Jan 2023 03:31:20 GMT
Connection: keep-alive

www.quantum-torrents.com/downloads/quantum-setup.exe

160.202.97.47

200 OK

806 B

URL HTTP/1.1
www.quantum-torrents.com/downloads/quantum-setup.exe
IP
160.202.97.47:0
ASN
#46261 QUICKPACKET

File type
data
Size
806 B (806 bytes)
Hash
6873e1477c8d39c4a32debadc2ef8901
0355dc641e50cfe4bf810213ebf249d8c58e1ee9
cb19606396b88c1514f54f349fded66095b095438e65ac23572bedcc1c4d821a

HTTP Headers

GET /downloads/quantum-setup.exe HTTP/1.1
Host: www.quantum-torrents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 03:31:20 GMT
Content-Type: text/html
Content-Length: 806
Connection: keep-alive

push.services.mozilla.com/

54.187.106.193

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.106.193:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LsemXGZ7owG84EBx3Z1hdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MLKgVwOPDcHY9rLPPk03En4/96U=

www.quantum-torrents.com/common.js

160.202.97.47

200 OK

757 B

URL HTTP/1.1
www.quantum-torrents.com/common.js
IP
160.202.97.47:0
ASN
#46261 QUICKPACKET

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
757 B (757 bytes)
Hash
ae4f9ffe7a2eeb4f281eec7788eba03b
09d7e9e07ddb8f412b4e904bbfd609edef5353bf
8bce791cc2ad839158815f6e0a8a1073de39f96f4e6c2135e13736cd5f620aca

HTTP Headers

GET /common.js HTTP/1.1
Host: www.quantum-torrents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.quantum-torrents.com/downloads/quantum-setup.exe

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 03:31:20 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.quantum-torrents.com/tj.js

160.202.97.47

200 OK

520 B

URL HTTP/1.1
www.quantum-torrents.com/tj.js
IP
160.202.97.47:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
8ac2feb6f75da9a4494d21668bff2c56
7525eae132f9b90c0fb983fdb87982791866c7f7
90d00b61bc9b16d4536f3a8fb959a63f8a329f5e75f55e0f6bf80a374552f5cf

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.quantum-torrents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.quantum-torrents.com/downloads/quantum-setup.exe

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 03:31:20 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

www.quantum-torrents.com/favicon.ico

160.202.97.47

200 OK

1.2 kB

URL HTTP/1.1
www.quantum-torrents.com/favicon.ico
IP
160.202.97.47:0
ASN
#46261 QUICKPACKET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.quantum-torrents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.quantum-torrents.com/downloads/quantum-setup.exe

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 03:31:21 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 05 Feb 2023 03:31:21 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

push.zhanzhang.baidu.com/push.js

182.61.201.93

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.quantum-torrents.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 31 Jan 2023 03:31:20 GMT
Etag: "4078521116"
Expires: Wed, 31 Jan 2024 03:31:20 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F1F1568B36FC28F4DA2E236300D8AEC2:FG=1; max-age=31536000; expires=Wed, 31-Jan-24 03:31:20 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
1b3bac116d9720fe3ac892b77496eb8f
fd096ead5638486367aa49110ca2ef5e1855c4cf
68084d7d143262d75fa563d57d3cd9e4593f80fc1bc8a2fae5fbc646ddb764c3

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 00:41:47 GMT
ETag: "fd096ead5638486367aa49110ca2ef5e1855c4cf"
Last-Modified: Tue, 31 Jan 2023 00:41:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2848
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f5fb9e93db524-OSL

baidu.hnmaccms.xyz/news/index.php

118.107.36.231

200 OK

48 B

URL HTTP/1.1
baidu.hnmaccms.xyz/news/index.php
IP
118.107.36.231:0
ASN
#64050 BGPNET Global ASN

File type
HTML document, ASCII text, with no line terminators
Size
48 B (48 bytes)
Hash
046691e8308c2adf72fc25247e2f9e80
a47d4ddf558d878140dd88a539159659e781345e
49f190d90d221b19e342cf6425fbb173e894ca0531935a3b08eaf83d980a6268

HTTP Headers

GET /news/index.php HTTP/1.1
Host: baidu.hnmaccms.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.quantum-torrents.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 03:31:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9586
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 03:31:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9586
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 03:31:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9586
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 03:31:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9586
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 03:31:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 5585
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11129 bytes)
Hash
2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lJril-pCQ3MCMoVEFu3kmDuv4T1ABYMFJTuC5dbwxGe1_ydrbUkt8Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 03:40:12 GMT
age: 85869
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5903 bytes)
Hash
42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZKuBcZgC6yolu1QcaXZKAIIDynG3Zywq1d7sWI8Jlq3ULwlr6XlhWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 13:04:11 GMT
age: 52030
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:23 GMT
age: 19678
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6660 bytes)
Hash
932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Fv1ghBaLh1tZCjCKJYBmZmWVBAsxZCQ5XPZK6KEUXc-iH0Y5dSFVw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:05 GMT
age: 20596
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6844 bytes)
Hash
976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6bbFjAsd03GN8zzBnAFBm7xA8igZ_xHJsOHzw7nwNgRxiWUDLPGjpQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:53:29 GMT
age: 5872
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.share.baidu.com/s.gif?l=http://www.quantum-torrents.com/downloads/quantum-setup.exe

182.61.240.101

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.quantum-torrents.com/downloads/quantum-setup.exe
IP
182.61.240.101:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.quantum-torrents.com/downloads/quantum-setup.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.quantum-torrents.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 31 Jan 2023 03:31:21 GMT

baidu.hnmaccms.xyz/news/data.php

118.107.36.231

200 OK

178 B

URL HTTP/1.1
baidu.hnmaccms.xyz/news/data.php
IP
118.107.36.231:0
ASN
#64050 BGPNET Global ASN

File type
Unicode text, UTF-8 text
Size
178 B (178 bytes)
Hash
303ca86c46ef38acfb9dae222467df71
47776f254165d8285097e884e58e03b3b4ac47d4
49c7616c1b797913067d645c23fe0a00a197f84fb387e9652d490c5a729ed41f

HTTP Headers

GET /news/data.php HTTP/1.1
Host: baidu.hnmaccms.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.hnmaccms.xyz/news/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 03:31:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

hm.baidu.com/hm.js?f4ff9d85130ece49d1fd1915d2213727

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?f4ff9d85130ece49d1fd1915d2213727
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
d1075aa4bbbb6aa6219b407071a03653
4987814d3111ebe36c313c3114a277b4ab3a0b29
f7e5d2dbe06647147412dfbfef16aa54eee1702581540381efc78e6c1f5c5322

HTTP Headers

GET /hm.js?f4ff9d85130ece49d1fd1915d2213727 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.quantum-torrents.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 03:31:21 GMT
Etag: 15d9e719059da2eeb01bc89baef6c973
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4F637E308483BD7C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (621)
Size
11 kB (11259 bytes)
Hash
68b870a6354f050986dcad123016ffcf
50059b5c31219340cf2e57d33664d1087a3f18b3
e712f5e27dda3f61a591bdd0d6d3678174933c44ba7c28aa6345ff56d3ccb006

HTTP Headers

GET /hm.js?d8caaf5fc7e747bf497566f2be1cc916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.quantum-torrents.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 03:31:21 GMT
Etag: 03db8a9356b460509df537cb5496febe
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=259442ECA62FA9F3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62003626584b8af5b6ce649d9855b2e0
a9ea07d9e94eda83730c7ff585e294d494e16068
a5cbc250c2c68af9621df8303770af55239e25f8c651c8aaec42a2e5ab42d83d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5CBC250C2C68AF9621DF8303770AF55239E25F8C651C8AAEC42A2E5AB42D83D"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 09:31:22 GMT
Date: Tue, 31 Jan 2023 03:31:22 GMT
Connection: keep-alive

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=563385750&si=f4ff9d85130ece49d1fd1915d2213727&v=1.3.0&lv=1&sn=61297&r=0&ww=1280&u=http%3A%2F%2Fwww.quantum-torrents.com%2Fdownloads%2Fquantum-setup.exe&tt=%E9%87%8D%E5%BA%86%E6%BD%98%E4%B9%94%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=563385750&si=f4ff9d85130ece49d1fd1915d2213727&v=1.3.0&lv=1&sn=61297&r=0&ww=1280&u=http%3A%2F%2Fwww.quantum-torrents.com%2Fdownloads%2Fquantum-setup.exe&tt=%E9%87%8D%E5%BA%86%E6%BD%98%E4%B9%94%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=563385750&si=f4ff9d85130ece49d1fd1915d2213727&v=1.3.0&lv=1&sn=61297&r=0&ww=1280&u=http%3A%2F%2Fwww.quantum-torrents.com%2Fdownloads%2Fquantum-setup.exe&tt=%E9%87%8D%E5%BA%86%E6%BD%98%E4%B9%94%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.quantum-torrents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:31:22 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DB4D320526ADF359; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1308093778&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=61297&r=0&ww=1280&u=http%3A%2F%2Fwww.quantum-torrents.com%2Fdownloads%2Fquantum-setup.exe&tt=%E9%87%8D%E5%BA%86%E6%BD%98%E4%B9%94%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1308093778&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=61297&r=0&ww=1280&u=http%3A%2F%2Fwww.quantum-torrents.com%2Fdownloads%2Fquantum-setup.exe&tt=%E9%87%8D%E5%BA%86%E6%BD%98%E4%B9%94%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1308093778&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=61297&r=0&ww=1280&u=http%3A%2F%2Fwww.quantum-torrents.com%2Fdownloads%2Fquantum-setup.exe&tt=%E9%87%8D%E5%BA%86%E6%BD%98%E4%B9%94%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.quantum-torrents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:31:22 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C62A41BA1C2465C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.henniu498.site/static/images/1.gif

108.171.217.106

200 OK

254 B

URL HTTP/2
www.henniu498.site/static/images/1.gif
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /static/images/1.gif HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:22 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 24 Dec 2021 10:11:17 GMT
etag: "61c59cc5-fe"
expires: Thu, 02 Mar 2023 03:31:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu498.site/template/dfcc/images/loading.svg

108.171.217.106

200 OK

506 B

URL HTTP/2
www.henniu498.site/template/dfcc/images/loading.svg
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
506 B (506 bytes)
Hash
bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

HTTP Headers

GET /template/dfcc/images/loading.svg HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:22 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:24 GMT
etag: "61da9f3c-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu498.site/dingpiao.html

108.171.217.106

200 OK

165 B

URL HTTP/2
www.henniu498.site/dingpiao.html
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type
HTML document, ASCII text
Size
165 B (165 bytes)
Hash
4435944ee90530df7501feb9474447eb
7d2a2ba9c312fe8a2a74989b277c31019dc6cf28
631fe8224b4b000f68610d29d53524f1700f15181f1c77e9856b010fd21507a3

HTTP Headers

GET /dingpiao.html HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:23 GMT
content-type: text/html
content-length: 165
last-modified: Thu, 12 Jan 2023 16:30:59 GMT
etag: "63c035c3-a5"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu498.site/logo.html

108.171.217.106

200 OK

879 B

URL HTTP/2
www.henniu498.site/logo.html
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type
HTML document, Unicode text, UTF-8 (with BOM) text
Size
879 B (879 bytes)
Hash
a4229e5d02151f80ae5438c1b96aeeff
84b0a174ce8032bb83a4b015d3122d6014540b89
94f1b6a919ebd8d414f1c423ef3ad76df2349a7782ae45a313d3b2743b6b31e0

HTTP Headers

GET /logo.html HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:23 GMT
content-type: text/html
content-length: 879
last-modified: Wed, 18 May 2022 08:37:40 GMT
etag: "6284b054-36f"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu498.site/template/dfcc/images/video-mask.png

108.171.217.106

200 OK

107 B

URL HTTP/2
www.henniu498.site/template/dfcc/images/video-mask.png
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type
PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

HTTP Headers

GET /template/dfcc/images/video-mask.png HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/template/dfcc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:23 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-6b"
expires: Thu, 02 Mar 2023 03:31:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu498.site/template/dfcc/images/video-play.png

108.171.217.106

200 OK

1.6 kB

URL HTTP/2
www.henniu498.site/template/dfcc/images/video-play.png
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/dfcc/images/video-play.png HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/template/dfcc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:23 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:20 GMT
etag: "61d4644c-61f"
expires: Thu, 02 Mar 2023 03:31:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient

104.110.17.24

200 OK

489 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
489 kB (488987 bytes)
Hash
6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8

HTTP Headers

GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5641470
expires: Thu, 06 Apr 2023 10:35:53 GMT
date: Tue, 31 Jan 2023 03:31:23 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

www.henniu498.site/henniu.png

108.171.217.106

200 OK

5.0 kB

URL HTTP/2
www.henniu498.site/henniu.png
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type
PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (4973 bytes)
Hash
66a858de209ee39809102a15257bbd71
6856ccaf274c24cdbe62155da4847eafd3b7f3e9
478f7ef871afdab3f845e3f501b9ec980ff449f34651ebc7f0b5b5498ea60296

HTTP Headers

GET /henniu.png HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:23 GMT
content-type: image/png
content-length: 4973
last-modified: Wed, 18 May 2022 08:34:27 GMT
etag: "6284af93-136d"
expires: Thu, 02 Mar 2023 03:31:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (624)
Size
11 kB (11262 bytes)
Hash
3b2b6bfff5dfaced2c52475dafa84fd7
274fb2fdf37f32eb98c6598d6cbfa9ed9ca91364
e11e7c91501ae71fa6d752abed15e9e7416e96f9fbe8ee586671a612c6c6edf5

HTTP Headers

GET /hm.js?83778f58a428085f4ecef06936407d2b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 03:31:23 GMT
Etag: c0e230c227da71af526aaede8305d833
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8A6CD9127E42CB13; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1892115621&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=61299&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu498.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1892115621&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=61299&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu498.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1892115621&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=61299&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu498.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:31:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=07A42F67BEC11C0C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

xxx6686.app/960-60.gif

123.253.107.62

200 OK

381 kB

URL HTTP/2
xxx6686.app/960-60.gif
IP
123.253.107.62:0
ASN
#0

File type
GIF image data, version 89a, 960 x 60\012- data
Size
381 kB (380774 bytes)
Hash
d5b19fab300b34d93648b77ba1e87205
eabcc33b82a978d851b9af1337fc656a70f23c2f
e7cce7f77395b75187261e079f448c4b9de06f62f42ca0d2b87662efe80ea69b

HTTP Headers

GET /960-60.gif HTTP/1.1
Host: xxx6686.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: load-edge/2.1.1
date: Tue, 31 Jan 2023 03:31:24 GMT
content-type: image/gif
content-length: 380774
last-modified: Tue, 20 Dec 2022 08:28:12 GMT
etag: "63a1721c-5cf66"
strict-transport-security: max-age=31536000
lp-geo: edge-gz76
lp-addr: 91.90.42.154
lp-request: 6469cbb1-ce64-4fcd-b7e7-d7faa948a772
lp-id: 3098520949ff5d2acfd991f60390fd0d
expires: Tue, 31 Jan 2023 03:36:24 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2

help.ifeng.com/datas/feedback/20230103/63b3b479ce945.gif

49.51.190.27

200 OK

307 kB

URL HTTP/1.1
help.ifeng.com/datas/feedback/20230103/63b3b479ce945.gif
IP
49.51.190.27:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 120\012- data
Size
307 kB (306734 bytes)
Hash
ca810c35cea365abbacde41d2ee51764
a6f267356af7be51677d96a316bc2f1a0adc1ddf
a91c06c40e0f97e73ec9210126c1283afaba908fe0d0153aa690e0e388354dd4

HTTP Headers

GET /datas/feedback/20230103/63b3b479ce945.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
server: openresty
date: Tue, 31 Jan 2023 03:31:24 GMT
content-type: image/gif
content-length: 306734
last-modified: Tue, 03 Jan 2023 04:52:09 GMT
etag: "63b3b479-4ae2e"
expires: Wed, 15 Feb 2023 03:31:24 GMT
cache-control: max-age=1296000
accept-ranges: bytes

n0522.com/c92a6738cc4e4ed5b593c5cb7f6ad314.gif

13.215.163.86

200 OK

216 kB

URL HTTP/1.1
n0522.com/c92a6738cc4e4ed5b593c5cb7f6ad314.gif
IP
13.215.163.86:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 960 x 60\012- data
Size
216 kB (215902 bytes)
Hash
153a7dac1d2bfce1349134956b3f408f
9e91fdc5f2052de208a86e18c10eca1a251e3906
907675e7b39a2cc587985b82e12f9b7da60d395aa62b23214fe9d265c62df0bb

HTTP Headers

GET /c92a6738cc4e4ed5b593c5cb7f6ad314.gif HTTP/1.1
Host: n0522.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 04 Jan 2023 10:04:14 GMT
ETag: W/"63b54f1e-54d22"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

help.ifeng.com/datas/feedback/20230103/63b3b2c35e1e9.gif

49.51.190.27

200 OK

611 kB

URL HTTP/1.1
help.ifeng.com/datas/feedback/20230103/63b3b2c35e1e9.gif
IP
49.51.190.27:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 120\012- data
Size
611 kB (610607 bytes)
Hash
7797b04d36b1cfaecd602e5cb119b1f7
429a9df53294bf1ab9dc2acd71ef1ed98e827c50
6c30edd990ed795a7879b876104443d2e6ff67bbcbd9e58b93b8d4e9b843a6da

HTTP Headers

GET /datas/feedback/20230103/63b3b2c35e1e9.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
server: openresty
date: Tue, 31 Jan 2023 03:31:24 GMT
content-type: image/gif
content-length: 610607
last-modified: Tue, 03 Jan 2023 04:44:51 GMT
etag: "63b3b2c3-9512f"
expires: Wed, 15 Feb 2023 03:31:24 GMT
cache-control: max-age=1296000
accept-ranges: bytes

383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif

120.77.166.67

200 OK

299 kB

URL HTTP/1.1
383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP
120.77.166.67:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
299 kB (299398 bytes)
Hash
f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6

HTTP Headers

GET /960x60.gif HTTP/1.1
Host: 383guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 31 Jan 2023 03:31:24 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 63D88B8C90531231307A74B7
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Thu, 08 Dec 2022 07:20:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 2

p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0

43.154.254.32

200 OK

206 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 60\012- data
Size
206 kB (205622 bytes)
Hash
8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa

HTTP Headers

GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 03:31:25 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Fri, 30 Dec 2022 04:47:40 GMT
cache-control: max-age=2592000
x-delay: 133 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: dcbb2aa7-3f2f-457a-8dd8-29ea3b0a77bc
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
943b44fccbbbba9c69b51eb8b2cf03d3
5185aba9e16f40a494fd3677a4a98305d54e9a25
4ad1a35fc2429b3ead42f9a320bccba67c2dc58a30f49ffe5af728658fd800d8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 07:41:57 GMT
Expires: Sat, 04 Feb 2023 07:41:56 GMT
Etag: "5185aba9e16f40a494fd3677a4a98305d54e9a25"
Cache-Control: max-age=360029,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791f5fd95ffeb517-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e7e0174cd619a9175a32c15a715631b7
d02828d7b1dd91550644ab31e2fafac9c246cce8
d489a1cc6bf218699df78f98213ecc1f13dc896cce163d85532dcd3125c0d291

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 11:55:14 GMT
Expires: Sat, 04 Feb 2023 11:55:13 GMT
Etag: "d02828d7b1dd91550644ab31e2fafac9c246cce8"
Cache-Control: max-age=375226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791f5fd958180b41-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
e93f278794d1d2eb0ca7cee811c569e6
79c43802087b87da650a2cadee1fc4cd8c051ba9
8550a2992e022fec538b3a6dec951c7c88c2dd7ceefd9e58ea65dee59031cb20

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 15:36:43 GMT
Expires: Sat, 04 Feb 2023 15:36:42 GMT
Etag: "79c43802087b87da650a2cadee1fc4cd8c051ba9"
Cache-Control: max-age=388515,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791f5fd95f410b4d-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
1d902c75c8269a393c03a11fca319a88
d55c7fa97021b93bdb8116621011291dbfe9e71a
e2a6ab59cbf118a4c5c2bdf17cc44bf928a3faf0ae86e0b1a6e18caf02655a45

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 21:14:25 GMT
Expires: Sun, 05 Feb 2023 21:14:24 GMT
Etag: "d55c7fa97021b93bdb8116621011291dbfe9e71a"
Cache-Control: max-age=495177,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791f5fd9596ffabc-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aa73a8865ee3c2cc6be65daeb7922b1a
b2f484da35905d17d186d6a940c9d98980741616
465ecf0c7440fcd98f4ab242b5eb5ff552cbdcac67a3781095a820694cae9066

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "465ECF0C7440FCD98F4AB242B5EB5FF552CBDCAC67A3781095A820694CAE9066"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=483
Expires: Tue, 31 Jan 2023 03:39:29 GMT
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
96378fe6949b7693a2b3236d688fa31e
ebdf72c65a83cb89dc3d88094c0aeb08234b94a1
7615361680647c211a3a71800d2dc80db07f47e9bc07ec2a6b985a75ad89dd23

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 02:27:39 GMT
ETag: "ebdf72c65a83cb89dc3d88094c0aeb08234b94a1"
Last-Modified: Tue, 31 Jan 2023 02:27:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 3825
X-Served-By: cache-qpg1239-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 15, 2
X-Timer: S1675135886.359384,VS0,VE0

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
96378fe6949b7693a2b3236d688fa31e
ebdf72c65a83cb89dc3d88094c0aeb08234b94a1
7615361680647c211a3a71800d2dc80db07f47e9bc07ec2a6b985a75ad89dd23

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 02:27:39 GMT
ETag: "ebdf72c65a83cb89dc3d88094c0aeb08234b94a1"
Last-Modified: Tue, 31 Jan 2023 02:27:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 3825
X-Served-By: cache-qpg1239-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 15, 1
X-Timer: S1675135886.359166,VS0,VE1

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
96378fe6949b7693a2b3236d688fa31e
ebdf72c65a83cb89dc3d88094c0aeb08234b94a1
7615361680647c211a3a71800d2dc80db07f47e9bc07ec2a6b985a75ad89dd23

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 02:27:39 GMT
ETag: "ebdf72c65a83cb89dc3d88094c0aeb08234b94a1"
Last-Modified: Tue, 31 Jan 2023 02:27:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 3825
X-Served-By: cache-qpg1239-QPG, cache-bma1662-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 15, 1
X-Timer: S1675135886.359640,VS0,VE1

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
96378fe6949b7693a2b3236d688fa31e
ebdf72c65a83cb89dc3d88094c0aeb08234b94a1
7615361680647c211a3a71800d2dc80db07f47e9bc07ec2a6b985a75ad89dd23

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 02:27:39 GMT
ETag: "ebdf72c65a83cb89dc3d88094c0aeb08234b94a1"
Last-Modified: Tue, 31 Jan 2023 02:27:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 3825
X-Served-By: cache-qpg1239-QPG, cache-bma1644-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 15, 1
X-Timer: S1675135886.359768,VS0,VE1

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
96378fe6949b7693a2b3236d688fa31e
ebdf72c65a83cb89dc3d88094c0aeb08234b94a1
7615361680647c211a3a71800d2dc80db07f47e9bc07ec2a6b985a75ad89dd23

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 02:27:39 GMT
ETag: "ebdf72c65a83cb89dc3d88094c0aeb08234b94a1"
Last-Modified: Tue, 31 Jan 2023 02:27:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 3825
X-Served-By: cache-qpg1239-QPG, cache-bma1639-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 15, 1
X-Timer: S1675135886.359816,VS0,VE1

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
791dceb420271b1883d7d3ae2cef5cbe
1158627cbef9f42296fc53bf7dc2ac5dba492767
44e418513e74c7b6f9602b36f807f25170c3b1322ff1484fd79e964873944466

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 02:01:57 GMT
ETag: "1158627cbef9f42296fc53bf7dc2ac5dba492767"
Last-Modified: Tue, 31 Jan 2023 02:01:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 1605
X-Served-By: cache-qpg1231-QPG, cache-bma1651-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 6, 1
X-Timer: S1675135886.359911,VS0,VE1

ocsp2.globalsign.com/gsorganizationvalsha2g3

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1461 bytes)
Hash
af22a7798bed60571aaae516bd51bbce
8c7d2231a8d1bf46bfc042714b2898cdce3f30f7
1121a4b8f362c97ff6525f808a0b56ddfe014a91eda5380b423dcf0e66627980

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1461
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 00:56:51 GMT
ETag: "8c7d2231a8d1bf46bfc042714b2898cdce3f30f7"
Last-Modified: Tue, 31 Jan 2023 00:56:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 2725
X-Served-By: cache-qpg1251-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 1
X-Timer: S1675135886.369795,VS0,VE1

ocsp2.globalsign.com/gsorganizationvalsha2g3

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1461 bytes)
Hash
af22a7798bed60571aaae516bd51bbce
8c7d2231a8d1bf46bfc042714b2898cdce3f30f7
1121a4b8f362c97ff6525f808a0b56ddfe014a91eda5380b423dcf0e66627980

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1461
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 00:56:51 GMT
ETag: "8c7d2231a8d1bf46bfc042714b2898cdce3f30f7"
Last-Modified: Tue, 31 Jan 2023 00:56:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 2725
X-Served-By: cache-qpg1251-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 2
X-Timer: S1675135886.370393,VS0,VE0

statuse.digitalcertvalidation.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
statuse.digitalcertvalidation.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d6c34ec10d1c6a65e943848028020d88
5f4ed54e072ca6c059cc6063fc7421cc35d9918f
54079355a651cac8fd4c7c2d09d31b1efd10b5b27ccf60fd6e168cab00648589

HTTP Headers

POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4835
Cache-Control: max-age=109928
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:26 GMT
Etag: "63d78313-1d7"
Expires: Wed, 01 Feb 2023 10:03:34 GMT
Last-Modified: Mon, 30 Jan 2023 08:42:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
1f09b6fa0b12fd60a6165715512943f3
f85400aa17e7da273624a03ff4652d21dd73edc4
62055bac459ecf117edc62f6c34de007a82aef350b0db06d80b61d5c801784e0

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 04 Feb 2023 02:45:38 GMT
ETag: "f85400aa17e7da273624a03ff4652d21dd73edc4"
Last-Modified: Tue, 31 Jan 2023 02:45:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 2746
X-Served-By: cache-qpg1231-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 8, 1
X-Timer: S1675135886.406356,VS0,VE1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b86e15cba47c065512375c0ab2274ffb
89e8c2847e3fa577fd0ba9812e8e7a0ba8363b86
6b1519606ab7a68ce7d1e2d4101bbf17541f00add06b683fe5b1e513bc257d9a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B1519606AB7A68CE7D1E2D4101BBF17541F00ADD06B683FE5B1E513BC257D9A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12388
Expires: Tue, 31 Jan 2023 06:57:54 GMT
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

www.henniu498.site/template/dfcc/static/js/jquery.lazyload.min.js

108.171.217.106

200 OK

3.1 kB

URL HTTP/2
www.henniu498.site/template/dfcc/static/js/jquery.lazyload.min.js
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type
data
Size
3.1 kB (3119 bytes)
Hash
1a8c5dbadc34eb6fefc2e41f8d361723
24a468a9c667506ac53447c68a1ea3fc03422ec7
1fc3696d3b01c9765f27d5f82b6434cced83261fef91d4b01e405684b9dc8070

HTTP Headers

GET /template/dfcc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:22 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:22 GMT
vary: Accept-Encoding
etag: W/"61d99ad6-d35"
expires: Tue, 31 Jan 2023 15:31:22 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
44525527c181a727eefa02a4e7ff1053
f43045a5e4cda55f5ede04be0b0fd42bbdf898ba
eaea670303ac29377639856d56c0a18117fecf41b180cf6316ae8c8fa3c41e04

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EAEA670303AC29377639856D56C0A18117FECF41B180CF6316AE8C8FA3C41E04"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20957
Expires: Tue, 31 Jan 2023 09:20:43 GMT
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

aooacctp.vip/lm/ynv100.gif

104.21.82.179

200 OK

89 kB

URL HTTP/2
aooacctp.vip/lm/ynv100.gif
IP
104.21.82.179:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 267 x 160\012- data
Size
89 kB (89034 bytes)
Hash
482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083

HTTP Headers

GET /lm/ynv100.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:31:26 GMT
content-type: image/gif
content-length: 89034
last-modified: Sun, 29 May 2022 06:37:35 GMT
etag: "629314af-15bca"
expires: Thu, 02 Feb 2023 13:33:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2383001
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jA57byQNeoucXnG3Bq4cFXZFFThKon4DN8tgEQIcvmTp3haefjmQKOL3UYvaZPD6wS%2BdtJP8OKeMC9qVvbPyl0R%2Bl3lz7c9tTUBiqVSbT%2FOs1SmHEw9uPHHzPoPjQL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f5fda6f17b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d77949c9f3deca5db233dc8a82daa419
233234b8aad441db6f49e4b8d1eac311f239da26
42c9ffefd5bcf3b694d8e878b471f2efdd73a127dd16a5e8f5037b2d1bdcd2fb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3937
Cache-Control: max-age=100353
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:26 GMT
Etag: "63d7612f-117"
Expires: Wed, 01 Feb 2023 07:23:59 GMT
Last-Modified: Mon, 30 Jan 2023 06:18:23 GMT
Server: ECS (amb/6B7B)
X-Cache: HIT
Content-Length: 279

s2.loli.net/2022/01/07/deGgwzf7Tly9S3b.gif

172.67.69.40

404 Not Found

14 kB

URL HTTP/2
s2.loli.net/2022/01/07/deGgwzf7Tly9S3b.gif
IP
172.67.69.40:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 630 x 557, 8-bit colormap, non-interlaced\012- data
Size
14 kB (14266 bytes)
Hash
2d65a379c6d17fb9a9a6e9ae5112e79e
3c81d9aefdc66c7c034bd83d8cf06a94782487ca
a810996e1b9632593734f13a465418280c6fc1ba72f1aff719577192dd47df85

HTTP Headers

GET /2022/01/07/deGgwzf7Tly9S3b.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Tue, 31 Jan 2023 03:31:26 GMT
content-type: image/png
content-length: 14266
etag: "61aa33ab-37ba"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1078748
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEUWdM70Qeno44WJ6k%2BPgh4A%2B6c%2FQJsNf437505XEJ3BPlrnUb1TxhFUkIbO1hwmQIvlVlW%2FKYJSNSu6aGsDyVmYSm4DGAmG60Gvem63KZtIfHxki3rWVPH3amfG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791f5fdaac39b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

95.101.10.107

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
72746d78a40b12bf630413c525699008
e15754d4878b25821e21f9b23aa3edce37f54eed
f31e34b37d2b585777b953ddfffdbc4dd4dade5711277686d137c0550074661f

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=871
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive
X-N: S

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
056476892c5a9bbe098e069493323759
a6b6dfb63cb7aa01be7f49cbb55c93f5ca60c646
4fe634a65ba477b9fcac520ab315b8804beb04c4861efe2a5396ef0baafda6b3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4FE634A65BA477B9FCAC520AB315B8804BEB04C4861EFE2A5396EF0BAAFDA6B3"
Last-Modified: Sun, 29 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Tue, 31 Jan 2023 09:31:22 GMT
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

dvcasha2.ocsp-certum.com/

95.101.10.107

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
0d437f2fbc927bb2f64d0abe8d29889c
1867e0f3b6013e5d235979790007c854c23cb616
f29d9a26b34cbd8b15af86b643dec3cbb389f187aa0a4dfc794a0c093e5d9bfd

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=56
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

dvcasha2.ocsp-certum.com/

95.101.10.107

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
0d437f2fbc927bb2f64d0abe8d29889c
1867e0f3b6013e5d235979790007c854c23cb616
f29d9a26b34cbd8b15af86b643dec3cbb389f187aa0a4dfc794a0c093e5d9bfd

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=56
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dd0194a0931e58766620b0a83ce9baeb
184abbbe50c323634525dfc17b1c44ab6e9e571a
80efc68ed5199f4803d7c9a7e0f8ed06df23d9553b220e79508dc0b36a0e5236

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EFC68ED5199F4803D7C9A7E0F8ED06DF23D9553B220E79508DC0B36A0E5236"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20560
Expires: Tue, 31 Jan 2023 09:14:06 GMT
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
6e7e094d6392b1228dd1791cd6d38b67
0fe614b5185800e01683fdfb79054b2d3b36e905
fc2069ebe7615f7db4c006e9b26c8f284da6bbdd6918ad1f21007521456dc71a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5545
Cache-Control: max-age=103062
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:26 GMT
Etag: "63d7657b-2d7"
Expires: Wed, 01 Feb 2023 08:09:08 GMT
Last-Modified: Mon, 30 Jan 2023 06:36:43 GMT
Server: ECS (amb/6B9F)
X-Cache: HIT
Content-Length: 727

ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98ebd5bfa1ba3a7403847fb59a28ad40
0ae0d1a1c4deabb94cf3ca3f271f3043cbff786b
6f419c9a2ea7d48d7a676e12fe254001945d733646fcc1789c096579b620e64f

HTTP Headers

POST /s/gts1p5/IOl1ekfxYGk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0

43.154.254.32

200 OK

62 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
62 kB (62229 bytes)
Hash
ee52eff8577d4346eca344892bd41406
5e2ad497a1866f71f088860d05f2b962e82a16e1
b1d685515a8e1186c3f5d4844256b95fcc83121fa45f29a2e58e852537332267

HTTP Headers

GET /qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 03:31:24 GMT
content-type: image/png
content-length: 62229
vary: Accept,Origin
last-modified: Tue, 19 Oct 2021 21:03:59 GMT
cache-control: max-age=2592000
x-delay: 15176 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 62229
chid: 0
fid: 0
x-nws-log-uuid: 47364f86-b43a-43f6-a4fc-aa5e857c812c
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
44525527c181a727eefa02a4e7ff1053
f43045a5e4cda55f5ede04be0b0fd42bbdf898ba
eaea670303ac29377639856d56c0a18117fecf41b180cf6316ae8c8fa3c41e04

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EAEA670303AC29377639856D56C0A18117FECF41B180CF6316AE8C8FA3C41E04"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20957
Expires: Tue, 31 Jan 2023 09:20:43 GMT
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d77949c9f3deca5db233dc8a82daa419
233234b8aad441db6f49e4b8d1eac311f239da26
42c9ffefd5bcf3b694d8e878b471f2efdd73a127dd16a5e8f5037b2d1bdcd2fb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 967
Cache-Control: max-age=97384
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:26 GMT
Etag: "63d7612f-117"
Expires: Wed, 01 Feb 2023 06:34:30 GMT
Last-Modified: Mon, 30 Jan 2023 06:18:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

www.tupku.top/lm/031815-80.gif

172.67.200.40

200 OK

1.6 MB

URL HTTP/2
www.tupku.top/lm/031815-80.gif
IP
172.67.200.40:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 500 x 281\012- data
Size
1.6 MB (1626999 bytes)
Hash
17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435

HTTP Headers

GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:31:26 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Wed, 01 Feb 2023 18:22:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2452073
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEwISZ5D48l6dhO4fL6%2FgI7uM%2Fc8xhQX89nZGy6CxM1dT8W%2FceVsplM1Syfd2iPuLR%2FEpekKi5uGnZ0ukyd4wxm0E5P%2FoCyqsHMLHWFNF86yu%2BLu5UcPrKerg%2BN2BX2i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f5fdbae73b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvexx.com/d2527f7b8c975443eead165505e089df.gif

45.150.164.88

301 Moved Permanently

162 B

URL HTTP/2
kvexx.com/d2527f7b8c975443eead165505e089df.gif
IP
45.150.164.88:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /d2527f7b8c975443eead165505e089df.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 31 Jan 2023 03:31:26 GMT
content-type: text/html
content-length: 162
location: https://kvtjjj.top/d2527f7b8c975443eead165505e089df.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mei.netlbtu.com/upload/art/gif/gfdt/071616_341-4.gif

45.89.208.114

200 OK

14 kB

URL HTTP/1.1
mei.netlbtu.com/upload/art/gif/gfdt/071616_341-4.gif
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Size
14 kB (13797 bytes)
Hash
e994db89370c07131c299b37e86e0906
3166f9925170c117be7c77602c26f45105cae06c
d9a139378357052913b2b57af565d38baef6f7a10ff1c0b58376e57a764f16df

HTTP Headers

GET /upload/art/gif/gfdt/071616_341-4.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: image/gif
Content-Length: 13797
Last-Modified: Wed, 09 Nov 2022 11:39:06 GMT
Connection: keep-alive
ETag: "636b915a-35e5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

mei.netlbtu.com/upload/art/gif/20200421/170511-1.mp4_1587324106344.gif

45.89.208.114

200 OK

13 kB

URL HTTP/1.1
mei.netlbtu.com/upload/art/gif/20200421/170511-1.mp4_1587324106344.gif
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 480x270, components 3\012- data
Size
13 kB (12943 bytes)
Hash
e1a576cbd51934165b0de029925eba4d
8225a3aa258bf5e6985492a834622a090376208f
7664f5c8b9e9611fc3d76c64ca431e0b96ba7d9bbc2ed1ebcc15b4037725b380

HTTP Headers

GET /upload/art/gif/20200421/170511-1.mp4_1587324106344.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: image/gif
Content-Length: 12943
Last-Modified: Wed, 09 Nov 2022 09:14:54 GMT
Connection: keep-alive
ETag: "636b6f8e-328f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
37595b31e16773cfd3c7bd194c252b7b
da8f9f0a74750faa6f1ae8601493d25d561ef8b3
516efa38e5ee5864bcd3aa5c9d81daaaffa5bf90bfb59b70278879f8bcafe2f6

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Fri, 03 Feb 2023 23:58:10 GMT
ETag: "da8f9f0a74750faa6f1ae8601493d25d561ef8b3"
Last-Modified: Mon, 30 Jan 2023 23:58:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 03:31:26 GMT
Age: 2603
X-Served-By: cache-qpg1252-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 33, 1
X-Timer: S1675135887.746293,VS0,VE1

ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98ebd5bfa1ba3a7403847fb59a28ad40
0ae0d1a1c4deabb94cf3ca3f271f3043cbff786b
6f419c9a2ea7d48d7a676e12fe254001945d733646fcc1789c096579b620e64f

HTTP Headers

POST /s/gts1p5/IOl1ekfxYGk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg

47.246.44.252

200 OK

98 kB

URL HTTP/2
cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg
IP
47.246.44.252:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
98 kB (98277 bytes)
Hash
c23b2edd3dce8616a9a723a26b2fd280
51451bb2e19c4f956b425221ede9cfdd90472a0e
4d47bba01041ef53fd4ee75b4c13e5730fe106b233a7a1b4e8e9f12fc7527f88

HTTP Headers

GET /img/ibank/2020/865/518/22902815568_1738432517.jpg HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 98277
date: Fri, 30 Dec 2022 15:58:08 GMT
last-modified: Thu, 15 Sep 2022 08:05:49 GMT
picasso-ret-code: SUCCESS
request-time: 0.094
traceid: 2ff62b2016724158887338733e
expires: Sat, 30 Dec 2023 15:58:08 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1672415889
via: cache9.l2de2[0,0,200-0,H], cache6.l2de2[1,0], cache1.se1[0,0,200-0,H], cache8.se1[1,0]
access-control-allow-origin: *
age: 2719997
x-cache: HIT TCP_MEM_HIT dirn:4:207217216
x-swift-savetime: Fri, 30 Dec 2022 16:01:28 GMT
x-swift-cachetime: 31535801
timing-allow-origin: *
eagleid: 2ff62c9c16751358867402336e
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
19b5baa9b517a1c32c4011b9be784c22
59e8f2532fbda31bb6617f7921885c0b9c17856f
a4f5f6acd49c59afa867ef57f29ca3e474bcff7cf41e1c5a1eee9ed9284d8d2f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F5F6ACD49C59AFA867EF57F29CA3E474BCFF7CF41E1C5A1EEE9ED9284D8D2F"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17491
Expires: Tue, 31 Jan 2023 08:22:57 GMT
Date: Tue, 31 Jan 2023 03:31:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
6e7e094d6392b1228dd1791cd6d38b67
0fe614b5185800e01683fdfb79054b2d3b36e905
fc2069ebe7615f7db4c006e9b26c8f284da6bbdd6918ad1f21007521456dc71a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=97517
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:26 GMT
Etag: "63d7657b-2d7"
Expires: Wed, 01 Feb 2023 06:36:43 GMT
Last-Modified: Mon, 30 Jan 2023 06:36:43 GMT
Server: nginx
Content-Length: 727

mei.netlbtu.com/upload/art/gif/gfdt/746bfd5d31fc37377d.gif

45.89.208.114

200 OK

20 kB

URL HTTP/1.1
mei.netlbtu.com/upload/art/gif/gfdt/746bfd5d31fc37377d.gif
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 560x314, components 3\012- data
Size
20 kB (19506 bytes)
Hash
ad1f30d4930167d4eff601f3fee06b8d
b0fa5f060045cad3ae25d6ce6e00758668a31f00
5605d7b7176cda10fc43bfe3ef7c57efda471a1d0ed5092aaca9e8426c747032

HTTP Headers

GET /upload/art/gif/gfdt/746bfd5d31fc37377d.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: image/gif
Content-Length: 19506
Last-Modified: Wed, 09 Nov 2022 09:12:48 GMT
Connection: keep-alive
ETag: "636b6f10-4c32"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
0dc4c31258691ca9bd3d3f2e198a8507
846f49af12422184a374389d3b5ecc6ab88fc961
14ffd382177e95d0d8d7bfa18f25ca26ebf7b6e56f240bd159ee7c8627236dec

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 22:45:43 GMT
Expires: Fri, 03 Feb 2023 22:45:42 GMT
Etag: "846f49af12422184a374389d3b5ecc6ab88fc961"
Cache-Control: max-age=327855,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791f5fdc4b2cb50b-OSL

2366317ccc.com/6a3dd43a708341718e1b8fdf7d66f5d8.gif

45.61.212.46

200 OK

144 kB

URL HTTP/1.1
2366317ccc.com/6a3dd43a708341718e1b8fdf7d66f5d8.gif
IP
45.61.212.46:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 750 x 240\012- data
Size
144 kB (144539 bytes)
Hash
ac5309c05abfecab8a80362b19b64f60
b777d5f099fd8f82eb58e192335555473cebb102
8449e5611d932bc9cfaf4f5ec5e87ecf660d48b975ddb3566df7ead49978a446

HTTP Headers

GET /6a3dd43a708341718e1b8fdf7d66f5d8.gif HTTP/1.1
Host: 2366317ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c656ae-2349b"
Date: Wed, 25 Jan 2023 01:10:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 17 Jan 2023 08:05:02 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 144539

n0622.com/8c5bc25fea194e1ab37cb8c0b2395357.gif

18.143.107.111

200 OK

283 kB

URL HTTP/1.1
n0622.com/8c5bc25fea194e1ab37cb8c0b2395357.gif
IP
18.143.107.111:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 960 x 120\012- data
Size
283 kB (282913 bytes)
Hash
e5e45b1fdf45915345965a07d0e4ad05
a7aaac92430fe423edacde9bff09c216e8aa5908
f485d7de51c5792fe1a1d18097932d7846356703265d2ba2ead1a4c66fdf09ec

HTTP Headers

GET /8c5bc25fea194e1ab37cb8c0b2395357.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:25 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 08 Jan 2023 13:32:52 GMT
ETag: W/"63bac604-68594"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

dvcasha2.ocsp-certum.com/

95.101.10.107

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
44f3590e29a2b0439ade2801b755f03d
9af0f2f10f492c41c4e6e33636977e114fc6bd03
8325ac69807344228b6a72a66bb3c9b290a7e2f6e7951269687f419b0f8d9c81

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 31 Jan 2023 03:31:27 GMT
Connection: keep-alive
X-N: S

pic.rmb.bdstatic.com/bjh/a31230445806508a2ce196f4072d2dff.gif

185.10.104.115

200 OK

902 kB

URL HTTP/2
pic.rmb.bdstatic.com/bjh/a31230445806508a2ce196f4072d2dff.gif
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 980 x 100\012- data
Size
902 kB (902269 bytes)
Hash
a31230445806508a2ce196f4072d2dff
01e87d5028860d7840bcf60ae6e4b64709734e54
befa1e0a9fad11791acfd2881e781e55f68ca964cafcbb68a4c19d3cc14dea6b

HTTP Headers

GET /bjh/a31230445806508a2ce196f4072d2dff.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 31 Jan 2023 03:31:26 GMT
content-type: image/gif
content-length: 902269
expires: Sat, 07 Jan 2023 21:21:55 GMT
last-modified: Sun, 01 May 2022 03:09:14 GMT
etag: "a31230445806508a2ce196f4072d2dff"
age: 2049876
accept-ranges: bytes
content-md5: oxIwRFgGUIos4Zb0By0t/w==
x-bce-content-crc32: 1513522899
x-bce-debug-id: O7Gi5XpPtuVUvaMZ4WJHM0isgFgTQ9qDht7irECU5SPxsmpFxJCWa2spuPnwKMWE4Ee2wAV8zjLiWh8bkdPx0A==
x-bce-request-id: 7470e3a6-fafd-4347-a1ca-39aa502ade7c
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 21:21:55 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache50 [4], suzix135 [2]
ohc-file-size: 902269
x-cache-status: HIT
X-Firefox-Spdy: h2

img.krkfp.com/img/1.jpg

172.247.222.51

200 OK

16 kB

URL HTTP/1.1
img.krkfp.com/img/1.jpg
IP
172.247.222.51:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 352x198, components 3\012- data
Size
16 kB (16459 bytes)
Hash
332e372126585ebcb1a39313b52cd63f
68588752c6a07c6ea01369754556a5386c2c5134
82950ea6f845b5ee30278736b468ddbe848191c37caae800d385282814c5bd35

HTTP Headers

GET /img/1.jpg HTTP/1.1
Host: img.krkfp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 03:29:24 GMT
Content-Type: image/jpeg
Content-Length: 16459
Last-Modified: Thu, 08 Dec 2022 11:52:30 GMT
Connection: keep-alive
ETag: "6391cffe-404b"
Expires: Thu, 02 Mar 2023 03:29:24 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
3321a01f05e04629f40593e7b885fd8f
da065e49ac9a969915a5e465e2e92614f8a6eb57
7e55c9a809bee2725026ebde818df2a8ea659aa7cb90a8b0ac7a51d13e655e2d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=152617
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:27 GMT
Etag: "63d83cb8-2d7"
Expires: Wed, 01 Feb 2023 21:55:04 GMT
Last-Modified: Mon, 30 Jan 2023 21:55:04 GMT
Server: nginx
Content-Length: 727

zhibo128x.xyz/128/960x120.gif

154.83.25.141

200 OK

417 kB

URL HTTP/1.1
zhibo128x.xyz/128/960x120.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 120\012- data
Size
417 kB (417166 bytes)
Hash
13c9b946edcde7ff1343201a30e2fd46
c58983acbb24dfd174e7e033c3054b9e5036cb7b
8e817dd37cc60ddd6de4dab6f55edf1132b6793ed7d391de2dd9200cd215a926

HTTP Headers

GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 03:28:46 GMT
Content-Type: image/gif
Content-Length: 417166
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 21:11:51 GMT
ETag: "63b5eb97-65d8e"
Expires: Fri, 03 Feb 2023 21:14:05 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c

47.246.44.226

200 OK

264 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 600 x 180\012- data
Size
264 kB (264457 bytes)
Hash
8007c032862a58981996db2a62e644b1
ee7ababa5a4baf364669f160b1d26601ac8d947a
f1171e7ede87b61f3470e61f48e759b3b6f46bb5162b614b93210801c0955d89

HTTP Headers

GET /obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 264457
date: Sat, 28 Jan 2023 12:03:13 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 28 Jan 2023 07:51:01 GMT
nw-session-id: 2023012815510134CB009BF39888F0DA5Bn2gsx02dy
nw-session-trace: 2023-01-28T15:51:01.922164306+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 264457
x-powered-by: ImageX
x-response-date: Sat, 28 Jan 2023 15:51:01 GMT
x-tt-logid: 2023012815510134CB009BF39888F0DA5B
via: n204-100-014, cache14.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[2,0], cache2.se1[0,0,200-0,H], cache8.se1[2,0]
x-request-ip: fdbd:dc01:27:155::141
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 010b79fb233ecc212f8111619c222eeff1af6dfb466b49c8e9e56a89a9bb51d72aaaf82342278e1f9f5108a02d8eab5692286ea162f1720f27ce1741edead5238fff55a0e71a01d87deedee66710d265c3cb95212175e3ec2c802d309e0581a703
x-response-lb: image
ali-swift-global-savetime: 1674907394
age: 228493
x-cache: HIT TCP_MEM_HIT dirn:11:38193722
x-swift-savetime: Sat, 28 Jan 2023 15:00:15 GMT
x-swift-cachetime: 31525379
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16751358871212456e
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a

47.246.44.226

200 OK

147 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 120\012- data
Size
147 kB (146647 bytes)
Hash
3e19d4a109f5442429ab120014d83932
9b3ab408c1543c2a812d99f985ec7f014eb239ee
69a725e47512725f942332b0729ad94fe477f82b0d93055f5265793815bfa4a6

HTTP Headers

GET /obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 146647
date: Sat, 17 Dec 2022 12:44:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 17 Dec 2022 11:05:17 GMT
nw-session-id: 20221217190517010212075088049EE35Fpwrzh01dy
nw-session-trace: 2022-12-17T19:05:17.505827354+08:00 60
x-bdcdn-cache-status: TCP_HIT
x-length: 146647
x-powered-by: ImageX
x-response-date: Sat, 17 Dec 2022 19:05:17 GMT
x-tt-logid: 20221217190517010212075088049EE35F
via: n204-098-222, cache23.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache7.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc01:26:318::66
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 011f3179f65e79bd56134347320851a7aea6e0a18bf2c1c23c6d8014804fa9b0190235d5d93772c680138c643463983506d475df3a8b72e78a121b4f4f35ee7fedfab41d1744bafee7a1a00aacfbc0761d667083177ceac1c0964125934b59ee2b
x-response-lb: image
ali-swift-global-savetime: 1671281072
age: 3854815
x-cache: HIT TCP_MEM_HIT dirn:11:346634073
x-swift-savetime: Sat, 17 Dec 2022 13:21:53 GMT
x-swift-cachetime: 31533759
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16751358871312463e
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481

47.246.44.226

200 OK

562 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
IP
47.246.44.226:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 80\012- data
Size
562 kB (561802 bytes)
Hash
6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05

HTTP Headers

GET /obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Sat, 28 Jan 2023 11:44:59 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 27 Jan 2023 17:06:10 GMT
nw-session-id: 2023012801061093BF4DBF2AACBEBCEEDE5tf9c03dy
nw-session-trace: 2023-01-28T01:06:10.952480452+08:00 15
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Sat, 28 Jan 2023 01:06:10 GMT
x-tt-logid: 2023012801061093BF4DBF2AACBEBCEEDE
via: n150-056-038, cache5.l2de2[781,781,206-0,M], cache15.l2de2[783,0], cache15.l2de2[783,0], cache3.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc02:19:497::47
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015753073c6eb795804c878ce4635158b0f13534015d81968f15dcb9dea7a0479dd41bed233615ec2f8252875a780afa6737fafbd94ad7d8813e55d9e7dec41a49f936e1da5720524bd44e8931158272d421a90d85e12bfc7c363d4ae408bee428
x-response-lb: image
ali-swift-global-savetime: 1674906299
age: 229588
x-cache: HIT TCP_MEM_HIT dirn:11:125132182 mlen:0
x-swift-savetime: Sat, 28 Jan 2023 11:44:59 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16751358871242458e
X-Firefox-Spdy: h2

qppicture.oss-cn-shanghai.aliyuncs.com/xjimg/1419gif960x60.gif

106.14.229.206

200 OK

64 kB

URL HTTP/1.1
qppicture.oss-cn-shanghai.aliyuncs.com/xjimg/1419gif960x60.gif
IP
106.14.229.206:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
64 kB (64508 bytes)
Hash
c677e519fd2423d46d35b94059a1fa98
48f44e8cf932859a331edf203f6109a7d521314c
b470ee84eee1f73dfd2f3660ea8620fea1818bce9420efb7543e7353a7612578

HTTP Headers

GET /xjimg/1419gif960x60.gif HTTP/1.1
Host: qppicture.oss-cn-shanghai.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: image/gif
Content-Length: 64508
Connection: keep-alive
x-oss-request-id: 63D88B8EA50D773636BBCFEE
Accept-Ranges: bytes
ETag: "C677E519FD2423D46D35B94059A1FA98"
Last-Modified: Sun, 01 Jan 2023 09:56:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11255473868077813000
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: xnflGf0kI9RtNblAWaH6mA==
x-oss-server-time: 2

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
7645b7f91947e119bbb45b125b254071
0585265cc97324a7bb4f57187be37297243136c3
d49fa72b7ecfb25bee6b08c06a669b44bc1e0bc3fb7e27b66e297eddf8950e11

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 31 Jan 2023 03:17:05 GMT
last-modified: Sat, 28 Jan 2023 05:47:53 GMT
expires: Sat, 04 Feb 2023 05:47:52 GMT
etag: "0585265cc97324a7bb4f57187be37297243136c3"
cache-control: max-age=602477,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 791f4ad28a6f9153-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675135025
via: cache15.l2de2[0,0,304-0,H], cache15.l2de2[0,0], cache1.se1[81,81,200-0,H], cache5.se1[82,0], cache5.se1[85,0]
age: 862
x-cache: HIT TCP_REFRESH_HIT dirn:11:278453522
x-swift-savetime: Tue, 31 Jan 2023 03:31:27 GMT
x-swift-cachetime: 938
timing-allow-origin: *, *
eagleid: 2ff62c9916751358871466991e, 2ff62c9916751358871466991e

kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif

13.227.254.99

200 OK

354 kB

URL HTTP/2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
13.227.254.99:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 960 x 60\012- data
Size
354 kB (354278 bytes)
Hash
c6442fd82dd00372e745f394887172f2
dc8ce1d9b050eb7b70c1e47e815169c8ffdc77b9
813a5a49ef0682cdb74754e84f7b5d0159392b1fef69ec06e2875388e97d8843

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 354278
last-modified: Mon, 19 Dec 2022 07:47:28 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 31 Jan 2023 03:03:23 GMT
etag: "c6442fd82dd00372e745f394887172f2"
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 69WcoopFSEUHvtOJ8GLnTK-I3jwDjw6OsdSXcJvNZBNd9Z76cCslVw==
age: 1684
X-Firefox-Spdy: h2

66668aaa.com/cfaa9fc50d8842acb36dafc66b00f08b.gif

45.61.212.59

200 OK

857 kB

URL HTTP/1.1
66668aaa.com/cfaa9fc50d8842acb36dafc66b00f08b.gif
IP
45.61.212.59:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
857 kB (857145 bytes)
Hash
cf250ba4debf89cc57f49709d7cb73b0
ef7b4219780eedca6dde0a5b46278cd8120bf00f
952f1be23b3fc8df89b231db9a483f55ccd73486d8fe3e71c07e70405cbd4d4a

HTTP Headers

GET /cfaa9fc50d8842acb36dafc66b00f08b.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c6b33d-d1439"
Date: Wed, 25 Jan 2023 13:52:42 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 17 Jan 2023 14:39:57 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-29
Content-Length: 857145

dvcasha2.ocsp-certum.com/

95.101.10.107

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
f3736b6171f4acf3720d800b7ac6321d
7ff82f0d3182a636cbc09604aeb39bf9765e4402
564d9dd7dc3dc7fdbea28bdb067408e3e35787637b2c27c807da11501a994c1d

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=850
Date: Tue, 31 Jan 2023 03:31:27 GMT
Connection: keep-alive
X-N: S

img.krkfp.com/img/3.jpg

172.247.222.51

200 OK

49 kB

URL HTTP/1.1
img.krkfp.com/img/3.jpg
IP
172.247.222.51:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 856x480, components 3\012- data
Size
49 kB (48860 bytes)
Hash
fe9e2793b36a3ab5986dab1606df351a
e8417e0b1c8d20538043e379ab492c40da19015d
8928fdfa84bbfb16663052f844c4fc37363aa2e2caa6f0a7d93de39a159de03a

HTTP Headers

GET /img/3.jpg HTTP/1.1
Host: img.krkfp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 03:29:24 GMT
Content-Type: image/jpeg
Content-Length: 48860
Last-Modified: Thu, 08 Dec 2022 11:52:29 GMT
Connection: keep-alive
ETag: "6391cffd-bedc"
Expires: Thu, 02 Mar 2023 03:29:24 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7490e6edc76d9175140d3082c7e64f7b
22a1369923dd04d93cc074c9a3b53c9c6a68f4a3
c045b345598f3ae15bef3848f09ca22e0c6a7820ff88c160c95cbaa9d47fa665

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 02:32:05 GMT
ETag: "22a1369923dd04d93cc074c9a3b53c9c6a68f4a3"
Last-Modified: Tue, 31 Jan 2023 02:32:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f5fdcfd47b524-OSL

kzeoo.com/39ece0ec38182f6a9c5191222a2a17bd.gif

172.83.155.45

200 OK

452 kB

URL HTTP/2
kzeoo.com/39ece0ec38182f6a9c5191222a2a17bd.gif
IP
172.83.155.45:0
ASN
#201106 Spartan Host Ltd

File type
GIF image data, version 89a, 1000 x 70\012- data
Size
452 kB (451650 bytes)
Hash
d36b47fd223d12e145bef662950636ca
e4a8fcb7fc1cd333568eba0beb86d21c7134d33d
38eb2d417d15a38f262f8cce57c2ce0deb020c3d2823332c4cb760d87c39db8a

HTTP Headers

GET /39ece0ec38182f6a9c5191222a2a17bd.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:26 GMT
content-type: image/gif
content-length: 451650
last-modified: Fri, 19 Aug 2022 17:02:33 GMT
etag: "62ffc229-6e442"
expires: Tue, 31 Jan 2023 15:31:26 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 348638
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwFzSvqzyTPcLcaZNJYZKCmk96A39UjtQdbUOJhrTk1rj1d0B66Cpk5iqcuBedrOcP6oh8kSpHQwqOvHcF08sTZ%2BB2yfGgXIOKT6AI7SDSZ7wAuD3eok8SCpuDcy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 791a283e6ce6c772-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image

4.34.42.103

200 OK

807 kB

URL HTTP/2
p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image
IP
4.34.42.103:0
ASN
#3356 LEVEL3

File type
GIF image data, version 89a, 400 x 420\012- data
Size
807 kB (806826 bytes)
Hash
ce6a32bc15190689f6891ff7973e913f
99a64f0bdb4351f86032d9b1c9d9079ea6667cc8
18cdc10ae1ad7de191dd2adc346add24ded8e35c69f25a63bb91c928fe837331

HTTP Headers

GET /img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 806826
date: Mon, 25 Jul 2022 09:10:29 GMT
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 31 Mar 2022 10:03:03 GMT
nw-session-id: 2022033118030201019409901840A77C0Endgts03la
nw-session-trace: 2022-03-31T18:03:03.257713369+08:00 344
x-bdcdn-cache-status: TCP_HIT
x-length: 806826
x-powered-by: ImageX
x-response-date: Thu, 31 Mar 2022 18:03:03 GMT
x-tt-logid: 2022033118030201019409901840A77C0E
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-lb: image
x-ser: BC177_dx-lt-yd-zhejiang-jinhua-12-cache-13, BC177_dx-lt-yd-zhejiang-jinhua-12-cache-13, BC6_US-Michigan-chieago-1-cache-1, BC102_US-Colorado-Denver-1-cache-1
x-cache: HIT from BC102_US-Colorado-Denver-1-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=1
access-control-allow-origin: *
timing-allow-origin: *
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
X-Firefox-Spdy: h2

kvegg.com/6c2bdfc52ef6d8572dcf0d370f891c1f.gif

172.83.155.45

200 OK

103 kB

URL HTTP/2
kvegg.com/6c2bdfc52ef6d8572dcf0d370f891c1f.gif
IP
172.83.155.45:0
ASN
#201106 Spartan Host Ltd

File type
GIF image data, version 89a, 180 x 180\012- data
Size
103 kB (103315 bytes)
Hash
1c5964f75be8302dd87def5ab80b1e56
b69009eaa2bea4c2b7dfc5cbbb219e99320499a5
d057519306b8ee0bcc39bdfc76784a78162d627171054209a742c52d83ca3fe2

HTTP Headers

GET /6c2bdfc52ef6d8572dcf0d370f891c1f.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:26 GMT
content-type: image/gif
content-length: 103315
last-modified: Wed, 07 Dec 2022 06:27:53 GMT
etag: "63903269-19393"
expires: Tue, 31 Jan 2023 15:31:26 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqQwhfAcI%2BBLjDabPxOlpCkkxoQrf2GUkq%2FrwoJxSpUaEFpxkCHc7%2ByUQa0nRWdZE8eXTWnAvN4A2Rg%2BSEH%2BG3%2Fj8JV1ChbfOvJXoMzms1tEIxoYZEf2AnmgDx%2BM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 791a334c8e20306c-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

p9.toutiaoimg.com/origin/pgc-image/440e4613c87e49aaa978851137a2e2cb

4.34.42.103

200 OK

87 kB

URL HTTP/2
p9.toutiaoimg.com/origin/pgc-image/440e4613c87e49aaa978851137a2e2cb
IP
4.34.42.103:0
ASN
#3356 LEVEL3

File type
GIF image data, version 89a, 960 x 120\012- data
Size
87 kB (86697 bytes)
Hash
c93b3ed293066d747d880ea368f305c3
7847cf128db1b0cc6f25cbfb54125348bf6dda97
79a2ddaa98a1421d78798163acdce3928ac97d2f63e5a7a64ff011180661a2b3

HTTP Headers

GET /origin/pgc-image/440e4613c87e49aaa978851137a2e2cb HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 86697
date: Mon, 12 Dec 2022 11:29:41 GMT
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 01 Oct 2022 07:02:23 GMT
nw-session-id: 202210011502230101580290973524D9F3w9r7n01tt
nw-session-trace: 2022-10-01T15:02:23.478621019+08:00 41
x-bdcdn-cache-status: TCP_MISS
x-length: 86697
x-powered-by: ImageX
x-response-date: Sat, 01 Oct 2022 15:02:23 GMT
x-tt-logid: 202210011502230101580290973524D9F3
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
x-response-lb: image
x-ser: BC199_dx-lt-yd-jiangsu-huaian-8-cache-10, BC6_US-Georgia-atlanta-1-cache-2, BC103_US-Colorado-Denver-1-cache-1
x-cache: HIT from BC103_US-Colorado-Denver-1-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=1
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
54e598f215a9582b7fe9fd5f81f0a99f
7688a481163df144d1b497fb945c002b25e6c237
060f0114a5642881afa693ad0455755b314634627fca0e2ded34f31b6cce80ee

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "060F0114A5642881AFA693AD0455755B314634627FCA0E2DED34F31B6CCE80EE"
Last-Modified: Mon, 30 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8091
Expires: Tue, 31 Jan 2023 05:46:18 GMT
Date: Tue, 31 Jan 2023 03:31:27 GMT
Connection: keep-alive

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
eb285b25f5b424d0c914fdf0bdca1e5a
4ea84bfaaee29fbfe3ec19901aabc6b8a4cd8af6
c5425d5aef2ea0935a90e651704f746578f50979c7e8f2532a552244f34687ef

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 31 Jan 2023 03:31:27 GMT
Last-Modified: Mon, 30 Jan 2023 21:24:55 GMT
ETag: "63d835a7-1d7"
Expires: Wed, 01 Feb 2023 21:24:55 GMT
Cache-Control: max-age=150808
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675135887
Via: cache3.l2de2[193,193,200-0,M], cache3.l2de2[194,0], cache7.se1[216,216,200-0,M], cache7.se1[218,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 31 Jan 2023 03:31:27 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16751358872146495e

kvtjjj.top/d2527f7b8c975443eead165505e089df.gif

172.67.217.8

200 OK

173 kB

URL HTTP/2
kvtjjj.top/d2527f7b8c975443eead165505e089df.gif
IP
172.67.217.8:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
173 kB (173022 bytes)
Hash
0150d0f30376c3b95a72b139841a67ef
06a0ce0cc79d843e351750e5aed2da29e108b8a1
44cd0d11592ab967d2d9cb1fd48e69b98cac0998bc78f95e1427cd96ab849066

HTTP Headers

GET /d2527f7b8c975443eead165505e089df.gif HTTP/1.1
Host: kvtjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.henniu498.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:31:27 GMT
content-type: image/gif
content-length: 173022
last-modified: Sat, 07 Jan 2023 13:29:54 GMT
etag: "63b973d2-2a3de"
expires: Fri, 24 Feb 2023 23:32:32 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 446335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exlyuIg%2BsuJrKMi%2F62m3OukhuPyCrdTVEy3522ENrqOOFP6kekNKJpgGnAVtUTjREiTGtiL2U5uU2mck%2BrNGpDO8VTAyJcbuuTExz%2B78SNeEFN%2BoJ7TrppM2pU8J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f5fe0dfc4b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg

45.89.208.114

200 OK

465 kB

URL HTTP/1.1
ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=120, yresolution=120], baseline, precision 8, 1280x720, components 3\012- data
Size
465 kB (464670 bytes)
Hash
ba0bc684cabb92a694d67237b2637887
cf57fb92bcca91174e038eb25b9fcd4c36af9a49
07de171b4735f70b00021bf230231faf69573e9e90e60b3974aeae196375a27d

HTTP Headers

GET /upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: image/jpeg
Content-Length: 464670
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 16:45:06 GMT
ETag: "620d2a12-7171e"
Expires: Thu, 02 Mar 2023 03:31:26 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0

43.154.254.32

200 OK

1.6 MB

URL HTTP/2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 640 x 200\012- data
Size
1.6 MB (1607696 bytes)
Hash
9c26f4dcfdfa72ecdcbe3ea854547b4c
fed85b90734400d6810be2b07403f5c8a194a507
ebd842d015d6684a6995a73f1e81f0dea219815318f8993501da9ca79cca74d2

HTTP Headers

GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 03:31:25 GMT
content-type: image/gif
content-length: 1607696
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:45 GMT
cache-control: max-age=2592000
x-delay: 749 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1607696
chid: 0
fid: 0
x-nws-log-uuid: ce5ecd34-9417-4ff4-907f-b83ccbeeb70f
X-Firefox-Spdy: h2

p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0

43.154.254.32

200 OK

1.4 MB

URL HTTP/2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 640 x 200\012- data
Size
1.4 MB (1362871 bytes)
Hash
b43c54ced7fcd33ebd9405eb26d533b7
05e5eb23ef5a79364bc8f8fd778d54a9fa335174
7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2

HTTP Headers

GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 03:31:24 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 688 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 347a3f10-5a1f-41f1-bd4b-4c45fa4aaf47
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7490e6edc76d9175140d3082c7e64f7b
22a1369923dd04d93cc074c9a3b53c9c6a68f4a3
c045b345598f3ae15bef3848f09ca22e0c6a7820ff88c160c95cbaa9d47fa665

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 02:32:05 GMT
ETag: "22a1369923dd04d93cc074c9a3b53c9c6a68f4a3"
Last-Modified: Tue, 31 Jan 2023 02:32:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f5fe03e620b61-OSL

8499583.com/8499/150x150.gif

23.225.237.34

200 OK

185 kB

URL HTTP/2
8499583.com/8499/150x150.gif
IP
23.225.237.34:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 150 x 150\012- data
Size
185 kB (185171 bytes)
Hash
09b278a0ce767cdcdc3b9be868a94320
b69d4a2345f4d5ae6cc772a70456ea7aea74ce95
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0

HTTP Headers

GET /8499/150x150.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:31:27 GMT
content-type: image/gif
content-length: 185171
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "2d353-5f0e00094173c"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif

13.227.254.5

200 OK

400 kB

URL HTTP/2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
13.227.254.5:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 960 x 60\012- data
Size
400 kB (400264 bytes)
Hash
b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 14:19:46 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: QFo4NtOhpJbL8YzliOiLzeEgl8wm-nHTIVV3WjP2CcjVkHiziMZIEg==
age: 47501
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
54e598f215a9582b7fe9fd5f81f0a99f
7688a481163df144d1b497fb945c002b25e6c237
060f0114a5642881afa693ad0455755b314634627fca0e2ded34f31b6cce80ee

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "060F0114A5642881AFA693AD0455755B314634627FCA0E2DED34F31B6CCE80EE"
Last-Modified: Mon, 30 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8001
Expires: Tue, 31 Jan 2023 05:44:48 GMT
Date: Tue, 31 Jan 2023 03:31:27 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
6d1342db9e539e8bb149198b74677873
a8a62f742f1c8af48d793483631b069e889d2287
9d3d0579738c6442e220b37a1e993fa59cf23d348507855172db15e8aa71dcde

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:27 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 22:25:01 GMT
Expires: Sun, 05 Feb 2023 22:25:00 GMT
Etag: "a8a62f742f1c8af48d793483631b069e889d2287"
Cache-Control: max-age=499412,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791f5fe0dd49b50b-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
056476892c5a9bbe098e069493323759
a6b6dfb63cb7aa01be7f49cbb55c93f5ca60c646
4fe634a65ba477b9fcac520ab315b8804beb04c4861efe2a5396ef0baafda6b3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4FE634A65BA477B9FCAC520AB315B8804BEB04C4861EFE2A5396EF0BAAFDA6B3"
Last-Modified: Sun, 29 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Tue, 31 Jan 2023 09:31:22 GMT
Date: Tue, 31 Jan 2023 03:31:27 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
abb5258387c61d0f01fa3515641a9147
9dff8dd7a607df3e55d1e1a42b483c5dfef3925f
c79c5d0d36db6ea1ed847f6d742e2a086c4652c8f1f4b7ed6a7462154a5420aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:31:27 GMT
Etag: "63d7c0ef-2d7"
Server: ECS (amb/6B7B)
Content-Length: 727

ky891.oss-cn-shenzhen.aliyuncs.com/891-960x120.gif

120.77.166.22

200 OK

407 kB

URL HTTP/1.1
ky891.oss-cn-shenzhen.aliyuncs.com/891-960x120.gif
IP
120.77.166.22:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 120\012- data
Size
407 kB (407212 bytes)
Hash
0f175e48fc5d3c25093bba6f5e2a8357
d5882f0d778cd7f455833093d0bc26e918b271f9
0b4254d3e3af56cf6e7c8ce9dd05cac2d4683310b0047c9430f3f79b7f71b3a5

HTTP Headers

GET /891-960x120.gif HTTP/1.1
Host: ky891.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 31 Jan 2023 03:31:26 GMT
Content-Type: image/gif
Content-Length: 407212
Connection: keep-alive
x-oss-request-id: 63D88B8E54280A353368954A
Accept-Ranges: bytes
ETag: "0F175E48FC5D3C25093BBA6F5E2A8357"
Last-Modified: Mon, 02 Jan 2023 14:11:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14239271872762606610
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: DxdeSPxdPCUJO7pvXiqDVw==
x-oss-server-time: 2

img.9376x.com/images/63664dfd09d6345f4f98bebe.gif

3.36.126.81

302 Found

1.4 kB

URL HTTP/2
img.9376x.com/images/63664dfd09d6345f4f98bebe.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type
data
Size
1.4 kB (1432 bytes)
Hash
7490e6edc76d9175140d3082c7e64f7b
22a1369923dd04d93cc074c9a3b53c9c6a68f4a3
c045b345598f3ae15bef3848f09ca22e0c6a7820ff88c160c95cbaa9d47fa665

HTTP Headers

GET /images/63664dfd09d6345f4f98bebe.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7490e6edc76d9175140d3082c7e64f7b
22a1369923dd04d93cc074c9a3b53c9c6a68f4a3
c045b345598f3ae15bef3848f09ca22e0c6a7820ff88c160c95cbaa9d47fa665

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 02:32:05 GMT
ETag: "22a1369923dd04d93cc074c9a3b53c9c6a68f4a3"
Last-Modified: Tue, 31 Jan 2023 02:32:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f5fdecc42b527-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
08e324c29cc6128a3d352bc9ffca228f
89ff7b3dcbb88957c6aee4ff3dd9e969850c7818
6fd2e21cc230f7871401bbe214c5aaa4c5c630004f36a49f2cb055af95767336

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:32:33 GMT
Expires: Mon, 06 Feb 2023 04:32:32 GMT
Etag: "89ff7b3dcbb88957c6aee4ff3dd9e969850c7818"
Cache-Control: max-age=521463,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791f5fe66cc3b517-OSL

gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif

211.97.85.198

200 OK

400 kB

URL HTTP/1.1
gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
IP
211.97.85.198:0
ASN
#140886 UNICOM Guangxi province network

File type
GIF image data, version 89a, 960 x 60\012- data
Size
400 kB (399450 bytes)
Hash
4e1e4b8f46ac2e67539d5881785ba29a
7d3c9c963087ffc8c196cb7e67629342027a8a45
4c9cc489a2e26500ace73c53ce05bdfa52876a8700b7e9e73c1554187acefb0d

HTTP Headers

GET /ky960x60.gif HTTP/1.1
Host: gtm-cn-j6730u6sd0b.gtm-a3b8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Etag: "4e1e4b8f46ac2e67539d5881785ba29a"
Content-Type: image/gif
Date: Mon, 30 Jan 2023 07:03:15 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 10945751995987991778
x-cos-request-id: NjNkNzZiYjNfNzk1NGU0MDlfMmIwM2NfM2UzMTY4Mw==
Accept-Ranges: bytes
Last-Modified: Thu, 29 Dec 2022 12:09:17 GMT
Content-Length: 399450
X-NWS-LOG-UUID: 16085410502790515431
Connection: keep-alive
X-Cache-Lookup: Cache Hit, Hit From Inner Cluster

p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image

182.118.39.167

200 OK

301 kB

URL HTTP/2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP
182.118.39.167:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
GIF image data, version 89a, 120 x 120\012- data
Size
301 kB (301024 bytes)
Hash
924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf

HTTP Headers

GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:31:28 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 915216
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 14 Jan 2023 22:34:31 GMT
nw-session-id: 202301150634315B44256938F2929E90BCw5bdx02tt
nw-session-trace: 2023-01-15T06:34:31.965834401+08:00 88
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 15 Jan 2023 06:34:31 GMT
x-response-lb: image
x-tt-logid: 202301150634315B44256938F2929E90BC
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=4
via: CHN-HAzhengzhou-AREACUCC1-CACHE1[4],CHN-HAzhengzhou-AREACUCC1-CACHE15[0,TCP_HIT,2],CHN-JSwuxi-GLOBAL5-CACHE18[3],CHN-JSwuxi-GLOBAL5-CACHE33[0,TCP_HIT,2],n132-067-174
x-hcs-proxy-type: 1
x-request-ip: fdbd:dc03:11:538::86
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-tt-trace-host: 01313c93dee2177653842d57191f7e79a14cfab173bb16c2316919a1281ee3182a8aff106d2f89bbd162d89138e06cfc6af5e4ae36cb18d6b8bccf5b24c0f374ecc0f1de224b8e5e48e41b1962740b86809ff20e06943ee2112a4d4f615c6534002602868181f8fd32ceb8e7683c46307837e0ec7764bc0c167df2d4288ab49a1f083d3f4613b29073bf7dcdbd8edb45b160a7c315529853bcf9a725034cc53285
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12906 bytes)
Hash
cbc9f50b0a96fb69fa2e948aa3125413
e7f13a6e81263e73ac5777959d63b567f50848d5
2e3411687a31211dbf0aa732f8d93a3c5a4748afb264e695d36782700c8e8b5d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 12906
x-amzn-requestid: 4d09cdf1-2b4b-4f72-a313-caf6660774d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsLoHaHIAMF1uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d22717-7074bd5202e3aced21ac49e3;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:09:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZkPnGMNVHQUSKvsqXZajTFA6FiOiZvSXHU6QN8zbCrSXKKmSdCWVqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:47:13 GMT
age: 17055
etag: "e7f13a6e81263e73ac5777959d63b567f50848d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

165tuchuang.com/i/2023/01/17/63c69882a8d70.gif

13.228.24.19

200 OK

629 kB

URL HTTP/1.1
165tuchuang.com/i/2023/01/17/63c69882a8d70.gif
IP
13.228.24.19:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 960 x 120\012- data
Size
629 kB (628981 bytes)
Hash
eee092d9d424d7bca5e23b599583a9c6
a098c159c174237f6db3a765f8e4ddda46d4b29f
1065383172b33f0947338872957d48f6011b4b91f4e53fc6e19b406c06ed3c29

HTTP Headers

GET /i/2023/01/17/63c69882a8d70.gif HTTP/1.1
Host: 165tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:27 GMT
Content-Type: image/gif
Content-Length: 628981
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 12:45:54 GMT
ETag: "63c69882-998f5"
Expires: Fri, 24 Feb 2023 15:26:32 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: Tengine
X-Cache-Status: HIT
Accept-Ranges: bytes

vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif

47.75.19.64

200 OK

300 kB

URL HTTP/1.1
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP
47.75.19.64:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
300 kB (299985 bytes)
Hash
5d7118c19a9bd8ff78641a72cb481144
5cf8f1709330929db0f38141e5e18518a2ddcb12
ebd1f7b5795943f0b6e779047bfd82e03c020056e9ae9f4a4f8b400d3835cd85

HTTP Headers

GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 31 Jan 2023 03:31:25 GMT
Content-Type: image/gif
Content-Length: 299985
Connection: keep-alive
x-oss-request-id: 63D88B8D22AAFC3235EE8F40
Accept-Ranges: bytes
ETag: "5D7118C19A9BD8FF78641A72CB481144"
Last-Modified: Tue, 10 Jan 2023 09:27:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5878332609690177558
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDwy4PsrBgiIGVlOTJjOGM4NTBkZDQ5NTBhMzAzYjhiYTJjYjQ0NTI5
Content-MD5: XXEYwZqb2P94ZBpyy0gRRA==
x-oss-server-time: 1

www.henniu498.site/template/dfcc/css/zui.css

108.171.217.106

200 OK

0 B

URL HTTP/2
www.henniu498.site/template/dfcc/css/zui.css
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/dfcc/css/zui.css HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:22 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 10:41:58 GMT
vary: Accept-Encoding
etag: W/"62861ef6-164b3"
expires: Tue, 31 Jan 2023 15:31:22 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.3155a.com/images/63d7b0c96c2af1be8a356618.gif

3.36.126.81

302 Found

0 B

URL HTTP/2
img.3155a.com/images/63d7b0c96c2af1be8a356618.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/63d7b0c96c2af1be8a356618.gif HTTP/1.1
Host: img.3155a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c
X-Firefox-Spdy: h2

www.henniu498.site/

108.171.217.106

200 OK

0 B

URL HTTP/2
www.henniu498.site/
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baidu.hnmaccms.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:22 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yvzfgigpiwmofux.com/2023/01/10/91c342cb8b5b4.gif

154.198.234.18

200 OK

0 B

URL HTTP/1.1
yvzfgigpiwmofux.com/2023/01/10/91c342cb8b5b4.gif
IP
154.198.234.18:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /2023/01/10/91c342cb8b5b4.gif HTTP/1.1
Host: yvzfgigpiwmofux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:27 GMT
Content-Type: image/gif
Content-Length: 514744
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 15:33:26 GMT
ETag: "63bd8546-7dab8"
Expires: Wed, 01 Mar 2023 15:35:54 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

img.1137555.com/images/639f110ff854fb2e3980a017.gif

3.36.126.81

302 Found

0 B

URL HTTP/2
img.1137555.com/images/639f110ff854fb2e3980a017.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/639f110ff854fb2e3980a017.gif HTTP/1.1
Host: img.1137555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a
X-Firefox-Spdy: h2

kjimg10.360buyimg.com/ott/jfs/t1/108101/17/24803/303221/63c40ac5Fc2654b14/d329a0ea325ebb89.gif

121.226.246.3

200 OK

0 B

URL HTTP/2
kjimg10.360buyimg.com/ott/jfs/t1/108101/17/24803/303221/63c40ac5Fc2654b14/d329a0ea325ebb89.gif
IP
121.226.246.3:0
ASN
#4134 Chinanet

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ott/jfs/t1/108101/17/24803/303221/63c40ac5Fc2654b14/d329a0ea325ebb89.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:27 GMT
content-type: image/gif
content-length: 303221
cache-control: max-age=15552000
expires: Wed, 26 Jul 2023 12:06:05 GMT
last-modified: Sun, 15 Jan 2023 14:16:37 GMT
age: 314722
via: http/1.1 ORI-CLOUD-HUZ-MIX-26 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-18 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674821165410-0-0-1-5-5;200;200-1674952576711-0-0-0-4-4;200-1675135887607-0-0-0-3-3
X-Firefox-Spdy: h2

595tuchuang.com/960x120.gif

183.255.106.38

200 OK

0 B

URL HTTP/1.1
595tuchuang.com/960x120.gif
IP
183.255.106.38:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /960x120.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:31:28 GMT
Content-Type: image/gif
Content-Length: 184991
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:25:24 GMT
ETag: "63d68fe4-2d29f"
Expires: Wed, 01 Mar 2023 06:45:41 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

www.henniu498.site/template/dfcc/static/js/jquery.min.js

108.171.217.106

200 OK

0 B

URL HTTP/2
www.henniu498.site/template/dfcc/static/js/jquery.min.js
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/dfcc/static/js/jquery.min.js HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:22 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:32 GMT
vary: Accept-Encoding
etag: W/"61d99aa4-17b8b"
expires: Tue, 31 Jan 2023 15:31:22 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.henniu498.site/template/dfcc/html9/ads/dulian.js

108.171.217.106

200 OK

0 B

URL HTTP/2
www.henniu498.site/template/dfcc/html9/ads/dulian.js
IP
108.171.217.106:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/dfcc/html9/ads/dulian.js HTTP/1.1
Host: www.henniu498.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:31:22 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 06:22:51 GMT
vary: Accept-Encoding
etag: W/"63cb84bb-d5d"
expires: Tue, 31 Jan 2023 15:31:22 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

files.imgopen.vip/uploads/2023/01/03/63b3a7cfbfde2.gif

104.21.68.49

200 OK

0 B

URL HTTP/2
files.imgopen.vip/uploads/2023/01/03/63b3a7cfbfde2.gif
IP
104.21.68.49:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /uploads/2023/01/03/63b3a7cfbfde2.gif HTTP/1.1
Host: files.imgopen.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu498.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:31:27 GMT
content-type: image/gif
content-length: 4572669
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Mon, 30 Jan 2023 20:23:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLTAjLGoNferV1MoaDYgWNwMpC204xT9rXqFwXjjGU5vaVJflSQAoM0Q7HfIQu4PBqbeamqLL%2BMBx%2BF%2FCOj6%2FhgqlJnhX1%2BX0rLw3mwbS5qFicpqUqE5WnzxNzpH1ALbenApBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f5fdaf9a11bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML