r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10952
Expires: Sat, 04 Feb 2023 04:10:11 GMT
Date: Sat, 04 Feb 2023 01:07:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9559
Expires: Sat, 04 Feb 2023 03:46:58 GMT
Date: Sat, 04 Feb 2023 01:07:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 00:43:35 GMT
content-type: application/json
age: 1444
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11465
Expires: Sat, 04 Feb 2023 04:18:44 GMT
Date: Sat, 04 Feb 2023 01:07:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: etsnBiU7UcZIUqghJqZ6xRSBpqdRbPYfI36hL+FP75JNB4vnr8QE8hUDRgkSR30y0bNkt2mO8ds=
x-amz-request-id: ZWBDSQ8GJHRDQNDZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 00:52:38 GMT
age: 901
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:39 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.tutsraja.com/2017/12/current-cabinet-ministers-of-india-with-full-list.html
104.247.216.37200 OK 801 B URL HTTP/1.1 www.tutsraja.com/2017/12/current-cabinet-ministers-of-india-with-full-list.html
IP 104.247.216.37:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 9002f0631477e50d3c80e18cbec81fc8
9a60fa7be15bdb3b643f5b366957e53754d08d80
14943ee07782b17d6c01c7d5c33dc7987b8d1bf126c62657788e25ade0108fef
GET /2017/12/current-cabinet-ministers-of-india-with-full-list.html HTTP/1.1
Host: www.tutsraja.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:07:39 GMT
Content-Type: text/html
Content-Length: 801
Connection: keep-alive
www.tutsraja.com/tj.js
104.247.216.37200 OK 520 B IP 104.247.216.37:0
File type ASCII text, with CRLF line terminators
Hash 50e18b0d4fa97698ef5ced81558b265f
46e93f58643fb6d78f81740732319267ce8c5c39
4ec0deb5694d4557a3e22d538418b7881dc5b10bbb5f8921a16a623d13eb6d8e
GET /tj.js HTTP/1.1
Host: www.tutsraja.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tutsraja.com/2017/12/current-cabinet-ministers-of-india-with-full-list.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:07:39 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.tutsraja.com/common.js
104.247.216.37200 OK 757 B URL HTTP/1.1 www.tutsraja.com/common.js
IP 104.247.216.37:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash ae4f9ffe7a2eeb4f281eec7788eba03b
09d7e9e07ddb8f412b4e904bbfd609edef5353bf
8bce791cc2ad839158815f6e0a8a1073de39f96f4e6c2135e13736cd5f620aca
GET /common.js HTTP/1.1
Host: www.tutsraja.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tutsraja.com/2017/12/current-cabinet-ministers-of-india-with-full-list.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:07:39 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 00:49:07 GMT
age: 1112
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4995
Expires: Sat, 04 Feb 2023 02:30:55 GMT
Date: Sat, 04 Feb 2023 01:07:40 GMT
Connection: keep-alive
www.tutsraja.com/favicon.ico
104.247.216.37200 OK 1.2 kB URL HTTP/1.1 www.tutsraja.com/favicon.ico
IP 104.247.216.37:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.tutsraja.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tutsraja.com/2017/12/current-cabinet-ministers-of-india-with-full-list.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:07:40 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 09 Feb 2023 01:07:40 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.services.mozilla.com/
44.241.148.153101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.241.148.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GVUh68opxGv9FKaVE0MVuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8vuHzarqvOEVu59D5CJJiv4gHRQ=
baidu.hnmaccms.xyz/news/index.php
143.92.57.80200 OK 48 B URL HTTP/1.1 baidu.hnmaccms.xyz/news/index.php
IP 143.92.57.80:0
ASN #64050 BGPNET Global ASN
File type HTML document, ASCII text, with no line terminators
Hash 046691e8308c2adf72fc25247e2f9e80
a47d4ddf558d878140dd88a539159659e781345e
49f190d90d221b19e342cf6425fbb173e894ca0531935a3b08eaf83d980a6268
GET /news/index.php HTTP/1.1
Host: baidu.hnmaccms.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tutsraja.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:07:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 86ae642df644782f83931305bbffe43f
7e8441bb64a868bc8a29a5979fc81c4e0af8c09d
183ac96589c65349a7a0b5f38e9152900f09fb91665abaf78f0fc83584eb7411
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:25:28 GMT
ETag: "7e8441bb64a868bc8a29a5979fc81c4e0af8c09d"
Last-Modified: Fri, 03 Feb 2023 21:25:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3489
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82c54e571bfa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 86ae642df644782f83931305bbffe43f
7e8441bb64a868bc8a29a5979fc81c4e0af8c09d
183ac96589c65349a7a0b5f38e9152900f09fb91665abaf78f0fc83584eb7411
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:25:28 GMT
ETag: "7e8441bb64a868bc8a29a5979fc81c4e0af8c09d"
Last-Modified: Fri, 03 Feb 2023 21:25:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3489
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82c54e04b4fd-OSL
baidu.hnmaccms.xyz/news/data.php
143.92.57.80200 OK 192 B URL HTTP/1.1 baidu.hnmaccms.xyz/news/data.php
IP 143.92.57.80:0
ASN #64050 BGPNET Global ASN
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 3d8a157e591aa7c1b97f2faf2a23ff2d
cf44c00b55420a0fd3d3d7cd65ae64d72de4679f
d2c7321c1eddd504e40d6a08d8351a518d93d2776246c9c5e4a524f6e1923722
GET /news/data.php HTTP/1.1
Host: baidu.hnmaccms.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.hnmaccms.xyz/news/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:07:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5042
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Sat, 04 Feb 2023 01:07:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5042
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Sat, 04 Feb 2023 01:07:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5042
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Sat, 04 Feb 2023 01:07:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 10199
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76ce18a45923a440add58f68a794bd03
e15570e6c3b6a801b8bc7f4c8c87bb7ec071fc43
9abc1e152bd102d799d189fa3b74961cb22d17571c2ee6676d4c937c3b75da42
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: 8695cadd-57b2-416e-9f5b-ace8a9931ab4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyED6GP9oAMFnZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd807f-17eaa05a4aae5a6807829bd1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RrRMudbU55NOXYoDxQZ8sm2pAMUYOUfd19yHqVpSPMhYatrQTeqf-g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:28 GMT
age: 10633
etag: "e15570e6c3b6a801b8bc7f4c8c87bb7ec071fc43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 54c06759-6fab-455c-be34-496ee42a2580
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZLQEqroAMFyWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d57b-2237358a5cc22b8003af1852;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:08:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oc3NhvAmcrO3msFYF2ITsEpq8a2wsOLkXtmZxRQpmse84yml0l9PNA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:46:57 GMT
age: 12044
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 2818
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6h25M_XSVuTCF-9FkTtwujV0X-0-M9fvw4ouOBFmSnMWeApCSHmBsA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 10451
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 10628
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09b47ed44c5831fe2680a2d55bd3d56b
8011154f662a8ee9b446155d66566290d1f158d0
ed2bc26cd53b35d1256f263edfed69e15432a2d0cc0187b2b5f2666de199afcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED2BC26CD53B35D1256F263EDFED69E15432A2D0CC0187B2B5F2666DE199AFCB"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 07:07:41 GMT
Date: Sat, 04 Feb 2023 01:07:41 GMT
Connection: keep-alive
hm.baidu.com/hm.js?ca8b7cf51d1e18f8aa93c450df39c992
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ca8b7cf51d1e18f8aa93c450df39c992
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash e6993eebf9c759fe8f61be3dadba9c40
25b907315a7411a595f6c6cc182678f55f77e3be
8830aab88d4a355f5165021f18e155faca3cc82e9f523d5d51aab2f79bd8e527
GET /hm.js?ca8b7cf51d1e18f8aa93c450df39c992 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tutsraja.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 01:07:41 GMT
Etag: a618e592e5c574bc9a8381720a0c5fab
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=16A52A14B7B2FA36; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 916f985193b70b3b0000b9f8fe78ad33
9e427ce9fbd2fce5c88ec08f845ae6dcc824a9de
a097df5ac254f4b2b80299382ae0e1c9b056e7e51b0f32d2453afe3afe1c3ced
GET /hm.js?d8caaf5fc7e747bf497566f2be1cc916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tutsraja.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 01:07:41 GMT
Etag: 38f18a83f5d8b7462571b5dd39a9989b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BC43A3DF4C75E3B2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tutsraja.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 01:07:42 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 01:07:42 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=3A8D54429E0DCB0D3C2F677BAE8EA3FF:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 01:07:42 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=606826097&si=ca8b7cf51d1e18f8aa93c450df39c992&v=1.3.0&lv=1&sn=5085&r=0&ww=1280&u=http%3A%2F%2Fwww.tutsraja.com%2F2017%2F12%2Fcurrent-cabinet-ministers-of-india-with-full-list.html&tt=%E6%B3%B8%E5%B7%9E%E8%BE%86%E8%85%B9%E8%B4%B8%E6%98%93%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=606826097&si=ca8b7cf51d1e18f8aa93c450df39c992&v=1.3.0&lv=1&sn=5085&r=0&ww=1280&u=http%3A%2F%2Fwww.tutsraja.com%2F2017%2F12%2Fcurrent-cabinet-ministers-of-india-with-full-list.html&tt=%E6%B3%B8%E5%B7%9E%E8%BE%86%E8%85%B9%E8%B4%B8%E6%98%93%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=606826097&si=ca8b7cf51d1e18f8aa93c450df39c992&v=1.3.0&lv=1&sn=5085&r=0&ww=1280&u=http%3A%2F%2Fwww.tutsraja.com%2F2017%2F12%2Fcurrent-cabinet-ministers-of-india-with-full-list.html&tt=%E6%B3%B8%E5%B7%9E%E8%BE%86%E8%85%B9%E8%B4%B8%E6%98%93%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tutsraja.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 01:07:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5495F2E81AFC884A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1109179177&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=5085&r=0&ww=1280&u=http%3A%2F%2Fwww.tutsraja.com%2F2017%2F12%2Fcurrent-cabinet-ministers-of-india-with-full-list.html&tt=%E6%B3%B8%E5%B7%9E%E8%BE%86%E8%85%B9%E8%B4%B8%E6%98%93%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1109179177&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=5085&r=0&ww=1280&u=http%3A%2F%2Fwww.tutsraja.com%2F2017%2F12%2Fcurrent-cabinet-ministers-of-india-with-full-list.html&tt=%E6%B3%B8%E5%B7%9E%E8%BE%86%E8%85%B9%E8%B4%B8%E6%98%93%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1109179177&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=5085&r=0&ww=1280&u=http%3A%2F%2Fwww.tutsraja.com%2F2017%2F12%2Fcurrent-cabinet-ministers-of-india-with-full-list.html&tt=%E6%B3%B8%E5%B7%9E%E8%BE%86%E8%85%B9%E8%B4%B8%E6%98%93%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tutsraja.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 01:07:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=005503DDD0EEFBCB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.henniu487.site/static/images/1.gif
108.171.217.114200 OK 254 B URL HTTP/2 www.henniu487.site/static/images/1.gif
IP 108.171.217.114:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/1.gif HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 24 Dec 2021 10:11:17 GMT
etag: "61c59cc5-fe"
expires: Mon, 06 Mar 2023 01:07:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu487.site/template/dfcc/images/loading.svg
108.171.217.114200 OK 506 B URL HTTP/2 www.henniu487.site/template/dfcc/images/loading.svg
IP 108.171.217.114:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/images/loading.svg HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:24 GMT
etag: "61da9f3c-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu487.site/dingpiao.html
108.171.217.114200 OK 165 B URL HTTP/2 www.henniu487.site/dingpiao.html
IP 108.171.217.114:0
File type HTML document, ASCII text
Hash 4435944ee90530df7501feb9474447eb
7d2a2ba9c312fe8a2a74989b277c31019dc6cf28
631fe8224b4b000f68610d29d53524f1700f15181f1c77e9856b010fd21507a3
Analyzer Verdict Alert quad9 Sinkholed
GET /dingpiao.html HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: text/html
content-length: 165
last-modified: Thu, 12 Jan 2023 16:30:59 GMT
etag: "63c035c3-a5"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu487.site/template/dfcc/html9/ads/dulian.js
108.171.217.114200 OK 1.6 kB URL HTTP/2 www.henniu487.site/template/dfcc/html9/ads/dulian.js
IP 108.171.217.114:0
Hash d98e8a08a2a347e5bf3cdcd38c1ec62c
e3c1d5fb4a65d754c133f5d21eccbf564343545a
0c6bfef29f20f03b500b6c599dbdf1ee42bb9dfdb81766e36debc321eb039f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/html9/ads/dulian.js HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 12:21:55 GMT
vary: Accept-Encoding
etag: W/"63dbaae3-d5d"
expires: Sat, 04 Feb 2023 13:07:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.henniu487.site/template/dfcc/images/video-mask.png
108.171.217.114200 OK 107 B URL HTTP/2 www.henniu487.site/template/dfcc/images/video-mask.png
IP 108.171.217.114:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/images/video-mask.png HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/template/dfcc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-6b"
expires: Mon, 06 Mar 2023 01:07:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu487.site/template/dfcc/static/js/jquery.lazyload.min.js
108.171.217.114200 OK 2.9 kB URL HTTP/2 www.henniu487.site/template/dfcc/static/js/jquery.lazyload.min.js
IP 108.171.217.114:0
Hash 05456e0646f16415dff509b5b52e49e0
74ccc6d21445b3ca480d11a5b9de0bf2dbc14b2a
2838cffff720c514a5494fc6a68202a3a2315ee933701410e5a7db56dd460def
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:22 GMT
vary: Accept-Encoding
etag: W/"61d99ad6-d35"
expires: Sat, 04 Feb 2023 13:07:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.henniu487.site/henniu.png
108.171.217.114200 OK 5.0 kB URL HTTP/2 www.henniu487.site/henniu.png
IP 108.171.217.114:0
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 66a858de209ee39809102a15257bbd71
6856ccaf274c24cdbe62155da4847eafd3b7f3e9
478f7ef871afdab3f845e3f501b9ec980ff449f34651ebc7f0b5b5498ea60296
Analyzer Verdict Alert quad9 Sinkholed
GET /henniu.png HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: image/png
content-length: 4973
last-modified: Wed, 18 May 2022 08:34:27 GMT
etag: "6284af93-136d"
expires: Mon, 06 Mar 2023 01:07:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu487.site/template/dfcc/css/zui.css
108.171.217.114200 OK 31 kB URL HTTP/2 www.henniu487.site/template/dfcc/css/zui.css
IP 108.171.217.114:0
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash fbaeb3e851cdba35ae8f965aa11d8c74
e3f4fd1a4fb74e3bab6dbae8d42e2247bd1d905e
3ca27047577bb27a266596355124f67df4f8768f7987b8dadea6e2e1958926d9
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/css/zui.css HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 10:41:58 GMT
vary: Accept-Encoding
etag: W/"62861ef6-164b3"
expires: Sat, 04 Feb 2023 13:07:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=721347827&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=5086&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu487.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=721347827&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=5086&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu487.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=721347827&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=5086&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu487.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 01:07:43 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C8B0E0900F09FE23; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
api.share.baidu.com/s.gif?l=http://www.tutsraja.com/2017/12/current-cabinet-ministers-of-india-with-full-list.html
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.tutsraja.com/2017/12/current-cabinet-ministers-of-india-with-full-list.html
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.tutsraja.com/2017/12/current-cabinet-ministers-of-india-with-full-list.html HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tutsraja.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 01:07:43 GMT
dimg04.c-ctrip.com/images/0101312000ae3dzr08E27.gif?proc=autoorient
104.110.17.24200 OK 63 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101312000ae3dzr08E27.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash 419573857f8eb1ef0362ea8e353c0b0e
b71294e20c82d9932989a9d88eab91d889a68611
be6e0321941d5d21535621aae7f59bd0fc4c5de90b5575b17ccff9d5725062c3
GET /images/0101312000ae3dzr08E27.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 62773
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5409114
expires: Fri, 07 Apr 2023 15:39:39 GMT
date: Sat, 04 Feb 2023 01:07:45 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
2366317ccc.com/6a3dd43a708341718e1b8fdf7d66f5d8.gif
45.61.212.54200 OK 144 kB URL HTTP/1.1 2366317ccc.com/6a3dd43a708341718e1b8fdf7d66f5d8.gif
IP 45.61.212.54:0
File type GIF image data, version 89a, 750 x 240\012- data
Size 144 kB (144539 bytes)
Hash ac5309c05abfecab8a80362b19b64f60
b777d5f099fd8f82eb58e192335555473cebb102
8449e5611d932bc9cfaf4f5ec5e87ecf660d48b975ddb3566df7ead49978a446
Analyzer Verdict Alert quad9 Sinkholed
GET /6a3dd43a708341718e1b8fdf7d66f5d8.gif HTTP/1.1
Host: 2366317ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c656ae-2349b"
Date: Fri, 03 Feb 2023 07:44:46 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 17 Jan 2023 08:05:02 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-24
Content-Length: 144539
n0622.com/8c5bc25fea194e1ab37cb8c0b2395357.gif
52.140.208.180200 OK 283 kB URL HTTP/1.1 n0622.com/8c5bc25fea194e1ab37cb8c0b2395357.gif
IP 52.140.208.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 283 kB (282913 bytes)
Hash e5e45b1fdf45915345965a07d0e4ad05
a7aaac92430fe423edacde9bff09c216e8aa5908
f485d7de51c5792fe1a1d18097932d7846356703265d2ba2ead1a4c66fdf09ec
GET /8c5bc25fea194e1ab37cb8c0b2395357.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 08 Jan 2023 13:32:52 GMT
ETag: W/"63bac604-68594"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
help.ifeng.com/datas/feedback/20230103/63b3b479ce945.gif
49.51.190.27200 OK 307 kB URL HTTP/1.1 help.ifeng.com/datas/feedback/20230103/63b3b479ce945.gif
IP 49.51.190.27:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 120\012- data
Size 307 kB (306734 bytes)
Hash ca810c35cea365abbacde41d2ee51764
a6f267356af7be51677d96a316bc2f1a0adc1ddf
a91c06c40e0f97e73ec9210126c1283afaba908fe0d0153aa690e0e388354dd4
GET /datas/feedback/20230103/63b3b479ce945.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:07:45 GMT
content-type: image/gif
content-length: 306734
last-modified: Tue, 03 Jan 2023 04:52:09 GMT
etag: "63b3b479-4ae2e"
expires: Sun, 19 Feb 2023 01:07:45 GMT
cache-control: max-age=1296000
accept-ranges: bytes
383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
120.77.166.67200 OK 299 kB URL HTTP/1.1 383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP 120.77.166.67:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 04 Feb 2023 01:07:45 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 63DDAFE1703D5E333322B282
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Thu, 08 Dec 2022 07:20:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 2
help.ifeng.com/datas/feedback/20230103/63b3b2c35e1e9.gif
49.51.190.27200 OK 611 kB URL HTTP/1.1 help.ifeng.com/datas/feedback/20230103/63b3b2c35e1e9.gif
IP 49.51.190.27:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 120\012- data
Size 611 kB (610607 bytes)
Hash 7797b04d36b1cfaecd602e5cb119b1f7
429a9df53294bf1ab9dc2acd71ef1ed98e827c50
6c30edd990ed795a7879b876104443d2e6ff67bbcbd9e58b93b8d4e9b843a6da
GET /datas/feedback/20230103/63b3b2c35e1e9.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:07:45 GMT
content-type: image/gif
content-length: 610607
last-modified: Tue, 03 Jan 2023 04:44:51 GMT
etag: "63b3b2c3-9512f"
expires: Sun, 19 Feb 2023 01:07:45 GMT
cache-control: max-age=1296000
accept-ranges: bytes
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0
43.154.254.32200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 04 Feb 2023 01:07:45 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Fri, 30 Dec 2022 04:47:40 GMT
cache-control: max-age=2592000
x-delay: 117 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: b8226baf-579c-4139-b835-0634dd9fdc70
X-Firefox-Spdy: h2
img.krkfp.com/img/1.jpg
172.247.222.51200 OK 16 kB IP 172.247.222.51:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 352x198, components 3\012- data
Hash 332e372126585ebcb1a39313b52cd63f
68588752c6a07c6ea01369754556a5386c2c5134
82950ea6f845b5ee30278736b468ddbe848191c37caae800d385282814c5bd35
GET /img/1.jpg HTTP/1.1
Host: img.krkfp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:05:36 GMT
Content-Type: image/jpeg
Content-Length: 16459
Last-Modified: Thu, 08 Dec 2022 11:52:30 GMT
Connection: keep-alive
ETag: "6391cffe-404b"
Expires: Mon, 06 Mar 2023 01:05:36 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 7d0f586525ffda2a47e418bc4e005da8
6b1e0ca1cd4b969c151a18f791385bbc21d5b004
70dae988a19ce60e0abe124e9fde8aa8dce5885ca08841a1c8694ce500c71d75
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:46:36 GMT
ETag: "6b1e0ca1cd4b969c151a18f791385bbc21d5b004"
Last-Modified: Fri, 03 Feb 2023 21:46:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2893
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82ec6e0b0b02-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.20.226:0
Hash 3e63294932da5a0aa358139a084618ce
57b9705f948d422df9aaea69b4169fed92383ea8
806ffbe8e830087ecef9f139ca6803727513eb82872306f5a06156b36fda15ae
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 08 Feb 2023 00:00:12 GMT
ETag: "57b9705f948d422df9aaea69b4169fed92383ea8"
Last-Modified: Sat, 04 Feb 2023 00:00:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2473
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82ec6caab4fa-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 7d0f586525ffda2a47e418bc4e005da8
6b1e0ca1cd4b969c151a18f791385bbc21d5b004
70dae988a19ce60e0abe124e9fde8aa8dce5885ca08841a1c8694ce500c71d75
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:46:36 GMT
ETag: "6b1e0ca1cd4b969c151a18f791385bbc21d5b004"
Last-Modified: Fri, 03 Feb 2023 21:46:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2893
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82ec6988b4f1-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 7d0f586525ffda2a47e418bc4e005da8
6b1e0ca1cd4b969c151a18f791385bbc21d5b004
70dae988a19ce60e0abe124e9fde8aa8dce5885ca08841a1c8694ce500c71d75
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:46:36 GMT
ETag: "6b1e0ca1cd4b969c151a18f791385bbc21d5b004"
Last-Modified: Fri, 03 Feb 2023 21:46:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2893
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82ec6da5b4f4-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 7d0f586525ffda2a47e418bc4e005da8
6b1e0ca1cd4b969c151a18f791385bbc21d5b004
70dae988a19ce60e0abe124e9fde8aa8dce5885ca08841a1c8694ce500c71d75
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:46:36 GMT
ETag: "6b1e0ca1cd4b969c151a18f791385bbc21d5b004"
Last-Modified: Fri, 03 Feb 2023 21:46:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2893
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82ec6ceeb4ff-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.20.226:0
Hash ebccc469a9f1a757ca5770fe2daf7feb
39dfa4ad71a91a326a52d2fa63770cfb9c2fd47b
54b3cd70c8afd1bb675a3a017def703f8758a8f1c9960d78fb0eeca1a061aa78
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Tue, 07 Feb 2023 22:23:36 GMT
ETag: "39dfa4ad71a91a326a52d2fa63770cfb9c2fd47b"
Last-Modified: Fri, 03 Feb 2023 22:23:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2860
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82ec69acb506-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.20.226:0
Hash 3e63294932da5a0aa358139a084618ce
57b9705f948d422df9aaea69b4169fed92383ea8
806ffbe8e830087ecef9f139ca6803727513eb82872306f5a06156b36fda15ae
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 08 Feb 2023 00:00:12 GMT
ETag: "57b9705f948d422df9aaea69b4169fed92383ea8"
Last-Modified: Sat, 04 Feb 2023 00:00:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2473
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82ec7e0e0b02-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 2f9e36c4b11b7edaa09556cb2e9de306
123ac219d2bb001954d70ba04cda38880fd4b809
fb8e72bf8bd8cb4b673f9212e4eb0b92096dbab36c4fb0f7bbb46e1876574216
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 07 Feb 2023 23:53:08 GMT
ETag: "123ac219d2bb001954d70ba04cda38880fd4b809"
Last-Modified: Fri, 03 Feb 2023 23:53:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2978
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82ec7cb8b4fa-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73803e6aa60e01673852cb789b2027fb
31fe59edce7d2a0314b64707ae863cd5aff1c34e
1960be1fc27291c153f4285109fcc60a4ad3c6fee8b723f28267cb3969b84f7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1960BE1FC27291C153F4285109FCC60A4AD3C6FEE8B723F28267CB3969B84F7A"
Last-Modified: Fri, 03 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11707
Expires: Sat, 04 Feb 2023 04:22:54 GMT
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d968af3b7962fef054afb4865ec1bac1
6335dcaa717685b12ccd62e473d6735f51d101d5
bad292640a7ff50596e2b1c0fac981e72734b66c837ab1190c0dfe3962ccce64
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 09:14:29 GMT
Expires: Thu, 09 Feb 2023 09:14:28 GMT
Etag: "6335dcaa717685b12ccd62e473d6735f51d101d5"
Cache-Control: max-age=460600,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f82ec6ca4b4fa-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 731b263d61db80ee736d45077f3dcde2
072a810c4afc9135e366d880b8c31e794589537e
01acefb384cdf6758347c4f832e81714e2c987ad7497d748824b21636c2d47fe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 03:36:53 GMT
Expires: Wed, 08 Feb 2023 03:36:52 GMT
Etag: "072a810c4afc9135e366d880b8c31e794589537e"
Cache-Control: max-age=353944,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f82ec6927b521-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash df93ae9adf8bf88175e2ad6bdc56f198
91578b60e8fd65a3d4821b74fc07f78acf82fe41
f4ac7b8ed2d534e6229b716579d862200cef35111509826b3351365618408660
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 15:23:10 GMT
Expires: Wed, 08 Feb 2023 15:23:09 GMT
Etag: "91578b60e8fd65a3d4821b74fc07f78acf82fe41"
Cache-Control: max-age=396321,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f82ec6e7fb500-OSL
8499683.com/8499/zzxx/960x60.gif
23.224.101.37200 OK 291 kB URL HTTP/2 8499683.com/8499/zzxx/960x60.gif
IP 23.224.101.37:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499683.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:07:46 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "46f0c-5f092cf097c3f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 78ea059162037900655ee3c91ba8f5d0
c43647c642a8513663e96d7a06cca24ade32c0ef
2cc6804c082546261ebeb16b474af44674af6c1bff90c0e1860641e9c223ed91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC6804C082546261EBEB16B474AF44674AF6C1BFF90C0E1860641E9C223ED91"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2752
Expires: Sat, 04 Feb 2023 01:53:39 GMT
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
www.henniu487.site/template/dfcc/css/ate.css
108.171.217.114200 OK 6.5 kB URL HTTP/2 www.henniu487.site/template/dfcc/css/ate.css
IP 108.171.217.114:0
Hash 41b47c5dd7ce7a14358d200b46705406
65556072ae43477e124a56b9fa5a2570e4eb30f6
c1d44ac055d03e5d777346b3ad2ecd309d978697de2f225a3b9e585ca2b7119d
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/css/ate.css HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:24 GMT
vary: Accept-Encoding
etag: W/"61d46414-126e4"
expires: Sat, 04 Feb 2023 13:07:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0a8026ac6bf56037e49a0d2d1fa5f31e
673ad323fe43f8265275f0c7b2f0b0ba6570d58a
59110e9335ea3de14486a569e28e67d50b7b7f3465de2e8160667dd1f1b20779
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 23:55:15 GMT
Expires: Tue, 07 Feb 2023 23:55:14 GMT
Etag: "673ad323fe43f8265275f0c7b2f0b0ba6570d58a"
Cache-Control: max-age=340646,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f82ec6a38b4f7-OSL
img.krkfp.com/img/3.jpg
172.247.222.51200 OK 49 kB IP 172.247.222.51:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 856x480, components 3\012- data
Hash fe9e2793b36a3ab5986dab1606df351a
e8417e0b1c8d20538043e379ab492c40da19015d
8928fdfa84bbfb16663052f844c4fc37363aa2e2caa6f0a7d93de39a159de03a
GET /img/3.jpg HTTP/1.1
Host: img.krkfp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:05:36 GMT
Content-Type: image/jpeg
Content-Length: 48860
Last-Modified: Thu, 08 Dec 2022 11:52:29 GMT
Connection: keep-alive
ETag: "6391cffd-bedc"
Expires: Mon, 06 Mar 2023 01:05:36 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5740f9cac8b25c2d221b314141318109
9d6efab115269a538d2586fb81b83d10d510c33e
8c88c34a70c2b8e859d00d0b7b22ed04fea05fc8943c15956da032620d492b04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C88C34A70C2B8E859D00D0B7B22ED04FEA05FC8943C15956DA032620D492B04"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7975
Expires: Sat, 04 Feb 2023 03:20:42 GMT
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ebb10bd4bee4ceed17cdf806d9ade07
a7408fbcc881d3b22c3edc9874438c7cddf87753
28c968077785ad770d84e48503f5f38449a9dc18a151b249a8d830a7e458b623
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "28C968077785AD770D84E48503F5F38449A9DC18A151B249A8D830A7E458B623"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6824
Expires: Sat, 04 Feb 2023 03:01:31 GMT
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
aooacctp.vip/lm/ynv100.gif
172.67.161.53200 OK 89 kB URL HTTP/2 aooacctp.vip/lm/ynv100.gif
IP 172.67.161.53:0
File type GIF image data, version 89a, 267 x 160\012- data
Hash 482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
GET /lm/ynv100.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:07:47 GMT
content-type: image/gif
content-length: 89034
last-modified: Sun, 29 May 2022 06:37:35 GMT
etag: "629314af-15bca"
expires: Sat, 04 Mar 2023 13:44:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 127232
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVFMA6muWLsat21%2BT8jt%2B82r2ET8uxlH6Hx%2FOJwnAZd%2Fhn1p0G8yWNDs4NwjVnz5ik6aJ2AzPfdVgppQoKRk0OEkTkRGlCPFpA7%2B%2FAoCkZZwPq04xiFrYYRmEk%2B8X80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f82ee8e930b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash a3b642211e48cb4610f14afbd5a40cf1
b9caeda268e0fb16b16a32e6bbcc8d167289a7c4
be73ac29389dc84697edee7dc7f0bdbeeb1b8efcaf4d94caa4c08b6027c411de
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 02:00:30 GMT
Expires: Sat, 04 Feb 2023 02:00:30 GMT
ETag: "b9caeda268e0fb16b16a32e6bbcc8d167289a7c4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash dd0de68155fb36464c27d7bcb1d5d25d
11a204f8c7e83d50d1b89457e31f4a61aaea24d9
d609713c6845cb6f7275086ee301a362023543bcfb64e6dfa7d70ccc0610f67e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4324
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:47 GMT
Last-Modified: Fri, 03 Feb 2023 23:55:44 GMT
Server: ECS (amb/6B95)
X-Cache: HIT
Content-Length: 280
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 08b2b91e21bc4516207910017f8a8db4
18cda758d637933f21f23f58a074db6bcbcc4c8f
5ff7b9ad4b050a2d10e8e2a7b0b7f1fcaad6389300e5176307568e9e7c5a0fb0
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 01:07:07 GMT
last-modified: Tue, 31 Jan 2023 17:47:55 GMT
expires: Tue, 07 Feb 2023 17:47:54 GMT
etag: "18cda758d637933f21f23f58a074db6bcbcc4c8f"
cache-control: max-age=601386,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 793f81f3bf05bbb5-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675472827
via: cache15.l2de2[0,0,304-0,H], cache19.l2de2[0,0], cache4.se1[22,22,200-0,H], cache4.se1[23,0], cache4.se1[25,0]
age: 40
x-cache: HIT TCP_REFRESH_HIT dirn:11:217246938
x-swift-savetime: Sat, 04 Feb 2023 01:07:47 GMT
x-swift-cachetime: 1760
timing-allow-origin: *, *
eagleid: 2ff62c9816754728675861569e, 2ff62c9816754728675861569e
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e1447f4bd02d9a2b36bb0b23a6b106f1
4d4fe75a26cf78f9627ace77872bc01cd469ca83
1b886266d372b383a2287f910e8bf9544ece96440a16d2759696e78954e4da83
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1B886266D372B383A2287F910E8BF9544ECE96440A16D2759696E78954E4DA83"
Last-Modified: Fri, 03 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11696
Expires: Sat, 04 Feb 2023 04:22:43 GMT
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
s2.loli.net/2022/01/07/deGgwzf7Tly9S3b.gif
172.67.69.40404 Not Found 14 kB URL HTTP/2 s2.loli.net/2022/01/07/deGgwzf7Tly9S3b.gif
IP 172.67.69.40:0
File type PNG image data, 630 x 557, 8-bit colormap, non-interlaced\012- data
Hash 2d65a379c6d17fb9a9a6e9ae5112e79e
3c81d9aefdc66c7c034bd83d8cf06a94782487ca
a810996e1b9632593734f13a465418280c6fc1ba72f1aff719577192dd47df85
GET /2022/01/07/deGgwzf7Tly9S3b.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 04 Feb 2023 01:07:47 GMT
content-type: image/png
content-length: 14266
etag: "61aa33ab-37ba"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1415729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r7Bitpfin9sQAYz9JkGiwgu0iXBMzQFONnYE%2BRa22tRrdrtoXjrjLu56iLTJFlny8hWySGSQ2xEkkNl%2BVkx%2F%2FLdwK2c94361PhBVS1FZKtooINfqoNlv7pOW96Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793f82eee830b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0
43.154.254.32200 OK 62 kB URL HTTP/2 p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash ee52eff8577d4346eca344892bd41406
5e2ad497a1866f71f088860d05f2b962e82a16e1
b1d685515a8e1186c3f5d4844256b95fcc83121fa45f29a2e58e852537332267
GET /qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 04 Feb 2023 01:07:45 GMT
content-type: image/png
content-length: 62229
vary: Accept,Origin
last-modified: Tue, 19 Oct 2021 21:03:59 GMT
cache-control: max-age=2592000
x-delay: 12868 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 62229
chid: 0
fid: 0
x-nws-log-uuid: dcff1e54-ea96-4bcd-a1fb-324b5d539c70
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 08b2b91e21bc4516207910017f8a8db4
18cda758d637933f21f23f58a074db6bcbcc4c8f
5ff7b9ad4b050a2d10e8e2a7b0b7f1fcaad6389300e5176307568e9e7c5a0fb0
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 01:07:07 GMT
last-modified: Tue, 31 Jan 2023 17:47:55 GMT
expires: Tue, 07 Feb 2023 17:47:54 GMT
etag: "18cda758d637933f21f23f58a074db6bcbcc4c8f"
cache-control: max-age=601386,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 793f81f3bf05bbb5-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675472827
via: cache15.l2de2[0,0,304-0,H], cache25.l2de2[1,0], cache1.se1[89,89,200-0,H], cache4.se1[90,0], cache3.se1[92,0]
age: 40
x-cache: HIT TCP_REFRESH_HIT dirn:2:358040064
x-swift-savetime: Sat, 04 Feb 2023 01:07:47 GMT
x-swift-cachetime: 1760
timing-allow-origin: *, *
eagleid: 2ff62c9716754728675846472e, 2ff62c9716754728675846472e
kvexx.com/d2527f7b8c975443eead165505e089df.gif
45.150.164.88301 Moved Permanently 162 B URL HTTP/2 kvexx.com/d2527f7b8c975443eead165505e089df.gif
IP 45.150.164.88:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d2527f7b8c975443eead165505e089df.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 04 Feb 2023 01:07:47 GMT
content-type: text/html
content-length: 162
location: https://kvtjjj.top/d2527f7b8c975443eead165505e089df.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
IP 216.58.211.3:0
Hash a33f72967b9a84458bd5cc89a7d42176
ee79f3e52689b68ed385743e06a599d545e48c8b
d2cec375bfc538014980238050a9b11ab7876965f23cc6d099ae09385a516c6f
POST /s/gts1p5/IOl1ekfxYGk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 032f32fa077da6b380f124e40ed46b40
b10670235a25eb2824b53bf10a99580b836b9591
626fbc1da5e35e51ab433ea03894b79c37b79b3c5c036004fbd054aba8d3f588
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 410b1e9aa8ac787ec63a7f6e77af4196
3f7e39d77ae93790b3637e1b5f80a9d6cab2fc52
40a63ea653c4597ca5ae7fb42a3d04b9a7b141b4b5bc333d6c6a44e879995dd0
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=632
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash e5caecaabf37b8c93dffd1363ed097da
41172aed192de2b6f37f23d703004fcaf319f358
0866e284fbdd8551f4a5ef30d2cd2ea4d0731e7b39cb89f71b7ea47c0eec26f9
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=564
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 410b1e9aa8ac787ec63a7f6e77af4196
3f7e39d77ae93790b3637e1b5f80a9d6cab2fc52
40a63ea653c4597ca5ae7fb42a3d04b9a7b141b4b5bc333d6c6a44e879995dd0
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=662
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
X-N: S
www.tupku.top/lm/031815-80.gif
188.114.96.1200 OK 1.6 MB URL HTTP/2 www.tupku.top/lm/031815-80.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 500 x 281\012- data
Size 1.6 MB (1626999 bytes)
Hash 17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:07:47 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Fri, 03 Mar 2023 18:21:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 197048
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4rvRtWRYN9SlREimUt59%2Fav%2FnZf1OKruSHa8AHYAnPmCpjJkEfiJaU4nCZgcDGoKhQ4xHxVIykHN%2BN%2BksjBZyiBwlCMzFa%2F39XJJ0rDadGc9k97CJUWSCfXuvJGxUYR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f82ef68b61bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
n0522.com/c92a6738cc4e4ed5b593c5cb7f6ad314.gif
52.140.208.180200 OK 216 kB URL HTTP/1.1 n0522.com/c92a6738cc4e4ed5b593c5cb7f6ad314.gif
IP 52.140.208.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 216 kB (215902 bytes)
Hash 153a7dac1d2bfce1349134956b3f408f
9e91fdc5f2052de208a86e18c10eca1a251e3906
907675e7b39a2cc587985b82e12f9b7da60d395aa62b23214fe9d265c62df0bb
GET /c92a6738cc4e4ed5b593c5cb7f6ad314.gif HTTP/1.1
Host: n0522.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:46 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 04 Jan 2023 10:04:14 GMT
ETag: W/"63b54f1e-54d22"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash b0ff07ad8226786d2967f24e52a97056
db580b11dc9867ede0e0ba685329015129bb01cf
9c264e5b33e3f031d3e5dabe545c8366076ad31f9aa9f599e45e66c139020336
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:15:30 GMT
ETag: "db580b11dc9867ede0e0ba685329015129bb01cf"
Last-Modified: Fri, 03 Feb 2023 21:15:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1667
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82f01beab506-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash ee0e05fc0f49fbdbb3d1957f801779ad
15f2ec72d65319d79bb94f62ba9d0f6f8e60dae0
1060eb654c81a3939da487661f3f0f3fd3000c775c13a62424c7dd246cf043d1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:43:54 GMT
ETag: "15f2ec72d65319d79bb94f62ba9d0f6f8e60dae0"
Last-Modified: Fri, 03 Feb 2023 21:43:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1726
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f82f03eb21bfa-OSL
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 57fac9199c01f6ae73fd0be0a4e53e21
4a82b4265cb0f739e57511542b390608a1465d91
e693e93c62afa91e5f03a31de93efcbfcc2b9a604c9efb9daca82b260223e561
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 775
Cache-Control: max-age=114490
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:47 GMT
Etag: "63dcc916-1d7"
Expires: Sun, 05 Feb 2023 08:55:57 GMT
Last-Modified: Fri, 03 Feb 2023 08:43:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ebb10bd4bee4ceed17cdf806d9ade07
a7408fbcc881d3b22c3edc9874438c7cddf87753
28c968077785ad770d84e48503f5f38449a9dc18a151b249a8d830a7e458b623
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "28C968077785AD770D84E48503F5F38449A9DC18A151B249A8D830A7E458B623"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6824
Expires: Sat, 04 Feb 2023 03:01:31 GMT
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg
47.246.44.251200 OK 98 kB URL HTTP/2 cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg
IP 47.246.44.251:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Hash c23b2edd3dce8616a9a723a26b2fd280
51451bb2e19c4f956b425221ede9cfdd90472a0e
4d47bba01041ef53fd4ee75b4c13e5730fe106b233a7a1b4e8e9f12fc7527f88
GET /img/ibank/2020/865/518/22902815568_1738432517.jpg HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 98277
date: Fri, 30 Dec 2022 15:58:08 GMT
last-modified: Thu, 15 Sep 2022 08:05:49 GMT
picasso-ret-code: SUCCESS
request-time: 0.094
traceid: 2ff62b2016724158887338733e
expires: Sat, 30 Dec 2023 15:58:08 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1672415889
via: cache9.l2de2[0,0,200-0,H], cache6.l2de2[1,0], cache1.se1[0,0,200-0,H], cache3.se1[1,0]
access-control-allow-origin: *
age: 3056978
x-cache: HIT TCP_MEM_HIT dirn:11:236727236
x-swift-savetime: Fri, 30 Dec 2022 16:01:28 GMT
x-swift-cachetime: 31535801
timing-allow-origin: *
eagleid: 2ff62c9716754728678756640e
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 69133be763187ed9ac82844f0fdfbeda
5aa57d68224186ca493024977d86025a28fca1f5
9f6d1752f15fa766fac6e6cedcb54f893b55e3acadef5b6c309f535fa00d6c39
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 771181635d9c7fe1ddf5bb82d4bf2c12
b146bc4dee082bc0209b582e6fc2705a1ada6abb
fc3f89dd283c7a8ea1a0b75ee6962321fdadc102c0c4edb801038a4bd4590417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161249
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:47 GMT
Etag: "63dd82c4-2d7"
Expires: Sun, 05 Feb 2023 21:55:16 GMT
Last-Modified: Fri, 03 Feb 2023 21:55:16 GMT
Server: nginx
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 771181635d9c7fe1ddf5bb82d4bf2c12
b146bc4dee082bc0209b582e6fc2705a1ada6abb
fc3f89dd283c7a8ea1a0b75ee6962321fdadc102c0c4edb801038a4bd4590417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2031
Cache-Control: max-age=163280
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:47 GMT
Etag: "63dd82c4-2d7"
Expires: Sun, 05 Feb 2023 22:29:07 GMT
Last-Modified: Fri, 03 Feb 2023 21:55:16 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash dd0de68155fb36464c27d7bcb1d5d25d
11a204f8c7e83d50d1b89457e31f4a61aaea24d9
d609713c6845cb6f7275086ee301a362023543bcfb64e6dfa7d70ccc0610f67e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4324
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:47 GMT
Last-Modified: Fri, 03 Feb 2023 23:55:44 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
IP 216.58.211.3:0
Hash a33f72967b9a84458bd5cc89a7d42176
ee79f3e52689b68ed385743e06a599d545e48c8b
d2cec375bfc538014980238050a9b11ab7876965f23cc6d099ae09385a516c6f
POST /s/gts1p5/IOl1ekfxYGk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c
47.246.44.230200 OK 264 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 600 x 180\012- data
Size 264 kB (264457 bytes)
Hash 8007c032862a58981996db2a62e644b1
ee7ababa5a4baf364669f160b1d26601ac8d947a
f1171e7ede87b61f3470e61f48e759b3b6f46bb5162b614b93210801c0955d89
GET /obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 264457
date: Sat, 28 Jan 2023 12:03:13 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 28 Jan 2023 07:51:01 GMT
nw-session-id: 2023012815510134CB009BF39888F0DA5Bn2gsx02dy
nw-session-trace: 2023-01-28T15:51:01.922164306+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 264457
x-powered-by: ImageX
x-response-date: Sat, 28 Jan 2023 15:51:01 GMT
x-tt-logid: 2023012815510134CB009BF39888F0DA5B
via: n204-100-014, cache14.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[2,0], cache2.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:27:155::141
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010b79fb233ecc212f8111619c222eeff1af6dfb466b49c8e9e56a89a9bb51d72aaaf82342278e1f9f5108a02d8eab5692286ea162f1720f27ce1741edead5238fff55a0e71a01d87deedee66710d265c3cb95212175e3ec2c802d309e0581a703
x-response-lb: image
ali-swift-global-savetime: 1674907394
age: 565473
x-cache: HIT TCP_MEM_HIT dirn:11:38193722
x-swift-savetime: Sat, 28 Jan 2023 15:00:15 GMT
x-swift-cachetime: 31525379
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816754728679401828e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b1261709629504a5e00761a6fde813e7
f49c512823a27c7d3c87d925db5b44805f9e1a16
a965ead1ced4feb72e5003a59d4a2f72adeae70991f1dc0b08be5a93ee27152d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A965EAD1CED4FEB72E5003A59D4A2F72ADEAE70991F1DC0B08BE5A93EE27152D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3808
Expires: Sat, 04 Feb 2023 02:11:16 GMT
Date: Sat, 04 Feb 2023 01:07:48 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfa1996c05ac3b304f1e076366179f97
c55852ff522b841f21fb881730374333938e44f3
bb45fe2ba07ad4d5b270e25f26dd50d5327405eab17c9e3940db32444c59cdbf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BB45FE2BA07AD4D5B270E25F26DD50D5327405EAB17C9E3940DB32444C59CDBF"
Last-Modified: Thu, 02 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3274
Expires: Sat, 04 Feb 2023 02:02:21 GMT
Date: Sat, 04 Feb 2023 01:07:47 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
47.246.44.230200 OK 562 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (561802 bytes)
Hash 6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
GET /obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Wed, 01 Feb 2023 08:01:19 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 31 Jan 2023 15:24:25 GMT
nw-session-id: 20230131232425C1A5C3E564F259D463B9kg5m703dy
nw-session-trace: 2023-01-31T23:24:25.535825825+08:00 19
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Tue, 31 Jan 2023 23:24:25 GMT
x-tt-logid: 20230131232425C1A5C3E564F259D463B9
via: n204-098-222, cache5.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:25:359::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01023bdf348ce5f3e550a2c3752cbdcf006cf4246041b2f769ce46b7166fac5d6648758ea1f722fb05b9ee9250cabb7ffd53028f5c321bbcdcfd9c245144e038dae403651285c6b3f3dfc03440a2c2899ebac2ea614c80028ff49cb20651d03bd6
x-response-lb: image
ali-swift-global-savetime: 1675238479
age: 234388
x-cache: HIT TCP_MEM_HIT dirn:-2:-2 mlen:0
x-swift-savetime: Thu, 02 Feb 2023 16:17:24 GMT
x-swift-cachetime: 31419835
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816754728679611841e
X-Firefox-Spdy: h2
mei.netlbtu.com/upload/art/gif/gfdt/071616_341-4.gif
45.89.209.74200 OK 14 kB URL HTTP/1.1 mei.netlbtu.com/upload/art/gif/gfdt/071616_341-4.gif
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Hash e994db89370c07131c299b37e86e0906
3166f9925170c117be7c77602c26f45105cae06c
d9a139378357052913b2b57af565d38baef6f7a10ff1c0b58376e57a764f16df
GET /upload/art/gif/gfdt/071616_341-4.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 04 Feb 2023 09:05:55 GMT
Content-Type: image/gif
Content-Length: 13797
Last-Modified: Fri, 25 Nov 2022 12:36:24 GMT
Connection: keep-alive
ETag: "6380b6c8-35e5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash b0a5f3a2175a98374fcbf23d57525136
22add6de2d7a815451837f2183ac2353f790ee6f
12614043a3226b5d048bec170d65c0052190cd76c83739d8cd48767211d8f0bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1765
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:48 GMT
Last-Modified: Sat, 04 Feb 2023 00:38:23 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 727
mei.netlbtu.com/upload/art/gif/20200421/170511-1.mp4_1587324106344.gif
45.89.209.74200 OK 13 kB URL HTTP/1.1 mei.netlbtu.com/upload/art/gif/20200421/170511-1.mp4_1587324106344.gif
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 480x270, components 3\012- data
Hash e1a576cbd51934165b0de029925eba4d
8225a3aa258bf5e6985492a834622a090376208f
7664f5c8b9e9611fc3d76c64ca431e0b96ba7d9bbc2ed1ebcc15b4037725b380
GET /upload/art/gif/20200421/170511-1.mp4_1587324106344.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 04 Feb 2023 09:05:55 GMT
Content-Type: image/gif
Content-Length: 12943
Last-Modified: Fri, 25 Nov 2022 12:36:23 GMT
Connection: keep-alive
ETag: "6380b6c7-328f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvtjjj.top/d2527f7b8c975443eead165505e089df.gif
104.21.45.172200 OK 207 kB URL HTTP/2 kvtjjj.top/d2527f7b8c975443eead165505e089df.gif
IP 104.21.45.172:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 207 kB (207365 bytes)
Hash 99687664402295ba9d43d5c8491a3207
0b245333582e86c722c8fa4d8cbb612eacd55a33
f200d581b9b22e49334ca69de7f012206b1dc07848885cdba0466caa48337325
GET /d2527f7b8c975443eead165505e089df.gif HTTP/1.1
Host: kvtjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.henniu487.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:07:48 GMT
content-type: image/gif
content-length: 207365
last-modified: Thu, 02 Feb 2023 13:43:00 GMT
etag: "63dbbde4-32a05"
expires: Mon, 06 Mar 2023 00:38:58 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1729
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMXzwx4rPowyt8g93RcAcWSVHH2kfDAbpWkqCuPCKVIbXOxrWQK3v48AEXDb8F9rAK%2FZnPlRNmsb6xaj6zzhtK0BZxTJAISaA1E%2B%2BQF54GxdxWtAy2y9hBsmiXtq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f82f14e190afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfa1996c05ac3b304f1e076366179f97
c55852ff522b841f21fb881730374333938e44f3
bb45fe2ba07ad4d5b270e25f26dd50d5327405eab17c9e3940db32444c59cdbf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BB45FE2BA07AD4D5B270E25F26DD50D5327405EAB17C9E3940DB32444C59CDBF"
Last-Modified: Thu, 02 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3273
Expires: Sat, 04 Feb 2023 02:02:21 GMT
Date: Sat, 04 Feb 2023 01:07:48 GMT
Connection: keep-alive
mei.netlbtu.com/upload/art/gif/gfdt/746bfd5d31fc37377d.gif
45.89.209.74200 OK 20 kB URL HTTP/1.1 mei.netlbtu.com/upload/art/gif/gfdt/746bfd5d31fc37377d.gif
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 560x314, components 3\012- data
Hash ad1f30d4930167d4eff601f3fee06b8d
b0fa5f060045cad3ae25d6ce6e00758668a31f00
5605d7b7176cda10fc43bfe3ef7c57efda471a1d0ed5092aaca9e8426c747032
GET /upload/art/gif/gfdt/746bfd5d31fc37377d.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 04 Feb 2023 09:05:55 GMT
Content-Type: image/gif
Content-Length: 19506
Last-Modified: Fri, 25 Nov 2022 12:36:24 GMT
Connection: keep-alive
ETag: "6380b6c8-4c32"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 771181635d9c7fe1ddf5bb82d4bf2c12
b146bc4dee082bc0209b582e6fc2705a1ada6abb
fc3f89dd283c7a8ea1a0b75ee6962321fdadc102c0c4edb801038a4bd4590417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161248
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:48 GMT
Etag: "63dd82c4-2d7"
Expires: Sun, 05 Feb 2023 21:55:16 GMT
Last-Modified: Fri, 03 Feb 2023 21:55:16 GMT
Server: nginx
Content-Length: 727
qppicture.oss-cn-shanghai.aliyuncs.com/xjimg/1419gif960x60.gif
106.14.229.206200 OK 64 kB URL HTTP/1.1 qppicture.oss-cn-shanghai.aliyuncs.com/xjimg/1419gif960x60.gif
IP 106.14.229.206:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash c677e519fd2423d46d35b94059a1fa98
48f44e8cf932859a331edf203f6109a7d521314c
b470ee84eee1f73dfd2f3660ea8620fea1818bce9420efb7543e7353a7612578
GET /xjimg/1419gif960x60.gif HTTP/1.1
Host: qppicture.oss-cn-shanghai.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: image/gif
Content-Length: 64508
Connection: keep-alive
x-oss-request-id: 63DDAFE3B9FD8B303648AF08
Accept-Ranges: bytes
ETag: "C677E519FD2423D46D35B94059A1FA98"
Last-Modified: Sun, 01 Jan 2023 09:56:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11255473868077813000
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: xnflGf0kI9RtNblAWaH6mA==
x-oss-server-time: 2
p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a
47.246.44.230200 OK 147 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 120\012- data
Size 147 kB (146647 bytes)
Hash 3e19d4a109f5442429ab120014d83932
9b3ab408c1543c2a812d99f985ec7f014eb239ee
69a725e47512725f942332b0729ad94fe477f82b0d93055f5265793815bfa4a6
GET /obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 146647
date: Sat, 17 Dec 2022 12:44:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 17 Dec 2022 11:05:17 GMT
nw-session-id: 20221217190517010212075088049EE35Fpwrzh01dy
nw-session-trace: 2022-12-17T19:05:17.505827354+08:00 60
x-bdcdn-cache-status: TCP_HIT
x-length: 146647
x-powered-by: ImageX
x-response-date: Sat, 17 Dec 2022 19:05:17 GMT
x-tt-logid: 20221217190517010212075088049EE35F
via: n204-098-222, cache23.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache7.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc01:26:318::66
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 011f3179f65e79bd56134347320851a7aea6e0a18bf2c1c23c6d8014804fa9b0190235d5d93772c680138c643463983506d475df3a8b72e78a121b4f4f35ee7fedfab41d1744bafee7a1a00aacfbc0761d667083177ceac1c0964125934b59ee2b
x-response-lb: image
ali-swift-global-savetime: 1671281072
age: 4191796
x-cache: HIT TCP_MEM_HIT dirn:11:346154491
x-swift-savetime: Sat, 17 Dec 2022 13:21:53 GMT
x-swift-cachetime: 31533759
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816754728681111922e
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c59f269e10a8f2b2cb96b83244e8322e
241508baa2217c53f8925eb8201b0ade5047583c
a63681a9266450fbc80e18356b019f89edb398e0db267bb68c20b7518e85e9e7
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 01:07:48 GMT
Last-Modified: Fri, 03 Feb 2023 21:24:59 GMT
ETag: "63dd7bab-1d7"
Expires: Sun, 05 Feb 2023 21:24:59 GMT
Cache-Control: max-age=159431
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675472868
Via: cache12.l2de2[183,182,200-0,M], cache12.l2de2[184,0], cache7.se1[206,206,200-0,M], cache7.se1[207,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 01:07:48 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16754728679115090e
p.qlogo.cn/qqmail_head/Q3auHgzwzM7lfibDibZw1dnZN1RFUI5icVRDSA0IJthupxgwHdxyVUzMhLVeumY3D3D/0
43.154.254.32200 OK 303 kB URL HTTP/2 p.qlogo.cn/qqmail_head/Q3auHgzwzM7lfibDibZw1dnZN1RFUI5icVRDSA0IJthupxgwHdxyVUzMhLVeumY3D3D/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 303 kB (303221 bytes)
Hash 49d23f61d7a8936bcc343a0552a241cb
f339358d402b469de99a442bbada8a61e2a9e6e5
eb6392cf9a7eea48e743e5204a6bcc773663c55e21c312adc78ac5145bfab802
GET /qqmail_head/Q3auHgzwzM7lfibDibZw1dnZN1RFUI5icVRDSA0IJthupxgwHdxyVUzMhLVeumY3D3D/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 04 Feb 2023 01:07:46 GMT
content-type: image/gif
content-length: 303221
vary: Accept,Origin
last-modified: Fri, 20 Jan 2023 12:34:15 GMT
cache-control: max-age=2592000
x-delay: 44541 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 303221
chid: 0
fid: 0
x-nws-log-uuid: 1fa827a7-ca59-4f01-a66f-3f8fe60fbcfb
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
43.154.254.32200 OK 1.4 MB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 640 x 200\012- data
Size 1.4 MB (1362871 bytes)
Hash b43c54ced7fcd33ebd9405eb26d533b7
05e5eb23ef5a79364bc8f8fd778d54a9fa335174
7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 04 Feb 2023 01:07:46 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 140507 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: b89073b4-3f0f-4d03-9763-a4737ea5db96
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.4200 OK 300 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.4:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 300 kB (299985 bytes)
Hash 5d7118c19a9bd8ff78641a72cb481144
5cf8f1709330929db0f38141e5e18518a2ddcb12
ebd1f7b5795943f0b6e779047bfd82e03c020056e9ae9f4a4f8b400d3835cd85
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 04 Feb 2023 01:07:46 GMT
Content-Type: image/gif
Content-Length: 299985
Connection: keep-alive
x-oss-request-id: 63DDAFE2FC567C3934A66987
Accept-Ranges: bytes
ETag: "5D7118C19A9BD8FF78641A72CB481144"
Last-Modified: Tue, 10 Jan 2023 09:27:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5878332609690177558
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDwy4PsrBgiIGVlOTJjOGM4NTBkZDQ5NTBhMzAzYjhiYTJjYjQ0NTI5
Content-MD5: XXEYwZqb2P94ZBpyy0gRRA==
x-oss-server-time: 2
zhibo128x.xyz/128/960x120.gif
154.83.25.141200 OK 417 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 417 kB (417166 bytes)
Hash 13c9b946edcde7ff1343201a30e2fd46
c58983acbb24dfd174e7e033c3054b9e5036cb7b
8e817dd37cc60ddd6de4dab6f55edf1132b6793ed7d391de2dd9200cd215a926
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 Feb 2023 01:04:59 GMT
Content-Type: image/gif
Content-Length: 417166
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 21:11:51 GMT
ETag: "63b5eb97-65d8e"
Expires: Fri, 03 Feb 2023 21:14:05 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 4333f8a494b68bfb9eb46eba2f623782
c1b91355560b083ca75fe4a4278b7d081d9a207e
6c4a08073907112335f597657a02fd0c06b71c954edf8bee94598a9a3d2e4c39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106135
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:48 GMT
Etag: "63dcab7b-2d7"
Expires: Sun, 05 Feb 2023 06:36:43 GMT
Last-Modified: Fri, 03 Feb 2023 06:36:43 GMT
Server: nginx
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 4333f8a494b68bfb9eb46eba2f623782
c1b91355560b083ca75fe4a4278b7d081d9a207e
6c4a08073907112335f597657a02fd0c06b71c954edf8bee94598a9a3d2e4c39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4859
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:07:48 GMT
Etag: "63dcab7b-2d7"
Last-Modified: Fri, 03 Feb 2023 23:46:49 GMT
Server: ECS (amb/6BC6)
X-Cache: HIT
Content-Length: 727
kzeoo.com/39ece0ec38182f6a9c5191222a2a17bd.gif
172.83.155.45200 OK 452 kB URL HTTP/2 kzeoo.com/39ece0ec38182f6a9c5191222a2a17bd.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 1000 x 70\012- data
Size 452 kB (451650 bytes)
Hash d36b47fd223d12e145bef662950636ca
e4a8fcb7fc1cd333568eba0beb86d21c7134d33d
38eb2d417d15a38f262f8cce57c2ce0deb020c3d2823332c4cb760d87c39db8a
GET /39ece0ec38182f6a9c5191222a2a17bd.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:47 GMT
content-type: image/gif
content-length: 451650
last-modified: Fri, 19 Aug 2022 17:02:33 GMT
etag: "62ffc229-6e442"
expires: Sat, 04 Feb 2023 13:07:47 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 522079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q%2Btu25wdSUH0fHtrIvTfJb3ImKG7cvwU6pRiPbSYabesn37C3x%2B3SM0S43%2FJ478bIRTC25cDGt%2BnWPirkCR%2FE8zaJJ9GQLTYEDeAsvdUoJeHwKmDJ00iXbe7Kfe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 792ab2a239a427ae-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 0730e421e3eb5ba01f3eb4fb243a28f4
f62359bbcc7bf1d330e23c5043511cd763c2090b
6fd5bb1ccf542d1e293a96c95ccdf6abe8d0ddff9151f64bdfae9ee8039bf059
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:48 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 10:25:03 GMT
Expires: Thu, 09 Feb 2023 10:25:02 GMT
Etag: "f62359bbcc7bf1d330e23c5043511cd763c2090b"
Cache-Control: max-age=464833,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f82f37b4ffab4-OSL
xxx6686.app/960-60.gif
123.253.107.211200 OK 381 kB IP 123.253.107.211:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 381 kB (380774 bytes)
Hash d5b19fab300b34d93648b77ba1e87205
eabcc33b82a978d851b9af1337fc656a70f23c2f
e7cce7f77395b75187261e079f448c4b9de06f62f42ca0d2b87662efe80ea69b
GET /960-60.gif HTTP/1.1
Host: xxx6686.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: load-edge/2.1.1
date: Sat, 04 Feb 2023 01:07:47 GMT
content-type: image/gif
content-length: 380774
last-modified: Tue, 20 Dec 2022 08:28:12 GMT
etag: "63a1721c-5cf66"
strict-transport-security: max-age=31536000
lp-geo: edge-n0cc
lp-addr: 91.90.42.154
lp-request: a2480373-3b1d-46b7-8c91-f27613e467be
lp-id: ab6fb21f508a055e28c898973fb529da
expires: Sat, 04 Feb 2023 01:12:47 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu487.site/
108.171.217.114200 OK 870 kB IP 108.171.217.114:0
Size 870 kB (869902 bytes)
Hash ec3679c00776d08fcbdfaed5442c46f3
e67056c345511d4e76be08f3d140c1dafbc5ea39
46bc4189da1457ea1b8bdbf36ecc0918f7926750e21627506b05c89e29b21df8
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baidu.hnmaccms.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvegg.com/6c2bdfc52ef6d8572dcf0d370f891c1f.gif
172.83.155.45200 OK 0 B URL HTTP/2 kvegg.com/6c2bdfc52ef6d8572dcf0d370f891c1f.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
GET /6c2bdfc52ef6d8572dcf0d370f891c1f.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:48 GMT
content-type: image/gif
content-length: 103315
last-modified: Wed, 07 Dec 2022 06:27:53 GMT
etag: "63903269-19393"
expires: Sat, 04 Feb 2023 13:07:48 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqQwhfAcI%2BBLjDabPxOlpCkkxoQrf2GUkq%2FrwoJxSpUaEFpxkCHc7%2ByUQa0nRWdZE8eXTWnAvN4A2Rg%2BSEH%2BG3%2Fj8JV1ChbfOvJXoMzms1tEIxoYZEf2AnmgDx%2BM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 791a334c8e20306c-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
165tuchuang.com/i/2023/01/17/63c69882a8d70.gif
18.143.137.237200 OK 0 B URL HTTP/1.1 165tuchuang.com/i/2023/01/17/63c69882a8d70.gif
IP 18.143.137.237:0
GET /i/2023/01/17/63c69882a8d70.gif HTTP/1.1
Host: 165tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:07:48 GMT
Content-Type: image/gif
Content-Length: 628981
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 12:45:54 GMT
ETag: "63c69882-998f5"
Expires: Fri, 24 Feb 2023 15:26:32 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: Tengine
X-Cache-Status: HIT
Accept-Ranges: bytes
p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image
4.34.42.101200 OK 0 B URL HTTP/2 p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image
IP 4.34.42.101:0
GET /img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 806826
date: Mon, 25 Jul 2022 09:10:29 GMT
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 31 Mar 2022 10:03:03 GMT
nw-session-id: 2022033118030201019409901840A77C0Endgts03la
nw-session-trace: 2022-03-31T18:03:03.257713369+08:00 344
x-bdcdn-cache-status: TCP_HIT
x-length: 806826
x-powered-by: ImageX
x-response-date: Thu, 31 Mar 2022 18:03:03 GMT
x-tt-logid: 2022033118030201019409901840A77C0E
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-lb: image
x-ser: BC177_dx-lt-yd-zhejiang-jinhua-12-cache-13, BC177_dx-lt-yd-zhejiang-jinhua-12-cache-13, BC6_US-Michigan-chieago-1-cache-1, BC102_US-Colorado-Denver-1-cache-1
x-cache: HIT from BC102_US-Colorado-Denver-1-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=1
access-control-allow-origin: *
timing-allow-origin: *
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
13.227.254.80200 OK 0 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 13.227.254.80:0
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 354278
last-modified: Mon, 19 Dec 2022 07:47:28 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 13:06:49 GMT
etag: "c6442fd82dd00372e745f394887172f2"
x-cache: Hit from cloudfront
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: KLyEw8qxgsgYe3NfrVgBN8hH9JJIxEjhq0-R9X7ixVjJt42_PdG_Aw==
age: 43259
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 04 Feb 2023 01:07:45 GMT
content-type: image/gif
content-length: 1607696
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:45 GMT
cache-control: max-age=2592000
x-delay: 116568 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1607696
chid: 0
fid: 0
x-nws-log-uuid: 28f8709a-1597-4c29-9626-ab8c3038b0a0
X-Firefox-Spdy: h2
img.1137555.com/images/639f110ff854fb2e3980a017.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1137555.com/images/639f110ff854fb2e3980a017.gif
IP 3.36.126.81:0
GET /images/639f110ff854fb2e3980a017.gif HTTP/1.1
Host: img.1137555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a
X-Firefox-Spdy: h2
img.3155a.com/images/63d7b0c96c2af1be8a356618.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.3155a.com/images/63d7b0c96c2af1be8a356618.gif
IP 3.36.126.81:0
GET /images/63d7b0c96c2af1be8a356618.gif HTTP/1.1
Host: img.3155a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
182.118.39.166200 OK 0 B URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP 182.118.39.166:0
ASN #4837 CHINA UNICOM China169 Backbone
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:07:48 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 1252196
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 14 Jan 2023 22:34:31 GMT
nw-session-id: 202301150634315B44256938F2929E90BCw5bdx02tt
nw-session-trace: 2023-01-15T06:34:31.965834401+08:00 88
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 15 Jan 2023 06:34:31 GMT
x-response-lb: image
x-tt-logid: 202301150634315B44256938F2929E90BC
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=2
via: CHN-HAzhengzhou-AREACUCC1-CACHE11[2],CHN-HAzhengzhou-AREACUCC1-CACHE15[0,TCP_HIT,1],CHN-JSwuxi-GLOBAL5-CACHE18[3],CHN-JSwuxi-GLOBAL5-CACHE33[0,TCP_HIT,2],n132-067-174
x-hcs-proxy-type: 1
x-request-ip: fdbd:dc03:11:538::86
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-tt-trace-host: 01313c93dee2177653842d57191f7e79a14cfab173bb16c2316919a1281ee3182a8aff106d2f89bbd162d89138e06cfc6af5e4ae36cb18d6b8bccf5b24c0f374ecc0f1de224b8e5e48e41b1962740b86809ff20e06943ee2112a4d4f615c6534002602868181f8fd32ceb8e7683c46307837e0ec7764bc0c167df2d4288ab49a1f083d3f4613b29073bf7dcdbd8edb45b160a7c315529853bcf9a725034cc53285
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
X-Firefox-Spdy: h2
link.imgapp.top/images/63ba73b1a92cd2097e833f9f.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/63ba73b1a92cd2097e833f9f.gif
IP 3.36.126.81:0
GET /images/63ba73b1a92cd2097e833f9f.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/cad3c680e8ac44648c881b27cf2554f0
X-Firefox-Spdy: h2
ky891.oss-cn-shenzhen.aliyuncs.com/891-960x120.gif
120.77.166.22200 OK 0 B URL HTTP/1.1 ky891.oss-cn-shenzhen.aliyuncs.com/891-960x120.gif
IP 120.77.166.22:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /891-960x120.gif HTTP/1.1
Host: ky891.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 04 Feb 2023 01:07:47 GMT
Content-Type: image/gif
Content-Length: 407212
Connection: keep-alive
x-oss-request-id: 63DDAFE31344D130363D9C47
Accept-Ranges: bytes
ETag: "0F175E48FC5D3C25093BBA6F5E2A8357"
Last-Modified: Mon, 02 Jan 2023 14:11:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14239271872762606610
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: DxdeSPxdPCUJO7pvXiqDVw==
x-oss-server-time: 3
img.9376x.com/images/63664dfd09d6345f4f98bebe.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.9376x.com/images/63664dfd09d6345f4f98bebe.gif
IP 3.36.126.81:0
GET /images/63664dfd09d6345f4f98bebe.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
13.227.254.5200 OK 0 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 13.227.254.5:0
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 13:06:49 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: nu8Q3ostBfA_F3j3WrAChjnBStPzY3KNj-1E3vz-0p_ehpABUcucGA==
age: 43259
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
121.226.246.3200 OK 0 B URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
IP 121.226.246.3:0
GET /ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:48 GMT
content-type: image/gif
content-length: 1368366
cache-control: max-age=15552000
expires: Sun, 30 Jul 2023 04:16:55 GMT
last-modified: Fri, 25 Nov 2022 14:35:51 GMT
age: 334253
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cRs f ]), http/1.1 SQ-CT-1-MIX-21 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1675138615846-0-0-1-12-12;200;200-1675322968310-0-0-0-0-0;200-1675472868037-0-0-0-1-1
X-Firefox-Spdy: h2
www.henniu487.site/template/dfcc/static/js/jquery.min.js
108.171.217.114200 OK 0 B URL HTTP/2 www.henniu487.site/template/dfcc/static/js/jquery.min.js
IP 108.171.217.114:0
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/static/js/jquery.min.js HTTP/1.1
Host: www.henniu487.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:07:42 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:32 GMT
vary: Accept-Encoding
etag: W/"61d99aa4-17b8b"
expires: Sat, 04 Feb 2023 13:07:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
113.1.0.71200 OK 0 B URL HTTP/1.1 gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
IP 113.1.0.71:0
ASN #4837 CHINA UNICOM China169 Backbone
GET /ky960x60.gif HTTP/1.1
Host: gtm-cn-j6730u6sd0b.gtm-a3b8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Etag: "4e1e4b8f46ac2e67539d5881785ba29a"
Content-Type: image/gif
Date: Tue, 31 Jan 2023 02:47:29 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 10945751995987991778
x-cos-request-id: NjNkODgxNDFfNGI1NGU0MDlfZmRiZF8zZTZkNThm
Accept-Ranges: bytes
Last-Modified: Thu, 29 Dec 2022 12:09:17 GMT
Content-Length: 399450
X-NWS-LOG-UUID: 14588322996509393008
Connection: keep-alive
X-Cache-Lookup: Cache Hit, Hit From Inner Cluster
pic.rmb.bdstatic.com/bjh/a31230445806508a2ce196f4072d2dff.gif
185.10.104.115200 OK 0 B URL HTTP/2 pic.rmb.bdstatic.com/bjh/a31230445806508a2ce196f4072d2dff.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /bjh/a31230445806508a2ce196f4072d2dff.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 01:07:47 GMT
content-type: image/gif
content-length: 902269
expires: Mon, 06 Feb 2023 21:21:55 GMT
last-modified: Sun, 01 May 2022 03:09:14 GMT
etag: "a31230445806508a2ce196f4072d2dff"
age: 13517
accept-ranges: bytes
content-md5: oxIwRFgGUIos4Zb0By0t/w==
x-bce-content-crc32: 1513522899
x-bce-debug-id: O7Gi5XpPtuVUvaMZ4WJHM0isgFgTQ9qDht7irECU5SPxsmpFxJCWa2spuPnwKMWE4Ee2wAV8zjLiWh8bkdPx0A==
x-bce-request-id: 7470e3a6-fafd-4347-a1ca-39aa502ade7c
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 21:21:55 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache50 [4], suzix135 [2]
ohc-file-size: 902269
x-cache-status: HIT
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg
45.89.209.74200 OK 0 B URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg
IP 45.89.209.74:0
GET /upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu487.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 04 Feb 2023 09:05:55 GMT
Content-Type: image/jpeg
Content-Length: 464670
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 16:45:06 GMT
ETag: "620d2a12-7171e"
Expires: Mon, 06 Mar 2023 01:07:47 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes