r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15198
Expires: Sun, 08 Jan 2023 13:00:04 GMT
Date: Sun, 08 Jan 2023 08:46:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5121
Expires: Sun, 08 Jan 2023 10:12:07 GMT
Date: Sun, 08 Jan 2023 08:46:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 08:41:28 GMT
content-type: application/json
age: 318
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6394
Expires: Sun, 08 Jan 2023 10:33:20 GMT
Date: Sun, 08 Jan 2023 08:46:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cNCkYJIZirpBTuoeKmm6vL54h2igmJkQq2dutNHm0Zr9SsEPRgZ/sHxsphRkFidRf50sYYlZntU=
x-amz-request-id: VV4XS3A3181NA5P4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 08:15:41 GMT
age: 1865
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ahruntang.com/
46.3.166.200301 Moved Permanently 0 B IP 46.3.166.200:0
ASN #141677 Nathosts Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 08 Jan 2023 08:46:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.ahruntang.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 08:46:46 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 08:33:43 GMT
age: 784
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6161
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 08:46:47 GMT
Last-Modified: Sun, 08 Jan 2023 07:04:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.ahruntang.com/
46.3.166.200200 OK 36 kB IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash bb647fbc677d08e0aa1a22d5470aa05a
984fe7f60c4a7e221f212db059e79fe79bde11ef
afc7a7dfa105f2d31f05193512b2821d5a88366245c88a0ea0ec67077e5ac8bc
GET / HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: text/html
Content-Length: 36429
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
push.services.mozilla.com/
35.82.246.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.246.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: esTwMD6K6oUIuY1Rcks41A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QOaiO4aRSbCo3JzHDWqwghuMaLA=
www.ahruntang.com/yyhstatic/js/tj.js
46.3.166.200200 OK 253 B URL HTTP/1.1 www.ahruntang.com/yyhstatic/js/tj.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
Hash 1e8bac7cf57e774deabfa0b4f4925790
60b2846e203da960c6b4c72059a31ae9758cc94a
64d1d42f24c3ae8f6c668aaa0ddc67197880e5e4dc3c3d73983e7ca923843613
GET /yyhstatic/js/tj.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: application/javascript
Content-Length: 253
Last-Modified: Sat, 21 May 2022 10:43:00 GMT
Connection: keep-alive
ETag: "6288c234-fd"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.ahruntang.com/static223/css/mytheme-color2.css
46.3.166.200200 OK 1.7 kB URL HTTP/1.1 www.ahruntang.com/static223/css/mytheme-color2.css
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash f63d13f8ae76be3fed83b8782f92aba2
62462df76249a2c545b9215358d11e7d8ec8897b
a7bcb81dbbc8cfa43d3b665d8c65a06850fb200f09eb528efd9cba1cd96e219f
GET /static223/css/mytheme-color2.css HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: text/css
Last-Modified: Thu, 17 Mar 2022 12:22:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327f8-157d"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/js/mytheme-ui.js
46.3.166.200200 OK 5.8 kB URL HTTP/1.1 www.ahruntang.com/static223/js/mytheme-ui.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 3ff92a3ac12a98901c70e48b2fac3260
8ed8c21ef049cf41a17fc1ae6bcc11ae957f0093
83401d012a317f7f2682ec0644f283e628ef7c208d46074f1b154815dbab3d25
Analyzer Verdict Alert fortinet Malware
GET /static223/js/mytheme-ui.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Mar 2022 12:22:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327fa-46c2"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/js/layer.js
46.3.166.200200 OK 8.4 kB URL HTTP/1.1 www.ahruntang.com/static223/js/layer.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 text, with very long lines (22024), with CRLF line terminators
Hash 86d55e1fbcf2cea4c9d8ca6d2ad34eed
b9c315892eda2d3a1579294be6c4fde6be95ff40
c92dc419d550842a89b2746b0c2fff1e57b9eab451e27c7baf7ffb06f5b71d3f
Analyzer Verdict Alert fortinet Malware
GET /static223/js/layer.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Mar 2022 12:22:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327fa-565d"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/js/mytheme-cms.js
46.3.166.200200 OK 2.5 kB URL HTTP/1.1 www.ahruntang.com/static223/js/mytheme-cms.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3515bc5c7c4701dedabd9d7f999b0679
80ece1534665aa95703eec9fab4c93df44e7e121
395bef6828dc97712c30f29133fda9a3c2220d5d57ca7677cbea796e4a0d2460
Analyzer Verdict Alert fortinet Malware
GET /static223/js/mytheme-cms.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Mar 2022 12:22:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327fc-1e32"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/yyhstatic/js/pcdaohang.js
46.3.166.200200 OK 473 B URL HTTP/1.1 www.ahruntang.com/yyhstatic/js/pcdaohang.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 9473d61ff19277d0e446993b4c60f01b
aba189091d6a6c9d27b010f9fc153680a43e43f2
5aeec87e66b55348ee2d65cc1031efd88f90f0f15ec57828b16a16cd540b150b
GET /yyhstatic/js/pcdaohang.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 10:19:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"638096c1-ddd"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/js/jquery.min.js
46.3.166.200200 OK 34 kB URL HTTP/1.1 www.ahruntang.com/static223/js/jquery.min.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 8b20c2183693be60f63566d710f39254
be463aa7b7916b9290b21f669ec5f9ca0320d225
614935fec2b27841e3a065883ab56229318c2fafcc6b08aff701c2549b7c9fe6
Analyzer Verdict Alert fortinet Malware
GET /static223/js/jquery.min.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Mar 2022 12:22:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327fc-15391"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/js/mytheme-site.js
46.3.166.200200 OK 41 kB URL HTTP/1.1 www.ahruntang.com/static223/js/mytheme-site.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type ASCII text, with very long lines (8746), with CRLF line terminators
Hash e63b32dbb5bfef02e41ee6b632a5b51b
8c7d5b8de3215e6efedfc71eac45d20827c56668
311f6131e7ca0d5f389c0851ee05527326edf7a52ac7576b03212cfb79884196
Analyzer Verdict Alert fortinet Malware
GET /static223/js/mytheme-site.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Mar 2022 12:22:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327fa-1f90d"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/yyhstatic/js/webdaohang.js
46.3.166.200200 OK 748 B URL HTTP/1.1 www.ahruntang.com/yyhstatic/js/webdaohang.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 88a6b2f3c5e5549bd711eb9bc4146254
f096d4c7bc6afac954fe5524212900a58ff5ed84
7842e5913733c3cdd157f46f1e14b92bc979ca2f5018b8d8cdaa81483992ebfd
GET /yyhstatic/js/webdaohang.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:47 GMT
Content-Type: application/javascript
Last-Modified: Fri, 28 Oct 2022 08:27:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635b9277-1987"
Expires: Sun, 08 Jan 2023 20:46:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/yyhstatic/js/ss.js
46.3.166.200200 OK 520 B URL HTTP/1.1 www.ahruntang.com/yyhstatic/js/ss.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 5d417d1d4ebdda10f39e9baddc86a141
df9edfcc3dc081740e1770af09802227c0e78027
f008405d94a9fd597f13bc311b089a9649c203fc3e64b36e92b54b9fe45469e3
GET /yyhstatic/js/ss.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: application/javascript
Content-Length: 520
Last-Modified: Fri, 09 Dec 2022 15:12:13 GMT
Connection: keep-alive
ETag: "6393504d-208"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.ahruntang.com/yyhstatic/js/rmss.js
46.3.166.200200 OK 794 B URL HTTP/1.1 www.ahruntang.com/yyhstatic/js/rmss.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7994dd39fb71c41afc3b2ac249f14b3c
1732fea162e4e190fdf21f69882c94261dea324b
94242924b1385d6db5a4dee500b83a538ace9ab3581ff0ca569a8bc3064e1dc0
GET /yyhstatic/js/rmss.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: application/javascript
Content-Length: 794
Last-Modified: Fri, 28 Oct 2022 08:27:01 GMT
Connection: keep-alive
ETag: "635b9255-31a"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.ahruntang.com/yyhgg/dbgg.php
46.3.166.200200 OK 142 B URL HTTP/1.1 www.ahruntang.com/yyhgg/dbgg.php
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type ASCII text, with no line terminators
Hash 042de2a8fa63bdcca8dd3964fa32e54b
fe06916e05f08b9a049d2268875328c164e5dc55
1e3b063ab90ad83208189d058e981122659907c0bf01953a8bc2afbf8c57c12f
GET /yyhgg/dbgg.php HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.ahruntang.com/yyhgg/sxgdpfgg.js
46.3.166.200200 OK 1.0 kB URL HTTP/1.1 www.ahruntang.com/yyhgg/sxgdpfgg.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type HTML document text\012- HTML document, ISO-8859 text, with very long lines (509), with CRLF line terminators
Hash 2c30c55de7a6deb84b836a79444be5d8
cd6b640e6ccdd6f8282aa4ec1ea8974731b0dcfb
7260120d791b4b63749728911cea209dc5432411b1c5cff316f2c8543b8117bf
GET /yyhgg/sxgdpfgg.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: application/javascript
Last-Modified: Wed, 04 Jan 2023 04:03:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b4faab-def"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/yyhgg/shipinqiangg.js
46.3.166.200200 OK 581 B URL HTTP/1.1 www.ahruntang.com/yyhgg/shipinqiangg.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 64d107c31e6e46d61b4c7b2aa3e9768a
d3fbe536561bb47aaf9cfd9100a258dfe03bef75
f35b2f56dc6395976872bf308a202550efcea0c2ba9d5a3994322d131fa87eaa
GET /yyhgg/shipinqiangg.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Dec 2022 11:03:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ad73ff-800"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/css/mytheme-font.css
46.3.166.200200 OK 7.8 kB URL HTTP/1.1 www.ahruntang.com/static223/css/mytheme-font.css
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 (with BOM) text, with very long lines (30763), with CRLF line terminators
Hash 346a153baf425d5c625acbc7a1636b0f
2b79e9c580b8d4803938ae084e23563880cc34ef
89f0adcce7da72b11a25b101e19da0fa259c8eea8a83ea3a0f7902dd13264748
GET /static223/css/mytheme-font.css HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/css
Last-Modified: Thu, 17 Mar 2022 12:22:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327f8-78d5"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/js/tj.js
46.3.166.200404 Not Found 62 B URL HTTP/1.1 www.ahruntang.com/static223/js/tj.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type ASCII text, with no line terminators
Hash 21945f57deaf3f3f9b991498eea47c0a
8f17a4f3e661d2d05123efb1c0debaf4feb50921
f408b9c52c95e1a25e51a6cdd32032b52953cfd665d253c3ba3e395336a5087f
Analyzer Verdict Alert fortinet Malware
GET /static223/js/tj.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.ahruntang.com/static223/js/user.js
46.3.166.200200 OK 16 kB URL HTTP/1.1 www.ahruntang.com/static223/js/user.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 text, with very long lines (1156), with CRLF line terminators
Hash eebda990e6d8ce6d2c7567c969a7f058
defc2266bc5b6346053b9a35072f9c85814d338c
a3099d83eb2acc7be49961d0fe5a9c5055e4e20fa7bf9bc3d1505c47a1352aae
Analyzer Verdict Alert fortinet Malware
GET /static223/js/user.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Mar 2022 12:22:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327fc-113c6"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/css/mytheme-ui.css
46.3.166.200200 OK 8.8 kB URL HTTP/1.1 www.ahruntang.com/static223/css/mytheme-ui.css
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (1893), with CRLF line terminators
Hash e75f896a0b98215bc7509a6ab036e4d6
3c3cf6e00e5477664a9aa21349cdec45d80bde12
8efe653341c20fb3ce886e8c6d18b000cbe9468468860390d5f0a67b8064b51c
GET /static223/css/mytheme-ui.css HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/css
Last-Modified: Thu, 17 Mar 2022 12:22:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327f8-8b04"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/css/mytheme-site.css
46.3.166.200200 OK 2.7 kB URL HTTP/1.1 www.ahruntang.com/static223/css/mytheme-site.css
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 75b7bb98b77f11f3e22506e3af4abaed
3cec7a24ed6f714b165de61b35bf0e0eef7c7684
586083e8bef0f4ccdc12d0c0018b552ac205f797def3c3d2a25c4ab3b722409e
GET /static223/css/mytheme-site.css HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/css
Last-Modified: Thu, 17 Mar 2022 12:22:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327f8-2994"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/css/mytheme-share.css
46.3.166.200200 OK 481 B URL HTTP/1.1 www.ahruntang.com/static223/css/mytheme-share.css
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 641d3cbc6404014427a96b6d2e1e1acc
a2dc82616ed075fb60f4a8da6ddc4c49e288d741
fc016694b6e74e3807df5c912996226db2ff84415f76ed361490d3f93a89c7b4
GET /static223/css/mytheme-share.css HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/css
Last-Modified: Thu, 17 Mar 2022 12:22:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623327f8-694"
Expires: Sun, 08 Jan 2023 20:46:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.ahruntang.com/static223/picture/b3569e7ff05e95227d6436f10b777913.gif
46.3.166.200200 OK 9.1 kB URL HTTP/1.1 www.ahruntang.com/static223/picture/b3569e7ff05e95227d6436f10b777913.gif
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type GIF image data, version 89a, 125 x 45\012- data
Hash 48b66bbc2fca4f7f40af4fd8335abee2
5297d6f769b51e63f5c44c2056a7cbd6534a380c
a47011805154c0589e690e70f963cac8f0f2fd937f3362f45196d0c89fb4fe49
GET /static223/picture/b3569e7ff05e95227d6436f10b777913.gif HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: image/gif
Content-Length: 9115
Last-Modified: Thu, 17 Mar 2022 12:22:18 GMT
Connection: keep-alive
ETag: "623327fa-239b"
Expires: Tue, 07 Feb 2023 08:46:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.ahruntang.com/yyhgg/shouyeshang.html
46.3.166.200200 OK 4.2 kB URL HTTP/1.1 www.ahruntang.com/yyhgg/shouyeshang.html
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 279c0d43b6b20d2376f2f0959d3392f6
7aeefa43ebcaf4fa608f13549f3eb3f685839186
7b99650de8c748efd27c9a3fbb266ca82a0b7a8c1fa2346c53b363603cb58909
GET /yyhgg/shouyeshang.html HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/html
Last-Modified: Sat, 07 Jan 2023 11:35:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b95903-4208"
Content-Encoding: gzip
www.ahruntang.com/static223/js/theme/layer.css?v=3.1.1
46.3.166.200200 OK 37 kB URL HTTP/1.1 www.ahruntang.com/static223/js/theme/layer.css?v=3.1.1
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 62869e14aafe635093baf87b5bd11076
4dd26940d49f749559c5174f8c474595daa3fe33
961b115e33dd690dd9f5acdaa59977aa5b02e87605da9ab244292f91d10cdb23
Analyzer Verdict Alert fortinet Malware
GET /static223/js/theme/layer.css?v=3.1.1 HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/html
Content-Length: 37139
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
www.ahruntang.com/static223/js/tj.js
46.3.166.200404 Not Found 62 B URL HTTP/1.1 www.ahruntang.com/static223/js/tj.js
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type ASCII text, with no line terminators
Hash 21945f57deaf3f3f9b991498eea47c0a
8f17a4f3e661d2d05123efb1c0debaf4feb50921
f408b9c52c95e1a25e51a6cdd32032b52953cfd665d253c3ba3e395336a5087f
Analyzer Verdict Alert fortinet Malware
GET /static223/js/tj.js HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6f0eee44434ce303633bf7005d8aa6dd
1371d78342dbeadfe28047d1ae2e3a1994e167b2
60a37200246056f4712fc2878ab2e3c7992606d29c25e157b80145d532b34ac8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163897
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 08:46:48 GMT
Etag: "63ba6031-116"
Expires: Tue, 10 Jan 2023 06:18:25 GMT
Last-Modified: Sun, 08 Jan 2023 06:18:25 GMT
Server: nginx
Content-Length: 278
www.ahruntang.com/static223/images/play.png
46.3.166.200200 OK 2.5 kB URL HTTP/1.1 www.ahruntang.com/static223/images/play.png
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 10a11cc31a1fe5126ae5f1e359679cbb
7d30dcc97bb4aed52948a5b040b4fa63149a405e
82b4aac50bdda11a5069442a4a6f593f4f3debbc2a4499b919d61691301c5537
GET /static223/images/play.png HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/static223/css/mytheme-ui.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: image/png
Content-Length: 2457
Last-Modified: Thu, 17 Mar 2022 12:22:20 GMT
Connection: keep-alive
ETag: "623327fc-999"
Expires: Tue, 07 Feb 2023 08:46:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.ahruntang.com/static223/fonts/fontawesome-webfont.woff2
46.3.166.200200 OK 77 kB URL HTTP/1.1 www.ahruntang.com/static223/fonts/fontawesome-webfont.woff2
IP 46.3.166.200:0
ASN #141677 Nathosts Limited
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /static223/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: www.ahruntang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.ahruntang.com/static223/css/mytheme-font.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 08:46:48 GMT
Content-Type: font/woff2
Content-Length: 77160
Last-Modified: Thu, 17 Mar 2022 12:22:16 GMT
Connection: keep-alive
ETag: "623327f8-12d68"
Accept-Ranges: bytes
s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
172.67.69.40200 OK 9.2 kB URL HTTP/2 s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
IP 172.67.69.40:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /2022/05/21/zAxwCKkLnFjlaQ8.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 08:46:49 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Sat, 21 May 2022 11:42:12 GMT
etag: "6288d014-23ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhTnHRzW7v7rLdTkVsXJ6TEimk5lNTcxSZ1R2h0PcsRp9lkEBV6zz4ftdZoVMPEZ2A6OtCNhsdQZBEgNAdfKlfVBlPFCmaW5Yemr8YKMlmwQQemZrswG97R9VtKk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7863aa329dd9b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.85200 OK 396 kB URL HTTP/2 kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.85:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 396 kB (395600 bytes)
Hash 5155d4f34bc2f7e77b9fe8e854d9e96f
408ed373dd26d934ee70f30b0e47a9dc8049983f
db9f393331e2d56fe7da37b7822590b82524e2dde508848299877daeae1df3be
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: kzehh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 20 Dec 2022 23:20:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8c73194b247676a80d86714cba2447a4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: a-UpcKo3E_I7EKnaepAiU97LojqVemcsdqQO4B34v7STq3ryymYlpA==
age: 1589202
X-Firefox-Spdy: h2
kzehh.com/5b446fa07565d9dfcc1cc0ea5ee2c785.gif
13.227.254.85200 OK 393 kB URL HTTP/2 kzehh.com/5b446fa07565d9dfcc1cc0ea5ee2c785.gif
IP 13.227.254.85:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 393 kB (392629 bytes)
Hash 43dfaf26684a336a06f42a82c0fa0116
2ddf7452742361f303a35f0f3cef639aaa036bd0
450269ea249cb1aa54c78f9a6e4548022337737ea874bf9f3d89879510cc40aa
GET /5b446fa07565d9dfcc1cc0ea5ee2c785.gif HTTP/1.1
Host: kzehh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 392629
date: Wed, 21 Dec 2022 06:03:50 GMT
last-modified: Sat, 17 Dec 2022 11:51:38 GMT
etag: "43dfaf26684a336a06f42a82c0fa0116"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8c73194b247676a80d86714cba2447a4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6TdkSYMEUi79HO3lEerkkiaP_v3Fm2YDysW9_vJHEH2XeC0gS36z6Q==
age: 1564980
X-Firefox-Spdy: h2
de88deggtp.com/xinpujingtp/%E4%B8%8A%E9%97%A8.gif
23.224.145.234200 OK 75 kB URL HTTP/1.1 de88deggtp.com/xinpujingtp/%E4%B8%8A%E9%97%A8.gif
IP 23.224.145.234:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /xinpujingtp/%E4%B8%8A%E9%97%A8.gif HTTP/1.1
Host: de88deggtp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:50 GMT
Content-Type: image/gif
Content-Length: 75259
Connection: keep-alive
Last-Modified: Sat, 24 Dec 2022 11:03:11 GMT
ETag: "63a6dc6f-125fb"
Expires: Mon, 06 Feb 2023 11:08:20 GMT
Cache-Control: max-age=2592000
Server: qq.com
X-Cache-Status: HIT
Accept-Ranges: bytes
3p8801.co/xx/960-120.gif
107.148.202.17200 OK 255 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 255 kB (255334 bytes)
Hash c4ab06304c201b01386c41de236b8951
ee494b533c7a17da208eaf3fb745d0555a90b255
fa5b31c5fe077ff75d537b8548aab3ff9046bc27fd7445a4caae236a451ecff6
GET /xx/960-120.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 08:46:50 GMT
content-type: image/gif
content-length: 255334
last-modified: Mon, 02 Jan 2023 08:23:28 GMT
etag: "63b29480-3e566"
expires: Tue, 07 Feb 2023 08:46:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
104.110.17.24200 OK 489 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7609742
expires: Thu, 06 Apr 2023 10:35:53 GMT
date: Sun, 08 Jan 2023 08:46:51 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0104r12000ae3juw4D3BD.gif?proc=autoorient
104.110.17.24200 OK 451 kB URL HTTP/2 dimg04.c-ctrip.com/images/0104r12000ae3juw4D3BD.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 451 kB (451384 bytes)
Hash 5b13a7d4b4ab331a744ad13bc2c5c595
57967287f8f6c0df3a697f210f536b5cd41e9f8f
31d883620ce4ffd498d729455a6ffb8e9631c2074e039b92ad7aaf58a66aab44
GET /images/0104r12000ae3juw4D3BD.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 451384
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7619187
expires: Thu, 06 Apr 2023 13:13:18 GMT
date: Sun, 08 Jan 2023 08:46:51 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105j12000a16nl1n59E7.gif?proc=autoorient
104.110.17.24200 OK 477 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105j12000a16nl1n59E7.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /images/0105j12000a16nl1n59E7.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 477289
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=4253746
expires: Sun, 26 Feb 2023 14:22:37 GMT
date: Sun, 08 Jan 2023 08:46:51 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
13.227.254.30200 OK 391 kB URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP 13.227.254.30:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 391 kB (390953 bytes)
Hash f849b3b0e9c6fdb31c56074c38c5123c
78200f076e1512a0f4b6f56f37d9f7ad355f0ad7
f9d4b673a595159370aa060f5d8b025842504116efc5b85269129a6c02110f6c
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 390953
last-modified: Sat, 17 Dec 2022 12:33:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 08 Jan 2023 05:07:21 GMT
etag: "f849b3b0e9c6fdb31c56074c38c5123c"
x-cache: Hit from cloudfront
via: 1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: cGOrA2_xhu2ijmm0b-gXRmXm6YSNOxL8RxcW7i8xqWJuPtAt8MFrOw==
age: 43677
X-Firefox-Spdy: h2
de88deggtp.com/100tp/960x60.gif
23.224.145.234200 OK 456 kB URL HTTP/1.1 de88deggtp.com/100tp/960x60.gif
IP 23.224.145.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 456 kB (456396 bytes)
Hash 202f7e8882789aecd824a5d11a3d2550
0434fa09acb7451eaaf06fffe622e8f793a3d18e
a26f264cadabddc2fd0714f8c963ffe2b0ec2674dafe8cc7f759045eee907a71
GET /100tp/960x60.gif HTTP/1.1
Host: de88deggtp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:50 GMT
Content-Type: image/gif
Content-Length: 456396
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 09:29:40 GMT
ETag: "62b18f84-6f6cc"
Expires: Tue, 07 Feb 2023 03:22:03 GMT
Cache-Control: max-age=2592000
Server: qq.com
X-Cache-Status: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6f5cbc79ef8685a521d9095517f134ed
891ee91db221ce0b41c6d51bad2bcd2230aa8e12
d2ee362070972e2c0dc7ff179e42a121f3b066a37270e2a6802c77a15eecbb3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2EE362070972E2C0DC7FF179E42A121F3B066A37270E2A6802C77A15EECBB3D"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10366
Expires: Sun, 08 Jan 2023 11:39:37 GMT
Date: Sun, 08 Jan 2023 08:46:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4304ef19501c1cc9b2d310254feaf81e
d053589a078abf9c12dfca59b9f1295f5db3140a
540f60d7925b5f1c8f70a392f76b053f4d1a9b525c638ce3d54063d2f06d357e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540F60D7925B5F1C8F70A392F76B053F4D1A9B525C638CE3D54063D2F06D357E"
Last-Modified: Fri, 06 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17676
Expires: Sun, 08 Jan 2023 13:41:27 GMT
Date: Sun, 08 Jan 2023 08:46:51 GMT
Connection: keep-alive
kveww.com/99462c01e85acc1311bebac224df6cce.gif
13.227.254.95200 OK 845 kB URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP 13.227.254.95:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 845326
last-modified: Thu, 15 Dec 2022 01:49:18 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 07 Jan 2023 20:57:48 GMT
etag: "c3e13dfb200737af2e68b42c07f28465"
x-cache: Hit from cloudfront
via: 1.1 20bb709a751569d186bca51c132b4c86.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: uHt1PD7-F43_5-IKIp1NK02XfMmb0BYu1vIbtSi_eB8ZRmJATZN3xQ==
age: 42542
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9405307786bc96cb2e52eefc592db9d2
28373dec4edf8832b104f2d07fa101cf3ed3f218
780ae60c96c6311fc6ed39463b50e1043139cff45680494163d219a9a5625f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151685
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 08:46:51 GMT
Etag: "63ba3080-116"
Expires: Tue, 10 Jan 2023 02:54:56 GMT
Last-Modified: Sun, 08 Jan 2023 02:54:56 GMT
Server: nginx
Content-Length: 278
kvexx.com/03c3cb047014f05117117e4a924df90d.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/03c3cb047014f05117117e4a924df90d.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 08 Jan 2023 08:46:51 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash fb6ae5f1ed7db05f55f4aead3200f952
5edcbaac901928322d682e215f81b18271863192
cebaf66c54b3645892646625f62c5e18cd605a94e232871a0798a5970ee5bd85
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 07:04:55 GMT
ETag: "5edcbaac901928322d682e215f81b18271863192"
Last-Modified: Sun, 08 Jan 2023 07:04:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 446
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa455d9fb512-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11be5c428b166aca5badbed19b6b0eac
9c6dc71eb35dcd6a97ebcc991433245a1dc77755
dc4adc1e5632828b878235065b0944b79179b45e0cbc06c5834f7d46e371ab82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC4ADC1E5632828B878235065B0944B79179B45E0CBC06C5834F7D46E371AB82"
Last-Modified: Thu, 05 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12301
Expires: Sun, 08 Jan 2023 12:11:52 GMT
Date: Sun, 08 Jan 2023 08:46:51 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e144193d91379fe0dc46aaa5c1124e1b
10d815df31ec7cd0c6248b27f199be8179113ebd
611299f54e9c73fd3785d216ec962312b6ecda6543bdd321aabcdab7aea61bc6
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 05:48:08 GMT
ETag: "10d815df31ec7cd0c6248b27f199be8179113ebd"
Last-Modified: Sun, 08 Jan 2023 05:48:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2079
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa45bbaab52d-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e144193d91379fe0dc46aaa5c1124e1b
10d815df31ec7cd0c6248b27f199be8179113ebd
611299f54e9c73fd3785d216ec962312b6ecda6543bdd321aabcdab7aea61bc6
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 05:48:08 GMT
ETag: "10d815df31ec7cd0c6248b27f199be8179113ebd"
Last-Modified: Sun, 08 Jan 2023 05:48:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2079
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa45ee1bb512-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f17e133b507578252af591b0d430d369
47ca5cbce82cabc1282eede99c1a941eee1e5f9b
f7abbf74546a43401b524819974e6891fc55667a68740f4cbe3b02ca2877c524
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 13:55:31 GMT
Expires: Thu, 12 Jan 2023 13:55:30 GMT
Etag: "47ca5cbce82cabc1282eede99c1a941eee1e5f9b"
Cache-Control: max-age=363518,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7863aa45da6e0afa-OSL
fmlb.netlbtu.com/20210718/tX78YsB5/1.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/20210718/tX78YsB5/1.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /20210718/tX78YsB5/1.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/20210718/tX78YsB5/1.jpg
fmlb.netlbtu.com/20210924/CcM9488M/1.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/20210924/CcM9488M/1.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /20210924/CcM9488M/1.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/20210924/CcM9488M/1.jpg
fmlb.netlbtu.com/images/2022/01/19/hey5303.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2022/01/19/hey5303.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2022/01/19/hey5303.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2022/01/19/hey5303.jpg
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash fb6ae5f1ed7db05f55f4aead3200f952
5edcbaac901928322d682e215f81b18271863192
cebaf66c54b3645892646625f62c5e18cd605a94e232871a0798a5970ee5bd85
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 07:04:55 GMT
ETag: "5edcbaac901928322d682e215f81b18271863192"
Last-Modified: Sun, 08 Jan 2023 07:04:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 446
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa462c02b52d-OSL
fmlb.netlbtu.com/images/2021/9/7/heyzo3120.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/9/7/heyzo3120.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/9/7/heyzo3120.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/9/7/heyzo3120.jpg
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c59a4f64b68bc5fc328450550e06b9d6
5d272be326333d0acad0c242ad9243ad790b9dce
332dde4beb0f3a3ad62342aa234d6110a46776b70198ccc905c7245557622ae7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 03:24:58 GMT
Expires: Sat, 14 Jan 2023 03:24:57 GMT
Etag: "5d272be326333d0acad0c242ad9243ad790b9dce"
Cache-Control: max-age=498485,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7863aa4628c0b503-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash aec69695fd14bfd048020b6f00445553
add35b06ed0620b68424c3b873feb4ec5826a3ff
d6194f38bb885176b00d365c50161f9e0a58c7b83b9854079db793b52852605f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 13:54:29 GMT
Expires: Thu, 12 Jan 2023 13:54:28 GMT
Etag: "add35b06ed0620b68424c3b873feb4ec5826a3ff"
Cache-Control: max-age=363456,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7863aa462e5bb50b-OSL
kzeqq.com/17a571f5114b7fe07f3a8a84c49731c3.gif
88.99.102.224200 OK 570 kB URL HTTP/2 kzeqq.com/17a571f5114b7fe07f3a8a84c49731c3.gif
IP 88.99.102.224:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 960 x 60\012- data
Size 570 kB (570411 bytes)
Hash b4ba386b410ed3c8e88edc7863378408
e231d90073dfead323dcc5c92d63a5d3df81e2c5
b92eb16a1b399b10c529bb71aecf0d1cf458cc5544469ffa75c47c5f422f86da
GET /17a571f5114b7fe07f3a8a84c49731c3.gif HTTP/1.1
Host: kzeqq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 08:46:51 GMT
content-type: image/gif
content-length: 570411
last-modified: Fri, 30 Dec 2022 02:48:10 GMT
etag: "63ae516a-8b42b"
expires: Sun, 08 Jan 2023 20:46:51 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 55401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryY%2FdrZWEW%2Bh7DfokLPloMZXZtetV5w19FsXaACHQpSC07m6b%2BLU4SDAIbLIgbB56FNz7MLCfLE9zhcv6c9c54FPjr%2B%2F4K5ZqvN7qeGNFpGBITyBNxqW5ZhTV3xs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 781cbd5e4a7dc217-VIE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
z4a.net/images/2022/12/17/960x60.gif
104.21.234.234200 OK 320 kB URL HTTP/2 z4a.net/images/2022/12/17/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 320 kB (319606 bytes)
Hash 443ba779af0bf3944718aa7e4e2038a5
7054a327b7d5a805a510fab7bb2b35d5cd2ec9ca
1461a63340b84e5c64f250e3ca4d3153df4cf60a1226eb2107bf37c5cfcdd8ee
GET /images/2022/12/17/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 08:46:51 GMT
content-type: image/gif
content-length: 319606
expires: Sun, 17 Dec 2023 08:16:21 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1902630
last-modified: Sat, 17 Dec 2022 08:16:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOAuWJlLICrwpdanW3Q%2BGufjyBla1L7zSbtTYUCrXnIaeGOsbV773zPuDA3Cw0l4RPOnVp5UxAd%2FTw%2BQU4Vui8dBbIR7cJVjR30dkrNKdamHfBKgSv6oxNJF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7863aa45eb3ff3e7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ljcdn.comtucdncom.com/upload/vod/20190804-1/6b9afb95639b01d0bec54fa34720d754.jpg
45.89.209.74200 OK 14 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20190804-1/6b9afb95639b01d0bec54fa34720d754.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 2bc7aaf4340ac36e255a3c79f20f23c9
54ec9fac92067fd2896b15d0c5a73db672b7b064
389300d561a0e8a28c9efacae08eed05c6d49df58917680f032ce715ab9e8d4a
GET /upload/vod/20190804-1/6b9afb95639b01d0bec54fa34720d754.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: image/jpeg
Content-Length: 13538
Connection: keep-alive
Last-Modified: Sun, 04 Aug 2019 08:37:28 GMT
ETag: "5d469948-34e2"
Expires: Tue, 07 Feb 2023 08:40:18 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20190524-1/91c22f360d19da11541e60ee2c014e34.jpg
45.89.209.74200 OK 7.2 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20190524-1/91c22f360d19da11541e60ee2c014e34.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d912bb195f48f8bf0fe84dccd7e36aa6
ffa304d42c6f47409c3452bee6ad936edb579c91
0ead9d6eb3e7834adc68772f14153d676e25378179f45931f537725afbcce9e1
GET /upload/vod/20190524-1/91c22f360d19da11541e60ee2c014e34.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: image/jpeg
Content-Length: 7241
Connection: keep-alive
Last-Modified: Sun, 07 Jul 2019 08:42:16 GMT
ETag: "5d21b068-1c49"
Expires: Tue, 07 Feb 2023 08:40:18 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20200317-1/b0718142cfc2cd6acaf83004a3f0e17b.jpg
45.89.209.74200 OK 8.6 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20200317-1/b0718142cfc2cd6acaf83004a3f0e17b.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 7df21fcde44457abc2d8d2f060d0347e
501e920816044520672b9430e6ea1c37f50db730
d51a6427e07230f487cfec2cecc95773544a85f6507bdfd3aa553f6270888644
GET /upload/vod/20200317-1/b0718142cfc2cd6acaf83004a3f0e17b.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: image/jpeg
Content-Length: 8591
Connection: keep-alive
Last-Modified: Tue, 17 Mar 2020 02:09:16 GMT
ETag: "5e70314c-218f"
Expires: Tue, 07 Feb 2023 08:40:18 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20190526-1/d5c15cf4e2ef39e1a788b1951671332b.jpg
45.89.209.74200 OK 6.0 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20190526-1/d5c15cf4e2ef39e1a788b1951671332b.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 4249d806ef8f56a8292baf297b30cd38
a05f293bd811579c295e58c1edcef3145c04c4b4
42ac9cdf432aff6c61afb6de278dcce65cfb44e042435a30089f51cbc50daf9e
GET /upload/vod/20190526-1/d5c15cf4e2ef39e1a788b1951671332b.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: image/jpeg
Content-Length: 6000
Connection: keep-alive
Last-Modified: Sun, 07 Jul 2019 08:42:42 GMT
ETag: "5d21b082-1770"
Expires: Tue, 07 Feb 2023 08:40:18 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 48c13eed88fd2c15839fe3ce5de06d5a
549da1ced2ad0ef7ad2aca3648588483698976a0
9c3564810bf1aaf0e40fecf251d673036f666f98e013168160f83b4d2a78c7e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 15:19:39 GMT
Expires: Sat, 14 Jan 2023 15:19:38 GMT
Etag: "549da1ced2ad0ef7ad2aca3648588483698976a0"
Cache-Control: max-age=541366,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7863aa4648fdb527-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1e0734110990f15e5c6daefb42169c85
8793ed207f9513b30f623915c6d8b5f20cc7f7b9
028f06974c35241dc81c577a1b8aaf44608718b6ac69c5a9f992067f9a99c0c7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:29:28 GMT
ETag: "8793ed207f9513b30f623915c6d8b5f20cc7f7b9"
Last-Modified: Sun, 08 Jan 2023 06:29:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa45db58b506-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1e0734110990f15e5c6daefb42169c85
8793ed207f9513b30f623915c6d8b5f20cc7f7b9
028f06974c35241dc81c577a1b8aaf44608718b6ac69c5a9f992067f9a99c0c7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:29:28 GMT
ETag: "8793ed207f9513b30f623915c6d8b5f20cc7f7b9"
Last-Modified: Sun, 08 Jan 2023 06:29:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa45dde4b4f7-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1e0734110990f15e5c6daefb42169c85
8793ed207f9513b30f623915c6d8b5f20cc7f7b9
028f06974c35241dc81c577a1b8aaf44608718b6ac69c5a9f992067f9a99c0c7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:29:28 GMT
ETag: "8793ed207f9513b30f623915c6d8b5f20cc7f7b9"
Last-Modified: Sun, 08 Jan 2023 06:29:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa462925fac0-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1e0734110990f15e5c6daefb42169c85
8793ed207f9513b30f623915c6d8b5f20cc7f7b9
028f06974c35241dc81c577a1b8aaf44608718b6ac69c5a9f992067f9a99c0c7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:29:28 GMT
ETag: "8793ed207f9513b30f623915c6d8b5f20cc7f7b9"
Last-Modified: Sun, 08 Jan 2023 06:29:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa462d19fab4-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44ff1680fcae5ad9373923c60bd2589a
9f1ad123747db9afb999618840331ae0a5ad9643
e3b537086a577e81df4f4b500e69ac16786564f62da7c0af8c6fc28355ce07ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E3B537086A577E81DF4F4B500E69AC16786564F62DA7C0AF8C6FC28355CE07EE"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 08 Jan 2023 14:46:52 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
sz88.oss-cn-shenzhen.aliyuncs.com/960x80x.gif
120.77.166.72200 OK 617 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/960x80x.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 617 kB (616551 bytes)
Hash c7d5af41a71e7915dd3c695f4d92cb8b
63f42eb3bce47701db934e60bc0dad360bb1b57b
a6b8233eceb265b139102f0f885627e3c7294ac640c2b83b80467e879d1f5679
GET /960x80x.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 08 Jan 2023 08:46:50 GMT
Content-Type: image/gif
Content-Length: 616551
Connection: keep-alive
x-oss-request-id: 63BA82FA81477F353958356F
Accept-Ranges: bytes
ETag: "C7D5AF41A71E7915DD3C695F4D92CB8B"
Last-Modified: Wed, 01 Jun 2022 07:49:09 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2846388596987969293
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: x9WvQaceeRXdPGlfTZLLiw==
x-oss-server-time: 2
ljcdn.comtucdncom.com/upload/vod/20191014-1/ca8ecea3158357849a333c276778c43b.jpg
45.89.209.74200 OK 34 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20191014-1/ca8ecea3158357849a333c276778c43b.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 795x446, components 3\012- data
Hash 3c207dd176cf67e3f3fafb80e26ff08b
d3c1762daebfb74ff44c619fdb1ad8d3b4b0b953
b1899282d9cc2f1714fd8257550cfa5ee3fb5d8499224aeeb25bf19699d0ebd0
GET /upload/vod/20191014-1/ca8ecea3158357849a333c276778c43b.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ahruntang.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:40 GMT
Content-Type: image/jpeg
Content-Length: 33562
Connection: keep-alive
Last-Modified: Mon, 14 Oct 2019 02:44:12 GMT
ETag: "5da3e0fc-831a"
Expires: Tue, 07 Feb 2023 08:40:18 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44ff1680fcae5ad9373923c60bd2589a
9f1ad123747db9afb999618840331ae0a5ad9643
e3b537086a577e81df4f4b500e69ac16786564f62da7c0af8c6fc28355ce07ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E3B537086A577E81DF4F4B500E69AC16786564F62DA7C0AF8C6FC28355CE07EE"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 08 Jan 2023 14:46:52 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44ff1680fcae5ad9373923c60bd2589a
9f1ad123747db9afb999618840331ae0a5ad9643
e3b537086a577e81df4f4b500e69ac16786564f62da7c0af8c6fc28355ce07ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E3B537086A577E81DF4F4B500E69AC16786564F62DA7C0AF8C6FC28355CE07EE"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 08 Jan 2023 14:46:52 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44ff1680fcae5ad9373923c60bd2589a
9f1ad123747db9afb999618840331ae0a5ad9643
e3b537086a577e81df4f4b500e69ac16786564f62da7c0af8c6fc28355ce07ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E3B537086A577E81DF4F4B500E69AC16786564F62DA7C0AF8C6FC28355CE07EE"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7801
Expires: Sun, 08 Jan 2023 10:56:53 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash aca485b04f2ea31838cd0f7f662a6c21
16f7aa59b1176d73481ac0cfcda1f3accfd648cf
bbf829225ba66b68e1c679e58692d3606fefd8ba573888c84d1749c27a5f9479
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:26:28 GMT
ETag: "16f7aa59b1176d73481ac0cfcda1f3accfd648cf"
Last-Modified: Sun, 08 Jan 2023 06:26:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 858
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa4858dab512-OSL
sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
120.77.166.72200 OK 394 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 394 kB (394237 bytes)
Hash 03123a07739f511b3306d13415cd72b1
6dbf38767657a15b922e4d153f46fe4829e012cb
72b3fa6461c39eace9c154e56b66b437457ecde50ae7c615cd923e442d058cdd
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 08 Jan 2023 08:46:50 GMT
Content-Type: image/gif
Content-Length: 394237
Connection: keep-alive
x-oss-request-id: 63BA82FAE0DCB93538ED8A5C
Accept-Ranges: bytes
ETag: "03123A07739F511B3306D13415CD72B1"
Last-Modified: Tue, 20 Dec 2022 14:44:22 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13376170837400656090
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: AxI6B3OfURszBtE0Fc1ysQ==
x-oss-server-time: 1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcea7363308d77e9429fc5365754d11e
af0727048f91568bddb62f1fe213141bc2ca0389
9c419fffbf1e0fcc5cf6d26a2a8250f34bafad0da8c03f2699f73c30e7f0193b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C419FFFBF1E0FCC5CF6D26A2A8250F34BAFAD0DA8C03F2699F73C30E7F0193B"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4470
Expires: Sun, 08 Jan 2023 10:01:22 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.55200 OK 409 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.55:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 409 kB (408644 bytes)
Hash bcfbb4b0078b03be1636d20ac5102ff1
e18886f1cbf23adf9188bc82aa0961afe6e91f11
d3b834351a460b41f249d0b69b008860b7ecbe6f2c916bf30778826239e5f7b5
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 08 Jan 2023 08:46:50 GMT
Content-Type: image/gif
Content-Length: 408644
Connection: keep-alive
x-oss-request-id: 63BA82FADA8A7930300CCB14
Accept-Ranges: bytes
ETag: "BCFBB4B0078B03BE1636D20AC5102FF1"
Last-Modified: Fri, 30 Dec 2022 05:27:28 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9529281951725548429
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDC4P.FqxgiIDdlNzBlMDIzMGE1ZDQwZmY5YTBiNTkxM2I2MDQwOWZk
Content-MD5: vPu0sAeLA74WNtIKxRAv8Q==
x-oss-server-time: 1
ads-6686.top/960-60.gif
123.253.107.70200 OK 381 kB IP 123.253.107.70:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 381 kB (380774 bytes)
Hash d5b19fab300b34d93648b77ba1e87205
eabcc33b82a978d851b9af1337fc656a70f23c2f
e7cce7f77395b75187261e079f448c4b9de06f62f42ca0d2b87662efe80ea69b
GET /960-60.gif HTTP/1.1
Host: ads-6686.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: load-edge/2.1.1
date: Sun, 08 Jan 2023 08:46:51 GMT
content-type: image/gif
content-length: 380774
last-modified: Tue, 20 Dec 2022 08:28:12 GMT
etag: "63a1721c-5cf66"
strict-transport-security: max-age=31536000
lp-geo: edge-gxr4
lp-addr: 91.90.42.154
lp-request: afb324ea-65dd-4547-95c8-fa97c2462799
lp-id: 5fd3f7637c8b93b1b65a152ae345daa7
expires: Sun, 08 Jan 2023 08:51:51 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5401
Expires: Sun, 08 Jan 2023 10:16:53 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e607284b73cbf5dc704029e425139e5f
d6e0feb453a44ae8aa6f0f062b77a267834fc085
09da45b54d568f7d3d4191af28b8157efba46e047ef074b728224d34bfd4a63d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:01:48 GMT
ETag: "d6e0feb453a44ae8aa6f0f062b77a267834fc085"
Last-Modified: Sun, 08 Jan 2023 06:01:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2595
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa495b1cfac4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e607284b73cbf5dc704029e425139e5f
d6e0feb453a44ae8aa6f0f062b77a267834fc085
09da45b54d568f7d3d4191af28b8157efba46e047ef074b728224d34bfd4a63d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:01:48 GMT
ETag: "d6e0feb453a44ae8aa6f0f062b77a267834fc085"
Last-Modified: Sun, 08 Jan 2023 06:01:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2595
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa4958b8b4ee-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e607284b73cbf5dc704029e425139e5f
d6e0feb453a44ae8aa6f0f062b77a267834fc085
09da45b54d568f7d3d4191af28b8157efba46e047ef074b728224d34bfd4a63d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 12 Jan 2023 06:01:48 GMT
ETag: "d6e0feb453a44ae8aa6f0f062b77a267834fc085"
Last-Modified: Sun, 08 Jan 2023 06:01:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2595
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa4978fcb4ed-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 00037ae1800479e30f0d63064c4e8817
84e0b1dd4d083ca6596ee16954993b57497338e0
f227115156d5347fc632d15455694c1fa91fbfa5cdedcaef6e0b3e9634ff0d02
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 12 Jan 2023 07:11:25 GMT
ETag: "84e0b1dd4d083ca6596ee16954993b57497338e0"
Last-Modified: Sun, 08 Jan 2023 07:11:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 169
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7863aa497ffbb50c-OSL
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
13.227.254.94200 OK 507 kB URL HTTP/1.1 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 13.227.254.94:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 507 kB (506851 bytes)
Hash 720e80d2a7ff4cf1bbf0b1608c2f35de
bf0a987ac8d4c7728171fe41e5c45b61b45a2f73
e177aeb64efe8103f8af0afc0a768394d970bbe60edcf103a083d56b915c18b1
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:08:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 07 Jan 2023 21:22:21 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: -Bndkm_Cz70XDWeudV8acvq_78PdQUOHPXPtCmjSm2l1FW65oH_BDQ==
Age: 61269
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dac28e7cc00df41b65ea8f6d6495787f
56936bc861daeee07f1ce34bca9902c809ca0974
9990c23ac7609792264b865bb8923f5da8a0c9af63fbd83eeb43a80ced84861b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9990C23AC7609792264B865BB8923F5DA8A0C9AF63FBD83EEB43A80CED84861B"
Last-Modified: Fri, 06 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4177
Expires: Sun, 08 Jan 2023 09:56:29 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b87931-1da2-4c32-a7a2-e37c7524d5a7.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b87931-1da2-4c32-a7a2-e37c7524d5a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23662a8e73c232630a76aea836878b27
e3803da17cfb2f7ba3d264386270af553e047aab
fbbcc8fba298324ef1d956a2918b597c780e8e66f806e71a55e449b4ae5030ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b87931-1da2-4c32-a7a2-e37c7524d5a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5568
x-amzn-requestid: 48ec5deb-e900-4f2f-8fb6-d899c150ee3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDwlGuioAMFiwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e669-6000f61d0ec95d9e6ac77fc1;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1KbjHwLNb6oIY_-_yrIS7uVDSrcyYN4VWBgWHklkPksegNLu8L7yZw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:53:43 GMT
age: 39189
etag: "e3803da17cfb2f7ba3d264386270af553e047aab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff46c6dc4-4e33-494e-b1dd-d2da59accb42.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff46c6dc4-4e33-494e-b1dd-d2da59accb42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b9822ea0495a55cff2c979c1abf85e9
67f2888ed156e249c97ba1fe12df18c850b7c019
94c9114c3b17c2ecc5783c3da644b2cdd9eb83ae8cd705e78a99bc4d5a5e9514
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff46c6dc4-4e33-494e-b1dd-d2da59accb42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6455
x-amzn-requestid: 758a4992-bb36-41ca-8152-7b1497319108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDxEFraIAMFYjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e66d-458a3fc7350017c32a591ee0;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: h6txsv3ugb5bvJFyNil78fwaoYyhrAaNiYqE-3ALMRFcj4hFJE6G9g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 22:08:05 GMT
age: 38327
etag: "67f2888ed156e249c97ba1fe12df18c850b7c019"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash aec69695fd14bfd048020b6f00445553
add35b06ed0620b68424c3b873feb4ec5826a3ff
d6194f38bb885176b00d365c50161f9e0a58c7b83b9854079db793b52852605f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 13:54:29 GMT
Expires: Thu, 12 Jan 2023 13:54:28 GMT
Etag: "add35b06ed0620b68424c3b873feb4ec5826a3ff"
Cache-Control: max-age=363455,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7863aa462db6b4fd-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: H3uGFYbyPSwFZQCvn99EtVQw1Xz9DBbTgrK2FmfoKYBcZXkj60CbuQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 13:36:28 GMT
age: 69024
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
13.227.254.40200 OK 566 kB URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 13.227.254.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 565615
last-modified: Mon, 19 Dec 2022 09:06:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 08 Jan 2023 06:56:27 GMT
etag: "6a2c609ad0c46bb1b8d9cd39eacde625"
x-cache: Hit from cloudfront
via: 1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: OGjSxOV85pySIWz0noAYhgqVN12BE5Ubg3bTLjwWqPShScqfh-nenw==
age: 44354
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30c53ae078b112f7186e910c38898233
d3c58c28f0734f98bed64a26ede077464c3ad3f2
8f7dd1cf9f1472468a7caaf67a8f9c15bfe8836badcfb3249a9a8a7a6c3c0533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13787
x-amzn-requestid: 2598b4fe-a032-47d7-8e6c-cfdcfbe9d64a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDvYE35IAMF1Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e662-574eb7370aac63dd531d6b75;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hoqjdZug31XPMxkMVZ0LWQsA62rGeP8GYXr-pe9rmkmzlGKeGSkNFQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:51:20 GMT
age: 39332
etag: "d3c58c28f0734f98bed64a26ede077464c3ad3f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d3cba9f7dc8d49b821205947614e5ca1
4dd0407c30d72561d1fe3fb64b774a664c059f8b
90287de0996611b71b22635ebba4af787871b897bbd8eeb0420f49eea8a2f465
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 17:33:17 GMT
Expires: Fri, 13 Jan 2023 17:33:16 GMT
Etag: "4dd0407c30d72561d1fe3fb64b774a664c059f8b"
Cache-Control: max-age=462983,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7863aa49ecd6b503-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc647e729-b53f-49f8-a6ab-2ce5f8545fb6.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc647e729-b53f-49f8-a6ab-2ce5f8545fb6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72302799dca34901be4db1c732277abb
34c149aa1986ba9bbefeddae4f19ff58f4b5093b
f017823817627b30cc424f10babc7cea1470158788026a06ef537435bf7d495c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc647e729-b53f-49f8-a6ab-2ce5f8545fb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6536
x-amzn-requestid: 231fb617-4d68-4069-9627-135017be4a93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDufFHeIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65c-53903c7d05368c07629f4156;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CgCLMZPEe18AbIV0uxNOAC2kvwDiy-myo9Q103jA2IS-l0ANK0_EhQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:42:39 GMT
age: 39853
etag: "34c149aa1986ba9bbefeddae4f19ff58f4b5093b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2abe0388f11bae93f827a971bd29802
a57915c3b8388bc23c3a677ba12cc0525d949c2c
d23c15ca723fe73f6893703c7d1830034182fb1c9c620837313774c62368fa06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10544
x-amzn-requestid: 04bdd2a7-b3dd-434b-833c-7101a1da9da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDy1E_goAMFmgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e678-3468e4a9174280c146f28962;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eRS6IJNRzjavNsFqQVAtknTprnuBQwa6NyW5hXr8gFQvqiI9h8VGRw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:58:04 GMT
age: 38928
etag: "a57915c3b8388bc23c3a677ba12cc0525d949c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.39200 OK 864 kB URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.39:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 08 Jan 2023 06:22:36 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: tcep716xTAVLNk2BN1sXaZBXWy5cdGAtxBqON7E4x43o7J9Zv_hPZg==
age: 8656
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 5e9ff0e785fcce74d2e4122fdeb003bd
4436709a415b42ed66effd12eec71a7075ab1c16
fdc0148a42c5de2bac86b9ff58e0b10e1f1081005fcf171d9d990b3e3cf7c443
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 5c6c9ecf-d3d0-46a7-bd46-bc3c7036238c
Content-Length: 1701
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash e322a5a96a1743991ff8ecfa5d080b19
2a63671ff5749755d18263b724c4cc8f1cdc87a8
62c0c246d640ecb6638d863ece1c7da5f74b67e495a86d843c0320475b628c35
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: aa1fe425-7142-4482-9c34-6f36fca50da9
Content-Length: 1701
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 03e439358dfb308eb9a23a35dab43a82
5e7a43907060699b832db92ee613e8aea316d80a
5aa88e56b22ad65aab76da1e8944ee83ed6357bc6171e47b32ee0b623f1a6ffe
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: e175c50b-2078-4943-a4b2-e8e3b829d8bc
Content-Length: 1701
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash e322a5a96a1743991ff8ecfa5d080b19
2a63671ff5749755d18263b724c4cc8f1cdc87a8
62c0c246d640ecb6638d863ece1c7da5f74b67e495a86d843c0320475b628c35
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: f7ecc93b-a561-4134-8977-48ac0fe1e5ed
Content-Length: 1701
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash afc4012e946170ece7d1c73ec11321c3
3c650677fcac1c457635736032e77376d4d2932d
32ef2cde5ca842d84ab1f784f9e2774614fa3fad2959de9c10381fd97ce2f83e
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 7d87cae9-8553-4d11-b25a-86791d481b23
Content-Length: 1701
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 9d7cf6ee9868c4540852dfbc72f54d8e
f9e82bfa07c13f4439442edf3d03fd8418f08041
07db48f8ae0fe9bb1b283dbcb0fef5886bdb62a40a29e138b6b6051f7b22ed5e
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=545
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 9d7cf6ee9868c4540852dfbc72f54d8e
f9e82bfa07c13f4439442edf3d03fd8418f08041
07db48f8ae0fe9bb1b283dbcb0fef5886bdb62a40a29e138b6b6051f7b22ed5e
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=57
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 9d7cf6ee9868c4540852dfbc72f54d8e
f9e82bfa07c13f4439442edf3d03fd8418f08041
07db48f8ae0fe9bb1b283dbcb0fef5886bdb62a40a29e138b6b6051f7b22ed5e
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=127
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 9d7cf6ee9868c4540852dfbc72f54d8e
f9e82bfa07c13f4439442edf3d03fd8418f08041
07db48f8ae0fe9bb1b283dbcb0fef5886bdb62a40a29e138b6b6051f7b22ed5e
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=165
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 9d7cf6ee9868c4540852dfbc72f54d8e
f9e82bfa07c13f4439442edf3d03fd8418f08041
07db48f8ae0fe9bb1b283dbcb0fef5886bdb62a40a29e138b6b6051f7b22ed5e
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=142
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbc83e11b27e91e15dc06bcfd2541ec9
e79884e807cec972366a6746aee8d530f08901c6
8ba1bac283b3befe77f42e8323e3172ba942c3e7c08339cd22e7a9f0ab5f6858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BA1BAC283B3BEFE77F42E8323E3172BA942C3E7C08339CD22E7A9F0AB5F6858"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9273
Expires: Sun, 08 Jan 2023 11:21:25 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbc83e11b27e91e15dc06bcfd2541ec9
e79884e807cec972366a6746aee8d530f08901c6
8ba1bac283b3befe77f42e8323e3172ba942c3e7c08339cd22e7a9f0ab5f6858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BA1BAC283B3BEFE77F42E8323E3172BA942C3E7C08339CD22E7A9F0AB5F6858"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9273
Expires: Sun, 08 Jan 2023 11:21:25 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbc83e11b27e91e15dc06bcfd2541ec9
e79884e807cec972366a6746aee8d530f08901c6
8ba1bac283b3befe77f42e8323e3172ba942c3e7c08339cd22e7a9f0ab5f6858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BA1BAC283B3BEFE77F42E8323E3172BA942C3E7C08339CD22E7A9F0AB5F6858"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9273
Expires: Sun, 08 Jan 2023 11:21:25 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbc83e11b27e91e15dc06bcfd2541ec9
e79884e807cec972366a6746aee8d530f08901c6
8ba1bac283b3befe77f42e8323e3172ba942c3e7c08339cd22e7a9f0ab5f6858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BA1BAC283B3BEFE77F42E8323E3172BA942C3E7C08339CD22E7A9F0AB5F6858"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9273
Expires: Sun, 08 Jan 2023 11:21:25 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbc83e11b27e91e15dc06bcfd2541ec9
e79884e807cec972366a6746aee8d530f08901c6
8ba1bac283b3befe77f42e8323e3172ba942c3e7c08339cd22e7a9f0ab5f6858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BA1BAC283B3BEFE77F42E8323E3172BA942C3E7C08339CD22E7A9F0AB5F6858"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9273
Expires: Sun, 08 Jan 2023 11:21:25 GMT
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
13.227.254.86200 OK 919 kB URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 13.227.254.86:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 918679
last-modified: Mon, 19 Dec 2022 07:54:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 07 Jan 2023 19:56:00 GMT
etag: "956582dd3aa22ca9b19bdd1d5e091e24"
x-cache: Hit from cloudfront
via: 1.1 55c8386ba54fbe8ac7d89b90344d4344.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: ullZ3HipVMRGU2Mz6fMhPQTqhvWbSzLQ0ETsAfwCUTrKqcPF9rr4sw==
age: 73789
X-Firefox-Spdy: h2
6617398ccc.com/95128b772cae4720abf92e497051ddab.gif
45.61.212.223200 OK 604 kB URL HTTP/1.1 6617398ccc.com/95128b772cae4720abf92e497051ddab.gif
IP 45.61.212.223:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 604 kB (603987 bytes)
Hash 23949104e338cb795b2e13fa2f5a2247
466467d793d47e13999b5a3b0d8f3ff5fd980d93
871b665b13f515dec19211e8f88f5b03d1bca8ae5fd317d67c72630a748605a3
Analyzer Verdict Alert quad9 Sinkholed
GET /95128b772cae4720abf92e497051ddab.gif HTTP/1.1
Host: 6617398ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63aad950-93753"
Date: Thu, 05 Jan 2023 19:24:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 27 Dec 2022 11:38:56 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-23
Content-Length: 603987
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 8e79e7fcf38ce91bb1a21aa45e01fbef
2c3345a1c17c43e093049006828deb3bc3161ddd
7ce6213e1921921b216fae103c80fe19fcb946db20b53e8d6ba5f7510188b5a0
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=275
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 8e79e7fcf38ce91bb1a21aa45e01fbef
2c3345a1c17c43e093049006828deb3bc3161ddd
7ce6213e1921921b216fae103c80fe19fcb946db20b53e8d6ba5f7510188b5a0
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=275
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
n0544.com/2aaa45651a8a4dbaa1a883cd38ad7461.gif
20.222.36.87200 OK 216 kB URL HTTP/1.1 n0544.com/2aaa45651a8a4dbaa1a883cd38ad7461.gif
IP 20.222.36.87:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 216 kB (215902 bytes)
Hash 153a7dac1d2bfce1349134956b3f408f
9e91fdc5f2052de208a86e18c10eca1a251e3906
907675e7b39a2cc587985b82e12f9b7da60d395aa62b23214fe9d265c62df0bb
GET /2aaa45651a8a4dbaa1a883cd38ad7461.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 04 Jan 2023 10:06:38 GMT
ETag: W/"63b54fae-54d22"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
fmlb.netlbtu.com/upload/vod/2022/06-21/09/b5taeklrqj10924b5taeklrqj1384598.jpg
45.89.209.74200 OK 7.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/06-21/09/b5taeklrqj10924b5taeklrqj1384598.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 54a7dc855d4b4c1cfee78aaf4fbda51e
6379550112f2a06c3a134a64fd3f88d9541b72b9
8fd38d7ba2fa0fb5330bdb67b62537d9fc56de90901f6b3ca6dfd21a3114349e
GET /upload/vod/2022/06-21/09/b5taeklrqj10924b5taeklrqj1384598.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 7049
Last-Modified: Fri, 25 Nov 2022 12:37:18 GMT
Connection: keep-alive
ETag: "6380b6fe-1b89"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-14/18/uhdgxe4tsz41808uhdgxe4tsz4417142.jpg
45.89.209.74200 OK 6.2 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-14/18/uhdgxe4tsz41808uhdgxe4tsz4417142.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 4675dd39819075962762fa24664a3a28
23a134331ca7272e7510ae5ff62f3d79d934d203
464d85f0bc42c91200dc2b178f020d63b26b5403a99eacab290c80f46107a562
GET /upload/vod/2020/04-14/18/uhdgxe4tsz41808uhdgxe4tsz4417142.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 6197
Last-Modified: Fri, 25 Nov 2022 12:41:17 GMT
Connection: keep-alive
ETag: "6380b7ed-1835"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/03-28/12/mjfz31vfaz31205mjfz31vfaz3042506.jpg
45.89.209.74200 OK 9.1 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/03-28/12/mjfz31vfaz31205mjfz31vfaz3042506.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0a037c6f79d62b01acb2f28465833aec
95a173dfc0c2ea0535678824bb3d071250eaef4a
10f4f2f6aa04fd57343ab9f980b601704f4c3379e9e7cc86f2a3d7e1c0d84abb
GET /upload/vod/2020/03-28/12/mjfz31vfaz31205mjfz31vfaz3042506.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 9121
Last-Modified: Fri, 25 Nov 2022 12:42:12 GMT
Connection: keep-alive
ETag: "6380b824-23a1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/05-21/15/wnryo11dqmq1550wnryo11dqmq512337.jpg
45.89.209.74200 OK 9.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/05-21/15/wnryo11dqmq1550wnryo11dqmq512337.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 1efe020fdf016e408c3ebd4c9772f9f5
f61608da04bf58e41a1624b152c8cd284f32540b
9e9abf8ffacb4725c60a5de296efe9086d2c0cd571002ed59d70e2935eecff38
GET /upload/vod/2022/05-21/15/wnryo11dqmq1550wnryo11dqmq512337.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 9837
Last-Modified: Fri, 25 Nov 2022 12:36:24 GMT
Connection: keep-alive
ETag: "6380b6c8-266d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash d9c813c35d9d36176aa540f045d5181d
395791ae087209f9a0eae13efbba13967b371697
5dcb52eef43b1017c4a632f27f34d664670580a59c5845172b513e797158c0ac
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=869
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash d9c813c35d9d36176aa540f045d5181d
395791ae087209f9a0eae13efbba13967b371697
5dcb52eef43b1017c4a632f27f34d664670580a59c5845172b513e797158c0ac
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=843
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 78140ddc78cc72ca578787d0ac1c84ff
5cc7ac6c747be56b40d7808eee6c1b4f984bd287
960b32053c13178ca00bd1274ae8a8b2507affcd98b082eb00c09803b0716cd9
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=846
Date: Sun, 08 Jan 2023 08:46:52 GMT
Connection: keep-alive
X-N: S
fmlb.netlbtu.com/upload/vod/2020/05-22/00/wyaqg1vsqwf0002wyaqg1vsqwf154059.jpg
45.89.209.74200 OK 7.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/05-22/00/wyaqg1vsqwf0002wyaqg1vsqwf154059.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7d3baad4d57064995432f72c3b6641c6
fe76db747d4ab64c7f638de0029996790ddbb96e
988fd201ce03abb82266ad0d35e3416174881320652f33777bd0248f10a388d4
GET /upload/vod/2020/05-22/00/wyaqg1vsqwf0002wyaqg1vsqwf154059.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 7765
Last-Modified: Fri, 25 Nov 2022 12:41:04 GMT
Connection: keep-alive
ETag: "6380b7e0-1e55"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 196867af767aadede81c81ad3f0329a0
273892bcfbe37cbb6c2bcca34130eb188ea6952b
153d38763c40864b51ed5abb02468add21415733bfd79b9a8089b9c362a13c47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "153D38763C40864B51ED5ABB02468ADD21415733BFD79B9A8089B9C362A13C47"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Sun, 08 Jan 2023 09:35:03 GMT
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2020/03-28/18/flaahmiss0c1802flaahmiss0c373012.jpg
45.89.209.74200 OK 25 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/03-28/18/flaahmiss0c1802flaahmiss0c373012.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash ea47161cd2eb60c060f052c5d50a59fb
a4060fa027cae3c2b28c69d5dc0a9370922e9afd
ab549afbaebe33a6541c49a475810f279fd173d870a7ebf1d3d2897f476d8d9f
GET /upload/vod/2020/03-28/18/flaahmiss0c1802flaahmiss0c373012.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 24737
Last-Modified: Fri, 25 Nov 2022 12:42:57 GMT
Connection: keep-alive
ETag: "6380b851-60a1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 7b0bc15d58bc6b15433951567e2b5bd2
5d099fcaaf25274d63449ba213143326dfbff1e5
ccf29c27b0a25262aeb031e311e407b1a39e5a5b8ac9d90f3292ec2698432d9d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=799
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 196867af767aadede81c81ad3f0329a0
273892bcfbe37cbb6c2bcca34130eb188ea6952b
153d38763c40864b51ed5abb02468add21415733bfd79b9a8089b9c362a13c47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "153D38763C40864B51ED5ABB02468ADD21415733BFD79B9A8089B9C362A13C47"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Sun, 08 Jan 2023 09:35:03 GMT
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 196867af767aadede81c81ad3f0329a0
273892bcfbe37cbb6c2bcca34130eb188ea6952b
153d38763c40864b51ed5abb02468add21415733bfd79b9a8089b9c362a13c47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "153D38763C40864B51ED5ABB02468ADD21415733BFD79B9A8089B9C362A13C47"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Sun, 08 Jan 2023 09:35:03 GMT
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
223969ufy.com/1c8f6ace873c45fd92730a2016b71a0c..gif
103.170.15.92200 OK 423 kB URL HTTP/1.1 223969ufy.com/1c8f6ace873c45fd92730a2016b71a0c..gif
IP 103.170.15.92:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 423 kB (422791 bytes)
Hash bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4
GET /1c8f6ace873c45fd92730a2016b71a0c..gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9155-67387"
Date: Sat, 31 Dec 2022 03:29:13 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:22:45 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Length: 422791
hm.baidu.com/hm.js?38ffe2b45b21b14b36d7b49e562ccdf6
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?38ffe2b45b21b14b36d7b49e562ccdf6
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash c722d314cb48ec5eafaa677a37033341
74b49350cfe1e6513f332e10e2f496054a3ca82b
62ebd99469e260c0f01110bff0f9b4cf00b86ceef9bc80f1b07cc3e68bcb765b
GET /hm.js?38ffe2b45b21b14b36d7b49e562ccdf6 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sun, 08 Jan 2023 08:46:52 GMT
Etag: f7f93c0530bc0cd4ac642514a9effdaa
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2FF3A67597C0EEF9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 196867af767aadede81c81ad3f0329a0
273892bcfbe37cbb6c2bcca34130eb188ea6952b
153d38763c40864b51ed5abb02468add21415733bfd79b9a8089b9c362a13c47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "153D38763C40864B51ED5ABB02468ADD21415733BFD79B9A8089B9C362A13C47"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Sun, 08 Jan 2023 09:35:03 GMT
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
ljcdn.comtucdncom.com/upload/vod/20200807-1/da71116492d1dcae6fc04f6e2d3fb60b.jpg
45.89.209.74200 OK 7.6 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20200807-1/da71116492d1dcae6fc04f6e2d3fb60b.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 2a77eccd3e304885a8322fdda40cdce1
49aaa4a3c902a9c3de410f1976713b3b45ae720a
0a82e5601af6a698a4396b3adf184bd87b04c83e4f28212329f67e33bf7b9d7f
GET /upload/vod/20200807-1/da71116492d1dcae6fc04f6e2d3fb60b.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 7555
Connection: keep-alive
Last-Modified: Fri, 07 Aug 2020 13:44:30 GMT
ETag: "5f2d5abe-1d83"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
sycdn.comtucdncom.com/pic/20200227bentu-gc/dGG5gd80.jpg
45.89.208.114200 OK 9.1 kB URL HTTP/1.1 sycdn.comtucdncom.com/pic/20200227bentu-gc/dGG5gd80.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash afa9728d9b2833d58aa338e3fc040b2f
29d092570e7d396f9474548e93200064fb9eab38
2c45428f1e2a8651ca95056e50a6437403b6fc7e0f85a7b88ea8b87fcbbcdc87
GET /pic/20200227bentu-gc/dGG5gd80.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 9121
Last-Modified: Thu, 11 Aug 2022 05:05:12 GMT
Connection: keep-alive
ETag: "62f48e08-23a1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
120.77.166.67200 OK 299 kB URL HTTP/1.1 383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP 120.77.166.67:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 08 Jan 2023 08:46:51 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 63BA82FB54280A3939AA8CA2
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Thu, 08 Dec 2022 07:20:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 3
ljcdn.comtucdncom.com/upload/vod/20210306-1/c20f6522bd9621014bac52f763089d1a.jpg
45.89.209.74200 OK 6.4 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20210306-1/c20f6522bd9621014bac52f763089d1a.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash d8dfa2033d9d65453dc6fc1a34f1c155
d37a31276a24b13adb2116ab2d2e18d1ef885a1b
7823862e5d3d3c1492d6ab15139c15c91e80f1ed65280d39464e58a9e4306665
GET /upload/vod/20210306-1/c20f6522bd9621014bac52f763089d1a.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 6377
Connection: keep-alive
Last-Modified: Fri, 05 Mar 2021 21:17:07 GMT
ETag: "60429fd3-18e9"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
sycdn.comtucdncom.com/pic/reregc-pic/2dfDa4xz.jpg
45.89.208.114200 OK 15 kB URL HTTP/1.1 sycdn.comtucdncom.com/pic/reregc-pic/2dfDa4xz.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 338cf003c2cd09b1299594a4f2570101
5fb1d5e9534a9b8dcbf7d18d50d1f8ebbbbef040
53c2f5f99cab1b2022c5f64ce39a6beab7fb5768b6ad1c835d15bb380cdcc75a
GET /pic/reregc-pic/2dfDa4xz.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 15008
Last-Modified: Thu, 11 Aug 2022 05:12:09 GMT
Connection: keep-alive
ETag: "62f48fa9-3aa0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20210417-1/d3a3095662f9c79b0275ac1b94e2ff03.jpg
45.89.209.74200 OK 7.1 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20210417-1/d3a3095662f9c79b0275ac1b94e2ff03.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 07f0ac0fd6ccf3a47fbb1d796ed73821
67341b90ac6cdc63cdc1fb9c4466f68ae3d9ab9d
fe4962840618b9fac11290acffdaf7f9f54a8f87fbbac380ff18bb9791e4ff87
GET /upload/vod/20210417-1/d3a3095662f9c79b0275ac1b94e2ff03.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 7060
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 19:52:40 GMT
ETag: "6079eb08-1b94"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20201112-1/5dc231c2df18923f973ec3abdc2dc54f.jpg
45.89.209.74200 OK 14 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20201112-1/5dc231c2df18923f973ec3abdc2dc54f.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e386a280cd1a0e6da29bc15755f3dc79
cd4e8b7647eef267ffb3117c4025eb809165f106
d2d1981cd905c6c26395d0ffdb254da6a3905a5d03bf7c4dc91fcd95265ab1b7
GET /upload/vod/20201112-1/5dc231c2df18923f973ec3abdc2dc54f.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 13948
Connection: keep-alive
Last-Modified: Thu, 12 Nov 2020 02:08:07 GMT
ETag: "5fac9907-367c"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
pt1.putaozy.info/20220619/AD4930BF7726580B/AD4930BF7726580B.jpg
5.180.83.52200 OK 7.5 kB URL HTTP/1.1 pt1.putaozy.info/20220619/AD4930BF7726580B/AD4930BF7726580B.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 06157f9c5d275757ee58e9015af8dee5
cab9ab95a26ef9a4d51120f1a0af0285f6d0fad2
aad59558c5f0b8c29645ceb9d37ff4b598f4b672757de93b0a8bff989c40db13
GET /20220619/AD4930BF7726580B/AD4930BF7726580B.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 7483
Last-Modified: Thu, 08 Sep 2022 08:15:02 GMT
Connection: keep-alive
ETag: "6319a486-1d3b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20211015/DC1C33CC7DCCF4D4/DC1C33CC7DCCF4D4.jpg
5.180.83.45200 OK 9.2 kB URL HTTP/1.1 pic1.semaobf1.com/20211015/DC1C33CC7DCCF4D4/DC1C33CC7DCCF4D4.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c0985586f1c21788d862ab773b790537
58f1815bca9e39ce32cc49e71f3ceac35c20f066
de7962a01e6e4385aaf34e2a0fdbc0b4bc078b2b7e19aa586bd950cf563c06da
GET /20211015/DC1C33CC7DCCF4D4/DC1C33CC7DCCF4D4.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9243
Last-Modified: Tue, 06 Sep 2022 14:30:11 GMT
Connection: keep-alive
ETag: "63175973-241b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a11bdc6eb6c451f2aafd7e8988f1d39a
793cd57a12c531889d03fe9cfcf61cbc1874ba06
a0d6e2b71870fdbf4303c1e548ae71e88d7bd736191d539812cce3088f25e375
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0D6E2B71870FDBF4303C1E548AE71E88D7BD736191D539812CCE3088F25E375"
Last-Modified: Sat, 07 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7776
Expires: Sun, 08 Jan 2023 10:56:29 GMT
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
pt1.putaozy.info/20220309/92AFB0C5F104AF92/92AFB0C5F104AF92.jpg
5.180.83.52200 OK 11 kB URL HTTP/1.1 pt1.putaozy.info/20220309/92AFB0C5F104AF92/92AFB0C5F104AF92.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d5481647522c1d00e1f2cc7fb27cce0d
29b43be050cdda44d46b68faba4cb677042aeb42
a2fc38973e1a363c2699723ea64fa8a00d791a3ed00f8ae32181578972a2ca10
GET /20220309/92AFB0C5F104AF92/92AFB0C5F104AF92.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 10671
Last-Modified: Thu, 08 Sep 2022 08:12:55 GMT
Connection: keep-alive
ETag: "6319a407-29af"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220307/3EA14E7F220A87DC/3EA14E7F220A87DC.jpg
5.180.83.52200 OK 2.3 kB URL HTTP/1.1 pt1.putaozy.info/20220307/3EA14E7F220A87DC/3EA14E7F220A87DC.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash df640e7ffb206b243f75ef89750b1afa
7e4796ecce9e2fe1dfe4e325677169f56b6ea6e8
6c3b45a63492a30ef1da7f6e76c922430343c93b2092e58a387fe98557234a49
GET /20220307/3EA14E7F220A87DC/3EA14E7F220A87DC.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 2329
Last-Modified: Thu, 08 Sep 2022 08:11:22 GMT
Connection: keep-alive
ETag: "6319a3aa-919"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 2f129fd82e9a59561dc7f1b3f836d984
41400ece05968ce7b564efb202743d943f9e2666
deb1ba7f198877e7b39a85b79b8ae809cbae225f2916be880b571a0b31e3d83f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2620
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 08:46:53 GMT
Last-Modified: Sun, 08 Jan 2023 08:03:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 727
pt1.putaozy.info/20220305/8659585624278A2C/8659585624278A2C.jpg
5.180.83.52200 OK 12 kB URL HTTP/1.1 pt1.putaozy.info/20220305/8659585624278A2C/8659585624278A2C.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0d85d67247de1ab84777f7ffa34507b5
7497c8ff81991e9f39e8c8de8838cdb6623a79ec
224b7d4c7382cc327ecbe532ad8f4f313a3179f773c6fa27ac56f9dbaff4f095
GET /20220305/8659585624278A2C/8659585624278A2C.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 12079
Last-Modified: Thu, 08 Sep 2022 08:09:51 GMT
Connection: keep-alive
ETag: "6319a34f-2f2f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220416/D888EDDDA6A9590C/D888EDDDA6A9590C.jpg
5.180.83.52200 OK 13 kB URL HTTP/1.1 pt1.putaozy.info/20220416/D888EDDDA6A9590C/D888EDDDA6A9590C.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 079211cc230cb678b6f3f420bda750d4
eb5d819eb5b3213b99b6e15ab4bef1a16386d1b0
a0d519ecc819da88b1a430c598c7481c2069726096f47ecf068ccd1706c3cc4f
GET /20220416/D888EDDDA6A9590C/D888EDDDA6A9590C.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 12551
Last-Modified: Thu, 08 Sep 2022 08:13:03 GMT
Connection: keep-alive
ETag: "6319a40f-3107"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220213/6212817A5ECFB039/6212817A5ECFB039.jpg
5.180.83.45200 OK 7.7 kB URL HTTP/1.1 pic1.semaobf1.com/20220213/6212817A5ECFB039/6212817A5ECFB039.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a47dc78e113f640768606edd17797001
6097c2ede30573c356338985c062ecf11161ae2a
85c897646cd04498cca87637dbbb110b5d5fdf6f94453e7c6df6a991c7dc78dd
GET /20220213/6212817A5ECFB039/6212817A5ECFB039.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 7654
Last-Modified: Tue, 06 Sep 2022 14:29:23 GMT
Connection: keep-alive
ETag: "63175943-1de6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 2f129fd82e9a59561dc7f1b3f836d984
41400ece05968ce7b564efb202743d943f9e2666
deb1ba7f198877e7b39a85b79b8ae809cbae225f2916be880b571a0b31e3d83f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2620
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 08:46:53 GMT
Last-Modified: Sun, 08 Jan 2023 08:03:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 727
kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
172.83.155.45200 OK 366 kB URL HTTP/2 kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 08:46:52 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sun, 08 Jan 2023 20:46:52 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1420381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwipRCov4sczHTcdIWkv%2FaUrYkMXIXYgzLjnYGeXGYrNTWiFyZ4kN%2FbAl29k5zhUJwdz4MPvR6gOiEVX0jKqomGgljR2%2BFim4H7cs%2FsgE0OBbp%2BdOSiFv8UW13GA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f29af56ca4c5f5-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pt1.putaozy.info/20220314/55F1B09F697C88F0/55F1B09F697C88F0.jpg
5.180.83.52200 OK 9.0 kB URL HTTP/1.1 pt1.putaozy.info/20220314/55F1B09F697C88F0/55F1B09F697C88F0.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 9x8, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1ba71c9ae0177dd3a5fdfe8ac34e09c1
9bbd50497a7a0aed167b358399539912a71ff7ad
a5634bae20e08a49adeb7961e122381a5ff17904bf5844f6048791cefd14e5ed
GET /20220314/55F1B09F697C88F0/55F1B09F697C88F0.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 9012
Last-Modified: Thu, 08 Sep 2022 08:13:29 GMT
Connection: keep-alive
ETag: "6319a429-2334"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2bdb70149ba79ebdb516d9851c26b232
cc084787114baf0b3e85553d5a2ba6fa77f57fb5
21071dd58f7e03ce5120748c1a4951d80b1f6e048cb02f8cf6e1f48c96301a71
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 08:46:53 GMT
Server: ECS (amb/6B75)
Content-Length: 279
pic1.semaobf1.com/20220511/84CC44A60F4943C0/84CC44A60F4943C0.jpg
5.180.83.45200 OK 14 kB URL HTTP/1.1 pic1.semaobf1.com/20220511/84CC44A60F4943C0/84CC44A60F4943C0.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 643x480, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 04553b0431a9b6c8cb6c721dc6bfe3bd
299b72ae7ef2b9b537b565b65819026262b20e82
0eb34c1d982c69d6e7fa8dee6a931200bd47e1747f23d3e01ab17ca48b3e9167
GET /20220511/84CC44A60F4943C0/84CC44A60F4943C0.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 13869
Last-Modified: Tue, 06 Sep 2022 14:29:03 GMT
Connection: keep-alive
ETag: "6317592f-362d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a11bdc6eb6c451f2aafd7e8988f1d39a
793cd57a12c531889d03fe9cfcf61cbc1874ba06
a0d6e2b71870fdbf4303c1e548ae71e88d7bd736191d539812cce3088f25e375
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0D6E2B71870FDBF4303C1E548AE71E88D7BD736191D539812CCE3088F25E375"
Last-Modified: Sat, 07 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Sun, 08 Jan 2023 14:46:42 GMT
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
pic1.semaobf1.com/20220530/5A05DC1950909B02/5A05DC1950909B02.jpg
5.180.83.45200 OK 9.2 kB URL HTTP/1.1 pic1.semaobf1.com/20220530/5A05DC1950909B02/5A05DC1950909B02.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 213x160, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 484301ccfc6cefd2143f2b154337beca
504728ef6bb0e9185ce420b783582d789e3d1a2f
b8a691661184f8e31ed8cf2ca0cdc3c151eb99bdbeb8054b2c396f170e555f8a
GET /20220530/5A05DC1950909B02/5A05DC1950909B02.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9212
Last-Modified: Tue, 06 Sep 2022 14:30:15 GMT
Connection: keep-alive
ETag: "63175977-23fc"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2020-09-09/15995892899.jpg
45.89.209.74200 OK 6.8 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2020-09-09/15995892899.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 480x361, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 504dfca50f6d43ff3a0e68ea0cfa3916
72e256620b2f1d9945017f8314d155644ce728cb
b756f1d93284c7db98b5e96ea1dc987978180a184138d7576a857a9f305e14f9
GET /upload/vod/2020-09-09/15995892899.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 6773
Last-Modified: Fri, 02 Dec 2022 06:01:56 GMT
Connection: keep-alive
ETag: "638994d4-1a75"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-12/154462870411.jpg
45.89.209.74200 OK 8.9 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-12/154462870411.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b606b412ed7dca260684f7fdbededebe
02848a40539558df76429edc5d6f83991a7657f8
59529e2883e5abfe95235088cd7948949ae1c9415eadfd220df83cbb5ee16ebd
GET /upload/vod/2018-12-12/154462870411.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 8891
Last-Modified: Sun, 04 Dec 2022 01:07:16 GMT
Connection: keep-alive
ETag: "638bf2c4-22bb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-13/21/guigqceatuq2132guigqceatuq313565.jpg
45.89.209.74200 OK 7.2 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-13/21/guigqceatuq2132guigqceatuq313565.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 136x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 95163e1053d0aba35e6acd064c3d7282
87a64a4a9630ca5d568b625000539ef62f11bb15
bf7a0e365f5151fba6ffe677647d0978917547c8d6eb2063857fe98d3df0f3f2
GET /upload/vod/2019/11-13/21/guigqceatuq2132guigqceatuq313565.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 7165
Last-Modified: Fri, 25 Nov 2022 12:41:55 GMT
Connection: keep-alive
ETag: "6380b813-1bfd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220526/09D4B3059AC6C948/09D4B3059AC6C948.jpg
5.180.83.45404 Not Found 146 B URL HTTP/1.1 pic1.semaobf1.com/20220526/09D4B3059AC6C948/09D4B3059AC6C948.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /20220526/09D4B3059AC6C948/09D4B3059AC6C948.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
ddcdn.comtucdncom.com/upload/vod/2018-12-22/154548216515.jpg
45.89.209.74200 OK 9.1 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-22/154548216515.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cd48fccc0f7e3a50127b7c176928ced6
2932834e59fb5f9ee2c012c68d2ade541a754c1c
caf97f2352c06de4385672b8657a87ffd9eace3f244ab336f8ce8d05e06bf483
GET /upload/vod/2018-12-22/154548216515.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 9109
Last-Modified: Sun, 04 Dec 2022 06:58:16 GMT
Connection: keep-alive
ETag: "638c4508-2395"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
p3.douyinpic.com/obj/tos-cn-i-dy/b1f4270216704c0f8cc43a10401d2f97
47.246.44.225200 OK 385 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b1f4270216704c0f8cc43a10401d2f97
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 385 kB (384932 bytes)
Hash 6b1533d50f7375dff2f5b3969e7ec1da
6dfd13e56902faedb34a9d2e6d27e51605ddb0f1
2f235ff0c8fd65b40619ef5448206c505716aa41dcee03850c00b1352c986f7c
GET /obj/tos-cn-i-dy/b1f4270216704c0f8cc43a10401d2f97 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 384932
date: Thu, 17 Nov 2022 10:00:16 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:03 GMT
nw-session-id: 202211171753030102101860364CA5BD5Ex7wrg01dy
nw-session-trace: 2022-11-17T17:53:03.831686834+08:00 69
x-bdcdn-cache-status: TCP_HIT
x-length: 384932
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:03 GMT
x-tt-logid: 202211171753030102101860364CA5BD5E
via: n204-098-210, cache10.l2de2[0,0,206-0,H], cache5.l2de2[1,0], cache5.l2de2[2,0], cache5.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:21:307::156
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01f182c839dd3e503e2b5fce9c0d2d64acbfa1b6dda83814008bcbd6e2cf59654f59f479c39409b5b8c85de9eece6667f5a627f40eb1831b648df1e05282a67816bc37d9508c3aeb8db10b8a5b6d460aa6b502677ae9bbb5468667f0b67fbfc643
x-response-lb: image
ali-swift-global-savetime: 1668679217
age: 4488396
x-cache: HIT TCP_MEM_HIT dirn:4:218641079
x-swift-savetime: Thu, 17 Nov 2022 10:22:55 GMT
x-swift-cachetime: 31534642
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816731676132935030e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
47.246.44.225200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 21 Oct 2022 06:45:44 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:39:38 GMT
nw-session-id: 202210211439380101311360293842A52Fgx4cc03dy
nw-session-trace: 2022-10-21T14:39:38.59145035+08:00 28
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:39:38 GMT
x-tt-logid: 202210211439380101311360293842A52F
via: n132-067-168, cache19.l2de2[0,0,206-0,H], cache11.l2de2[2,0], cache11.l2de2[2,0], cache1.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:14:130::18
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010bb5ec5b1b5f1e47ca91c2b81197a74f8048ba6c9105f29b60a5a5654edfd2e74a44ae94b6f429eb61763780aa091400b761df5690404fbe40d4d865710f70cd7a52fd33d8906f8ae44a9cba323b06e589132522b5dde5de19e056fb46c2d0ef
x-response-lb: image
ali-swift-global-savetime: 1666334744
age: 6832869
x-cache: HIT TCP_MEM_HIT dirn:11:28085889
x-swift-savetime: Fri, 21 Oct 2022 07:27:56 GMT
x-swift-cachetime: 31533468
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816731676133025039e
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-14/12/t125mt2xx5b1204t125mt2xx5b224790.jpg
45.89.209.74200 OK 7.9 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-14/12/t125mt2xx5b1204t125mt2xx5b224790.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash c7ae078cd2cb19713bdd22444509cabd
357a7480576bd716cc76d6b9fd9b88a668c41d15
5be84c9c672758fd7432be76335a2a98e331cbb5b283a2306a8275ff51e5690c
GET /upload/vod/2020/04-14/12/t125mt2xx5b1204t125mt2xx5b224790.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 7913
Last-Modified: Fri, 25 Nov 2022 12:38:59 GMT
Connection: keep-alive
ETag: "6380b763-1ee9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/05-04/04/kzbqhd34pg40401kzbqhd34pg446555.jpg
45.89.209.74200 OK 7.9 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/05-04/04/kzbqhd34pg40401kzbqhd34pg446555.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4b4bd7e1490b05d7d6795364180b9fe7
ffe87e23c011ad34d67311b92b119191f5d2c61a
0ebe8c69c3116f4316916299100bb0fd8548de8610a77fde7720f367daed9748
GET /upload/vod/2022/05-04/04/kzbqhd34pg40401kzbqhd34pg446555.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 7864
Last-Modified: Fri, 25 Nov 2022 12:36:54 GMT
Connection: keep-alive
ETag: "6380b6e6-1eb8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/02-27/19/vshzilkirzq1907vshzilkirzq282533.jpg
45.89.209.74200 OK 7.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/02-27/19/vshzilkirzq1907vshzilkirzq282533.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 20d956956e24837730129a5f9f300f28
beb69345ad030a7481df5c68e5637e97c6c20f4d
e22a7441b24e798b599d961c974757d9f5af005b2d6298b7be79acd5579397df
GET /upload/vod/2020/02-27/19/vshzilkirzq1907vshzilkirzq282533.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 6978
Last-Modified: Fri, 25 Nov 2022 12:39:29 GMT
Connection: keep-alive
ETag: "6380b781-1b42"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-14/18/qs2cdnvs12e1810qs2cdnvs12e067294.jpg
45.89.209.74200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-14/18/qs2cdnvs12e1810qs2cdnvs12e067294.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 0c4c3017fed367ece40d5c250e020e97
50dfb330055292716c2b10847a08565c989d2095
486c8b821e22a8dbaf1e1407e75afec337aed95cdee82d8745092333d4997c1d
GET /upload/vod/2020/04-14/18/qs2cdnvs12e1810qs2cdnvs12e067294.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 11946
Last-Modified: Fri, 25 Nov 2022 12:37:15 GMT
Connection: keep-alive
ETag: "6380b6fb-2eaa"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/03-28/06/r1p3to3exwn0605r1p3to3exwn101372.jpg
45.89.209.74200 OK 9.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/03-28/06/r1p3to3exwn0605r1p3to3exwn101372.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 999a1af89ad2558fbbb12586031d20f4
ee5719d90ab1578713a0a570022817e0b94a370a
30f5c53561c7bb11f2b02b3d12ea341aece8199e4b88a6e3fe31c6ddd6822874
GET /upload/vod/2020/03-28/06/r1p3to3exwn0605r1p3to3exwn101372.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 9572
Last-Modified: Fri, 25 Nov 2022 12:37:40 GMT
Connection: keep-alive
ETag: "6380b714-2564"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/upload/vod/20200920-1/af8a26d7499d5e2b960dfbdd33ec6be3.jpg
45.89.208.114200 OK 44 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20200920-1/af8a26d7499d5e2b960dfbdd33ec6be3.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1022x575, components 3\012- data
Hash 5b00673d64bda831c2738005678a0a9e
877f18ff9cbf20696a7dc257d0bf1ca7203921f8
e7b720ba8d67c0b8a1580509e2ce08b1885e778d9abb24b13b890424a8afe5ac
GET /upload/vod/20200920-1/af8a26d7499d5e2b960dfbdd33ec6be3.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 43727
Last-Modified: Thu, 11 Aug 2022 05:10:41 GMT
Connection: keep-alive
ETag: "62f48f51-aacf"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20211028-1/e8ab87e0f77eec83c15302c3635ef8a6.jpg
45.89.209.74200 OK 9.0 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20211028-1/e8ab87e0f77eec83c15302c3635ef8a6.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 36f819a3861cbb17bdc2d2d9f4e1fcc1
a9bc8c81f50ff7cb9b7dacc552236e2264baf693
cf438fc2154a8318ffe0015b604ad7d2546a32a0ed2316460373fc67d170da87
GET /upload/vod/20211028-1/e8ab87e0f77eec83c15302c3635ef8a6.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 8975
Connection: keep-alive
Last-Modified: Thu, 28 Oct 2021 09:52:27 GMT
ETag: "617a72db-230f"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
pic1.semaobf1.com/20220615/8E9CC958AA81DEC0/8E9CC958AA81DEC0.jpg
5.180.83.45404 Not Found 146 B URL HTTP/1.1 pic1.semaobf1.com/20220615/8E9CC958AA81DEC0/8E9CC958AA81DEC0.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /20220615/8E9CC958AA81DEC0/8E9CC958AA81DEC0.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d04bff6bbc759d60c4e361e198cdbd08
1121f0a4a4fab1799e54bcdcdba3288a44611ade
ce322673ff48a388a4e1455aeb4d81b04e07c85dc8f8eab3eb55571dc1176218
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE322673FF48A388A4E1455AEB4D81B04E07C85DC8F8EAB3EB55571DC1176218"
Last-Modified: Sat, 07 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18912
Expires: Sun, 08 Jan 2023 14:02:05 GMT
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
u1033.com/4f87ac53747641188cda45be4ebed5f9.gif
103.189.109.70200 OK 309 kB URL HTTP/2 u1033.com/4f87ac53747641188cda45be4ebed5f9.gif
IP 103.189.109.70:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 309 kB (309100 bytes)
Hash 85a34441173f1ad7d14a35ca78a4ca92
5d6216548b65b8ac46382cdc4b52c01305c5c1f8
ad6bfce666abcdf98e9ba0b238269d0b1b708c870bc21b0d066fcc57264b965f
GET /4f87ac53747641188cda45be4ebed5f9.gif HTTP/1.1
Host: u1033.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63a6b5ff-4b76c"
server: nginx
date: Fri, 06 Jan 2023 09:27:42 GMT
content-type: image/gif
last-modified: Sat, 24 Dec 2022 08:19:11 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-060
content-length: 309100
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0
43.154.254.32200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 08 Jan 2023 08:46:52 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Mon, 19 Dec 2022 06:54:31 GMT
cache-control: max-age=2592000
x-delay: 27659 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: 95e2c091-b8eb-48ba-8c11-fa4064cf93db
X-Firefox-Spdy: h2
kvegg.com/1f983e66dfb925d81e4da07bbbaf11fa.gif
172.83.155.45200 OK 274 kB URL HTTP/2 kvegg.com/1f983e66dfb925d81e4da07bbbaf11fa.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 274 kB (273994 bytes)
Hash dd958b3e68b86521a1aa39a6ad18b7ab
1985a71ffbda6b9f3cf8cc2c16a432827d74efdf
4b6204acd4c9d7154d86b003ee9abafb7e238fef26e46376d2c71b3fbf93ef36
GET /1f983e66dfb925d81e4da07bbbaf11fa.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 08:46:52 GMT
content-type: image/gif
content-length: 273994
last-modified: Sun, 18 Dec 2022 07:01:49 GMT
etag: "639ebadd-42e4a"
expires: Sun, 08 Jan 2023 20:46:52 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 21242
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWKvu4czFePRb742V5V%2F8TKzrWAz9lu4QWw4vOoCRA98xLuiABZvCkAsemtJtw9IVyM3gynuuU7JZTFi%2FBcVDA%2F%2BJE7PTlFqhEW71gUtPKuruKWz7Q1MO6Ea%2B%2F29"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f29af0ac4ac36e-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
9366qq.com/3be4171f45964b3795b8b02e1da84c25.gif
45.61.212.128200 OK 584 kB URL HTTP/1.1 9366qq.com/3be4171f45964b3795b8b02e1da84c25.gif
IP 45.61.212.128:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
GET /3be4171f45964b3795b8b02e1da84c25.gif HTTP/1.1
Host: 9366qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "631ee6a4-8e959"
Date: Fri, 30 Dec 2022 09:50:08 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 12 Sep 2022 07:58:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-28
Content-Length: 584025
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d04bff6bbc759d60c4e361e198cdbd08
1121f0a4a4fab1799e54bcdcdba3288a44611ade
ce322673ff48a388a4e1455aeb4d81b04e07c85dc8f8eab3eb55571dc1176218
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE322673FF48A388A4E1455AEB4D81B04E07C85DC8F8EAB3EB55571DC1176218"
Last-Modified: Sat, 07 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21504
Expires: Sun, 08 Jan 2023 14:45:17 GMT
Date: Sun, 08 Jan 2023 08:46:53 GMT
Connection: keep-alive
sycdn.comtucdncom.com/upload/vod/20210607-1/4264e92eb7791a99692f734303850c38.jpg
45.89.208.114200 OK 23 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20210607-1/4264e92eb7791a99692f734303850c38.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.111.101", baseline, precision 8, 634x412, components 3\012- data
Hash 7810bf4ee6984ae45bac02bfbb366cca
9fb9880eaab85690f55e78f943d9100fdb1dea11
d47662a504da81e5377e4dcda905e541ac9ce4b033f4a05692c89eef84159c62
GET /upload/vod/20210607-1/4264e92eb7791a99692f734303850c38.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 23000
Last-Modified: Thu, 11 Aug 2022 04:55:48 GMT
Connection: keep-alive
ETag: "62f48bd4-59d8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/papa-PIC/avid5c66a44d1bc5d.jpg
45.89.208.114200 OK 49 kB URL HTTP/1.1 sycdn.comtucdncom.com/papa-PIC/avid5c66a44d1bc5d.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 795x458, components 3\012- data
Hash 8c55bd5d7c6500173ceb01615d875929
bf243c1e35f8daf0fe256b17fa562c94c61921cf
9fbb4218ce354d6cdde4e605cc98d9e56108d8739b0637aabff147c1aa37a08f
GET /papa-PIC/avid5c66a44d1bc5d.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 49394
Last-Modified: Thu, 11 Aug 2022 05:09:33 GMT
Connection: keep-alive
ETag: "62f48f0d-c0f2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20200823-1/e7d31aced2ee17719782ec0dbf21e5ea.jpg
45.89.209.74200 OK 15 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20200823-1/e7d31aced2ee17719782ec0dbf21e5ea.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x540, components 3\012- data
Hash 159a97d288cd1cd9011907ecd903ff6a
fa0fc9fae3e3db478ed6aba54e90a6e42f938beb
c685038276b06fffdf5bf6e2b352e278d7f0ddc6e218a1a29eae9acb63a1f571
GET /upload/vod/20200823-1/e7d31aced2ee17719782ec0dbf21e5ea.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 15181
Connection: keep-alive
Last-Modified: Wed, 26 Aug 2020 14:39:20 GMT
ETag: "5f467418-3b4d"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
pt1.putaozy.info/20220618/35D34AFE3359617A/35D34AFE3359617A.jpg
5.180.83.52200 OK 14 kB URL HTTP/1.1 pt1.putaozy.info/20220618/35D34AFE3359617A/35D34AFE3359617A.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash ce4467ce5777f348cceb58ce9ef6aef7
2c8d4b8ec0c3cc75e20c0c9a34b242c72bb2eed7
d45a4d1079c4abd40a85e8461d0b392c5d1af67b1f92447c0c6bbdeae79831a8
GET /20220618/35D34AFE3359617A/35D34AFE3359617A.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 13649
Last-Modified: Thu, 08 Sep 2022 08:13:31 GMT
Connection: keep-alive
ETag: "6319a42b-3551"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220310/7DC47F5A819A37A7/7DC47F5A819A37A7.jpg
5.180.83.52200 OK 10 kB URL HTTP/1.1 pt1.putaozy.info/20220310/7DC47F5A819A37A7/7DC47F5A819A37A7.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash f33b9f70c2cc1c554a5938694a7ff360
276831e96a3026afc05f61b97615bbd679db8ae9
59ff26cf132a3dc24e825401a3dd60c67647579e5bcbdf1110a23b4d18039b81
GET /20220310/7DC47F5A819A37A7/7DC47F5A819A37A7.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 10175
Last-Modified: Thu, 08 Sep 2022 08:15:55 GMT
Connection: keep-alive
ETag: "6319a4bb-27bf"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220305/D30AD4529042C8F4/D30AD4529042C8F4.jpg
5.180.83.52200 OK 12 kB URL HTTP/1.1 pt1.putaozy.info/20220305/D30AD4529042C8F4/D30AD4529042C8F4.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash deb0304200e29b3383734aa6db184750
9756d69e197db80cef3a028ae2688776cb9a6835
d231e4016d15b97ebda5a9add09fadc0141dfcb46713aa4b4da76adba29a46ff
GET /20220305/D30AD4529042C8F4/D30AD4529042C8F4.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 12311
Last-Modified: Thu, 08 Sep 2022 08:15:05 GMT
Connection: keep-alive
ETag: "6319a489-3017"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220505/93BA63C9921E283E/93BA63C9921E283E.jpg
5.180.83.52200 OK 6.5 kB URL HTTP/1.1 pt1.putaozy.info/20220505/93BA63C9921E283E/93BA63C9921E283E.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 27x64, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 25f76d679a0f6932df0e13cb8f38b2ec
9cf905ddc2cf468c325e805a20de37754d5b4896
e4e4b09af0328d6b4fbbaf3661e9efa8133829b1ab32634a38a9bdb1494d3916
GET /20220505/93BA63C9921E283E/93BA63C9921E283E.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 6532
Last-Modified: Thu, 08 Sep 2022 08:13:46 GMT
Connection: keep-alive
ETag: "6319a43a-1984"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220314/70533C816CA057EF/70533C816CA057EF.jpg
5.180.83.52200 OK 11 kB URL HTTP/1.1 pt1.putaozy.info/20220314/70533C816CA057EF/70533C816CA057EF.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 64afa57a159545792f6b3f8f6e099ecc
0f324c726e0c72a216187b6371ce9fa11b7b9a44
2a672ff08604ad9d4739e8f198f1aebda585e3cb174f913e3748a152da1689d4
GET /20220314/70533C816CA057EF/70533C816CA057EF.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 10776
Last-Modified: Thu, 08 Sep 2022 08:13:20 GMT
Connection: keep-alive
ETag: "6319a420-2a18"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220305/559650CED7439104/559650CED7439104.jpg
5.180.83.52200 OK 10 kB URL HTTP/1.1 pt1.putaozy.info/20220305/559650CED7439104/559650CED7439104.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e3578c51815e94a5a2720c66c68043d1
20f94f2000b068d775bb7e6e697015b3b6fc1a90
0fa922ebc32a27e260c42d1cf2a452cc857dafdb0c02de5d6af3b0c58569e3f5
GET /20220305/559650CED7439104/559650CED7439104.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 10129
Last-Modified: Thu, 08 Sep 2022 08:16:27 GMT
Connection: keep-alive
ETag: "6319a4db-2791"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220402/C1FA0948FC503A70/C1FA0948FC503A70.jpg
5.180.83.45200 OK 5.7 kB URL HTTP/1.1 pic1.semaobf1.com/20220402/C1FA0948FC503A70/C1FA0948FC503A70.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bc3d03cd652a1b4c0e1a99816fd1fc63
44ccb1debd4839de5ceeae62ab4206e98a7e348f
1cc3f4247b55c8737900218b542b8344b14893a4698922ebbf5d567d3d1d12d2
GET /20220402/C1FA0948FC503A70/C1FA0948FC503A70.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 5746
Last-Modified: Tue, 06 Sep 2022 14:29:07 GMT
Connection: keep-alive
ETag: "63175933-1672"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220325/1F02BDFB44302A10/1F02BDFB44302A10.jpg
5.180.83.45200 OK 9.4 kB URL HTTP/1.1 pic1.semaobf1.com/20220325/1F02BDFB44302A10/1F02BDFB44302A10.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 27x64, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4ede1d102f225c054908d475c172a2b7
1691ea6dcf5a2dcccde0b6284170e73c1590ff56
e109bf21c9e51c13fcb843ac7d6c71d53021c5967d6e3504f16d83cfef393d95
GET /20220325/1F02BDFB44302A10/1F02BDFB44302A10.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9390
Last-Modified: Tue, 06 Sep 2022 14:28:54 GMT
Connection: keep-alive
ETag: "63175926-24ae"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220217/C915B6C275CE5F2F/C915B6C275CE5F2F.jpg
5.180.83.45200 OK 9.9 kB URL HTTP/1.1 pic1.semaobf1.com/20220217/C915B6C275CE5F2F/C915B6C275CE5F2F.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3a20a604eb1ec5382543b8c8c0d63b82
25fd5c924ad486729e23fe5ba9264a690cfba65a
68020604058c216c10fff33e37f0d864e7b5408a5aa1c004322d59a6061c1c13
GET /20220217/C915B6C275CE5F2F/C915B6C275CE5F2F.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9894
Last-Modified: Tue, 06 Sep 2022 14:29:08 GMT
Connection: keep-alive
ETag: "63175934-26a6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2060235106&si=38ffe2b45b21b14b36d7b49e562ccdf6&v=1.3.0&lv=1&sn=59051&r=0&ww=1280&u=http%3A%2F%2Fwww.ahruntang.com%2F&tt=%E6%AC%A7%E7%BE%8E%E8%89%B2%E8%A7%86%E9%A2%91%E6%97%A5%E6%9C%AC%E7%89%87%E5%85%8D%E8%B4%B9%7C97%E4%BA%BA%E6%B4%97%E6%BE%A1%E4%BA%BA%E4%BA%BA%E6%BE%A1%E4%BA%BA%E4%BA%BA%E7%88%BD%E4%BA%BA%E4%BA%BA%E6%A8%A1%7C%E9%AB%98%E6%BD%AE%E7%9A%84a%E7%89%87%E6%BF%80%E6%83%85
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2060235106&si=38ffe2b45b21b14b36d7b49e562ccdf6&v=1.3.0&lv=1&sn=59051&r=0&ww=1280&u=http%3A%2F%2Fwww.ahruntang.com%2F&tt=%E6%AC%A7%E7%BE%8E%E8%89%B2%E8%A7%86%E9%A2%91%E6%97%A5%E6%9C%AC%E7%89%87%E5%85%8D%E8%B4%B9%7C97%E4%BA%BA%E6%B4%97%E6%BE%A1%E4%BA%BA%E4%BA%BA%E6%BE%A1%E4%BA%BA%E4%BA%BA%E7%88%BD%E4%BA%BA%E4%BA%BA%E6%A8%A1%7C%E9%AB%98%E6%BD%AE%E7%9A%84a%E7%89%87%E6%BF%80%E6%83%85
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2060235106&si=38ffe2b45b21b14b36d7b49e562ccdf6&v=1.3.0&lv=1&sn=59051&r=0&ww=1280&u=http%3A%2F%2Fwww.ahruntang.com%2F&tt=%E6%AC%A7%E7%BE%8E%E8%89%B2%E8%A7%86%E9%A2%91%E6%97%A5%E6%9C%AC%E7%89%87%E5%85%8D%E8%B4%B9%7C97%E4%BA%BA%E6%B4%97%E6%BE%A1%E4%BA%BA%E4%BA%BA%E6%BE%A1%E4%BA%BA%E4%BA%BA%E7%88%BD%E4%BA%BA%E4%BA%BA%E6%A8%A1%7C%E9%AB%98%E6%BD%AE%E7%9A%84a%E7%89%87%E6%BF%80%E6%83%85 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 08 Jan 2023 08:46:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F37D305BF3F60E84; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
fmlb.netlbtu.com/20210718/tX78YsB5/1.jpg
45.89.209.74200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/20210718/tX78YsB5/1.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0440b9bc1c3e95e1723e28bdde34e2c3
eeea2e902e358330535ae11ad00ecd3a3f2b7b6b
fd5b1e649daaba8e3b17052906130268ccdd14a5918f3dc10a2a85d86b33779c
GET /20210718/tX78YsB5/1.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ahruntang.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 11468
Last-Modified: Fri, 25 Nov 2022 12:40:31 GMT
Connection: keep-alive
ETag: "6380b7bf-2ccc"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20220406-1/29a6204ae9c6227cb020d96e6c82e405.jpg
45.89.209.74200 OK 80 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20220406-1/29a6204ae9c6227cb020d96e6c82e405.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Hash a1004705696611a024ee5f8ba808c159
8fef5314f65df1eeb975dd1a3f9e17c24c0da7eb
f2d03969d77aeb560e55df48cc51fccbbfcf961fab37a063eb2ddc1baca9dd17
GET /upload/vod/20220406-1/29a6204ae9c6227cb020d96e6c82e405.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 79793
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2022 17:58:14 GMT
ETag: "624c8336-137b1"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ljcdn.comtucdncom.com/upload/vod/20220603-1/ce89186473e163e8595464b497cc9268.jpg
45.89.209.74200 OK 72 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20220603-1/ce89186473e163e8595464b497cc9268.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 820x462, components 3\012- data
Hash a7d58aac8259743ffdc3eaed63ed990a
3c5115a46e2b0f3fd37f0576c88a3f2305553de1
940557f27a6a0ba40f6aed9074da9900fd6d97ac687cbe56e88ffac19f3f8db9
GET /upload/vod/20220603-1/ce89186473e163e8595464b497cc9268.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:41 GMT
Content-Type: image/jpeg
Content-Length: 72021
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2022 18:21:53 GMT
ETag: "6298ffc1-11955"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
pic1.semaobf1.com/20211123/4A1557B6EB1D7244/4A1557B6EB1D7244.jpg
5.180.83.45200 OK 17 kB URL HTTP/1.1 pic1.semaobf1.com/20211123/4A1557B6EB1D7244/4A1557B6EB1D7244.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 241c76aad5425230d982d0e508000ea8
1a9615c14c85924d0a3c1304ebca5042d7992d91
6390f46f0a1a32b53d061a43ae3a2d9605fbd5be1fab5c526652cb11e0782ad1
GET /20211123/4A1557B6EB1D7244/4A1557B6EB1D7244.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 16997
Last-Modified: Tue, 06 Sep 2022 14:29:15 GMT
Connection: keep-alive
ETag: "6317593b-4265"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20211101/8061C490F0BA7942/8061C490F0BA7942.jpg
5.180.83.45200 OK 9.3 kB URL HTTP/1.1 pic1.semaobf1.com/20211101/8061C490F0BA7942/8061C490F0BA7942.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 039a56fa098aee17a09eb2539f0c77c7
bde5e3b5eb0c07bffb534d13de208b79483325b2
96567559dc63f02e6bbb7ae42714d4ca98967b3a256e8ec6d436ec3de391ca3c
GET /20211101/8061C490F0BA7942/8061C490F0BA7942.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9333
Last-Modified: Tue, 06 Sep 2022 14:31:18 GMT
Connection: keep-alive
ETag: "631759b6-2475"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2021-03-12/161547892413.jpg
45.89.209.74200 OK 7.3 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2021-03-12/161547892413.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 250c77c205916f1544247358695fa468
73da875ca19f26e3a0c1d8b4de2525dece1fc8e1
6a54a0621bf07f7bf1a7490cb549b02b84b7a3c89897efeb92eb10333fe1469b
GET /upload/vod/2021-03-12/161547892413.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 7328
Last-Modified: Sun, 04 Dec 2022 01:58:16 GMT
Connection: keep-alive
ETag: "638bfeb8-1ca0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2019-01-13/15473648691.jpg
45.89.209.74200 OK 6.9 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2019-01-13/15473648691.jpg
IP 45.89.209.74:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash bfea247342b0897882b56e330720bf2e
701533fe88f9acea8a620d6ada636a914cd9e19a
4ef52c435d5ab286c9d298e0bd99891f2797f6bdc88cbe3672e62f56c0b610b3
GET /upload/vod/2019-01-13/15473648691.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 6884
Last-Modified: Sun, 04 Dec 2022 10:36:15 GMT
Connection: keep-alive
ETag: "638c781f-1ae4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2021-06-02/162258451416.jpg
45.89.209.74200 OK 50 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2021-06-02/162258451416.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 750x422, components 3\012- data
Hash c81cbabc0ce02ca1b53e9bb2bd062950
f91005e92102ac16ec97d587b1152486ff9cad7e
d8466146501b2709b6ed04cde3e1d71483f1b7b24545382c236aa5cf169d6986
GET /upload/vod/2021-06-02/162258451416.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 49969
Last-Modified: Sun, 04 Dec 2022 07:47:15 GMT
Connection: keep-alive
ETag: "638c5083-c331"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/upload/vod/20210126-1/9c866a0d38662ff9de7df6e1d3847532.jpg
45.89.208.114200 OK 116 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20210126-1/9c866a0d38662ff9de7df6e1d3847532.jpg
IP 45.89.208.114:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:12:03 12:12:35], progressive, precision 8, 720x415, components 3\012- data
Size 116 kB (115930 bytes)
Hash 24d4d0b54e651f5b7d57e4ac1411ece7
3d5a2a79201e5302405a59bd94ab4806262fafcf
e0277ce515552437a570b3827ea3ac91ab11eef88df6a486282f111fe72eb8f8
GET /upload/vod/20210126-1/9c866a0d38662ff9de7df6e1d3847532.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 115930
Last-Modified: Thu, 11 Aug 2022 05:07:51 GMT
Connection: keep-alive
ETag: "62f48ea7-1c4da"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220215/97CB07DCDC8BA3CC/97CB07DCDC8BA3CC.jpg
5.180.83.45200 OK 9.6 kB URL HTTP/1.1 pic1.semaobf1.com/20220215/97CB07DCDC8BA3CC/97CB07DCDC8BA3CC.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash db94aa1c2ab71c1bb5f1a00bf653b38c
523414809bdb16f4c775ef3dc7a576531c70bc4e
3f95d7314b43bd195f77f0779e4bce3d1a79f4feac5914735345ac91a22d9fdb
GET /20220215/97CB07DCDC8BA3CC/97CB07DCDC8BA3CC.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9575
Last-Modified: Tue, 06 Sep 2022 14:29:40 GMT
Connection: keep-alive
ETag: "63175954-2567"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
104.21.234.152200 OK 310 kB URL HTTP/2 kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
IP 104.21.234.152:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310102 bytes)
Hash aaaee07863e1fab7724d3b6698c0b4b3
1f75ba89585a8844a2c1e41625f88bae649be17d
41ac392c3cca5e4434c0f80595838a48338c94f8a9c691d4141c7ecb68acb24e
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ahruntang.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 08:46:53 GMT
content-type: image/gif
content-length: 310102
last-modified: Wed, 13 Jul 2022 15:28:42 GMT
etag: "62cee4aa-4bb56"
expires: Mon, 09 Jan 2023 17:15:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2475066
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYSH%2FtPRIll0UrTEn3Js2BgIBifUIhobpIoTaHsWL2DwGfRkMHNhWVqrezOGWX3fiPorN58mlmWhBkMsoUCgFOA%2FUEHaM0TTbK3tJ9O%2BXUeFP4zy36OS3kbOgj1u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7863aa4f7add7321-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/20210924/CcM9488M/1.jpg
45.89.209.74200 OK 7.2 kB URL HTTP/1.1 fmlb.netlbtu.com/20210924/CcM9488M/1.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 32dd9c2d96ab7b60183623bf44535007
a47b60dc42d725f3b0fb6e9bff414b40423262f0
fd79ee9d207d1f29c0a83c1bef98a625399ffc2fff286b55bfb0c214b39d2e5a
GET /20210924/CcM9488M/1.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ahruntang.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 7208
Last-Modified: Fri, 25 Nov 2022 12:41:35 GMT
Connection: keep-alive
ETag: "6380b7ff-1c28"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
47.246.44.225200 OK 343 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 343 kB (343002 bytes)
Hash ce862703bd3a6fd9e7acc3c32453fe84
c27754e24547e935314ba986477cd326628af7e4
eb9f779660b2713488854f27a211239724bb29b842e939424ec882b51520350b
GET /obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 343002
date: Sat, 17 Dec 2022 10:28:23 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 17 Dec 2022 10:00:43 GMT
nw-session-id: 2022121718004301013113605215982497p5k6801dy
nw-session-trace: 2022-12-17T18:00:43.827293149+08:00 42
x-bdcdn-cache-status: TCP_HIT
x-length: 343002
x-powered-by: ImageX
x-response-date: Sat, 17 Dec 2022 18:00:43 GMT
x-tt-logid: 2022121718004301013113605215982497
via: n128-134-083, cache14.l2de2[0,0,206-0,H], cache5.l2de2[2,0], cache5.l2de2[3,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:15:482::74
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010ec35d8338a3c1341674e3d2464ee09a429c9c5af2fc930930b9ec60625c05f3b71a3d79f906afd2479681df4ec15d8b01af344e24d3e5df5584a5196f7e0400dfccab4c7d44dab881b7b096fd4eb23fa223bfc14da29e326a459a9a6aa15d8b
x-response-lb: image
ali-swift-global-savetime: 1671272903
age: 1894710
x-cache: HIT TCP_MEM_HIT dirn:2:427158808
x-swift-savetime: Sat, 17 Dec 2022 11:36:55 GMT
x-swift-cachetime: 31531888
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816731676136335243e
X-Firefox-Spdy: h2
sycdn.comtucdncom.com/upload/vod/20201226-1/d3b25ba99ac297d5c65008fc8663c340.jpg
45.89.208.114200 OK 70 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20201226-1/d3b25ba99ac297d5c65008fc8663c340.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Hash 2080ed815ce497aed83eaf05b1cb235a
1f5aec67a46d6dc3a6e26932ccbdea8006238ebc
9e265bffc994f6b4c73d6c872eaa212015d175ea6ff79e0c86e14cbe1703132c
GET /upload/vod/20201226-1/d3b25ba99ac297d5c65008fc8663c340.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 69490
Last-Modified: Thu, 11 Aug 2022 04:57:40 GMT
Connection: keep-alive
ETag: "62f48c44-10f72"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/papa-PIC/avid5a1fe2144e53e.jpg
45.89.208.114200 OK 17 kB URL HTTP/1.1 sycdn.comtucdncom.com/papa-PIC/avid5a1fe2144e53e.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 324x576, components 3\012- data
Hash 098cc23135667041cb09f9a54243e126
c2b609cb0ceb0fde82f9d267187c4716feef758a
6a359cd99ba0bad50e2b835e4c4da7f514621156cc4129c2f01062d7f5f6b3c3
GET /papa-PIC/avid5a1fe2144e53e.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 16599
Last-Modified: Thu, 11 Aug 2022 05:12:58 GMT
Connection: keep-alive
ETag: "62f48fda-40d7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 547f93929cc3453546a5c27039a8d54f
a3979dc8861ceed8093665892e548b0dec35c4c4
475c00efe6fba1e418e3a9e6544ac6411e66a8e23eec17ded13e6af34a7bbf28
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 08 Jan 2023 08:33:15 GMT
last-modified: Sat, 07 Jan 2023 05:47:53 GMT
expires: Sat, 14 Jan 2023 05:47:52 GMT
etag: "a3979dc8861ceed8093665892e548b0dec35c4c4"
cache-control: max-age=576282,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7863965a99272bc6-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673166795
via: cache15.l2de2[0,0,304-0,H], cache12.l2de2[1,0], cache1.se1[22,22,200-0,H], cache1.se1[24,0], cache4.se1[26,0]
age: 818
x-cache: HIT TCP_REFRESH_HIT dirn:2:362234255
x-swift-savetime: Sun, 08 Jan 2023 08:46:53 GMT
x-swift-cachetime: 982
timing-allow-origin: *, *
eagleid: 2ff62c9816731676136785272e, 2ff62c9816731676136785272e
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 547f93929cc3453546a5c27039a8d54f
a3979dc8861ceed8093665892e548b0dec35c4c4
475c00efe6fba1e418e3a9e6544ac6411e66a8e23eec17ded13e6af34a7bbf28
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 08 Jan 2023 08:33:15 GMT
last-modified: Sat, 07 Jan 2023 05:47:53 GMT
expires: Sat, 14 Jan 2023 05:47:52 GMT
etag: "a3979dc8861ceed8093665892e548b0dec35c4c4"
cache-control: max-age=576282,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7863965a99272bc6-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673166795
via: cache15.l2de2[0,0,304-0,H], cache12.l2de2[1,0], cache1.se1[22,22,200-0,C], cache1.se1[24,0], cache8.se1[26,0]
age: 818
x-cache: HIT TCP_MEM_HIT dirn:2:362234255
x-swift-savetime: Sun, 08 Jan 2023 08:46:53 GMT
x-swift-cachetime: 982
timing-allow-origin: *, *
eagleid: 2ff62c9c16731676136775342e, 2ff62c9c16731676136775342e
pic1.semaobf1.com/20220113/97EAE915EAD65689/97EAE915EAD65689.jpg
5.180.83.45200 OK 8.1 kB URL HTTP/1.1 pic1.semaobf1.com/20220113/97EAE915EAD65689/97EAE915EAD65689.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f3a6249d7eb84411d1d0359c40a0fd73
d6842af043787db3c38d55689fac5754f965ff2e
6e65e846313b3b7eb50c3a67bb702644f1e1ef7bd16fe19b2d6161990538467d
GET /20220113/97EAE915EAD65689/97EAE915EAD65689.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 8078
Last-Modified: Tue, 06 Sep 2022 14:28:47 GMT
Connection: keep-alive
ETag: "6317591f-1f8e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96080e.gif
47.110.23.69200 OK 560 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96080e.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 560 kB (560502 bytes)
Hash fcbcc738fb6a5f8f5e56a56d72cb1289
510283d17b79cfbacb3061964810555dc3dc4314
f1d0c16cca2cae7a2e7b05b68d0dd21ed48c9fd56453a3892748b55d5991b27f
GET /xpj/xpj96080e.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/gif
Content-Length: 560502
Connection: keep-alive
x-oss-request-id: 63BA82FC6172673039250500
Accept-Ranges: bytes
ETag: "FCBCC738FB6A5F8F5E56A56D72CB1289"
Last-Modified: Mon, 19 Dec 2022 06:38:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18035721676580147221
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: /LzHOPtqX49eVqVtcssSiQ==
x-oss-server-time: 3
pic1.semaobf1.com/20220213/91718EF93C82387A/91718EF93C82387A.jpg
5.180.83.45200 OK 9.2 kB URL HTTP/1.1 pic1.semaobf1.com/20220213/91718EF93C82387A/91718EF93C82387A.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b878f1aec00247c12bbc2afb8e819eb0
fdb3b7a246a168b2be75d0722f2043d1ee796073
ea8029ada85478b36f2e5797e4a72994fa3764a8e2b934820624d7846a0f00fc
GET /20220213/91718EF93C82387A/91718EF93C82387A.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9168
Last-Modified: Tue, 06 Sep 2022 14:30:14 GMT
Connection: keep-alive
ETag: "63175976-23d0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2bdb70149ba79ebdb516d9851c26b232
cc084787114baf0b3e85553d5a2ba6fa77f57fb5
21071dd58f7e03ce5120748c1a4951d80b1f6e048cb02f8cf6e1f48c96301a71
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127216
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 08:46:53 GMT
Etag: "63b9d0ed-117"
Expires: Mon, 09 Jan 2023 20:07:09 GMT
Last-Modified: Sat, 07 Jan 2023 20:07:09 GMT
Server: nginx
Content-Length: 279
sycdn.comtucdncom.com/upload/vod/20210126-1/22b19e1801d1471e31913761818f0ec2.jpg
45.89.208.114200 OK 187 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20210126-1/22b19e1801d1471e31913761818f0ec2.jpg
IP 45.89.208.114:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:10:30 16:59:07], progressive, precision 8, 720x415, components 3\012- data
Size 187 kB (186571 bytes)
Hash 21a50ee50a6e2a6b63de29dbcdf43b81
9eb58cd61583367ee5e2448359930b06648f0c0f
5f0a890093faaf66250b221fe8f52806b8c840869b17846a9b6edebb0bc6d3e6
GET /upload/vod/20210126-1/22b19e1801d1471e31913761818f0ec2.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 186571
Last-Modified: Thu, 11 Aug 2022 05:05:22 GMT
Connection: keep-alive
ETag: "62f48e12-2d8cb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220305/565E52395433AEC1/565E52395433AEC1.jpg
5.180.83.52200 OK 9.1 kB URL HTTP/1.1 pt1.putaozy.info/20220305/565E52395433AEC1/565E52395433AEC1.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash a23d97407884d68e9ffc6873ce66ceb5
26135ae0fe7bc21900eb1e7d06c590c422174bb6
f486f073f1eeb06841e1fb8eceb827620bab18f9b7ebfb3462e8b5fb3661c2de
GET /20220305/565E52395433AEC1/565E52395433AEC1.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 9118
Last-Modified: Thu, 08 Sep 2022 08:13:22 GMT
Connection: keep-alive
ETag: "6319a422-239e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220413/CEF46FB062A66A44/CEF46FB062A66A44.jpg
5.180.83.52200 OK 12 kB URL HTTP/1.1 pt1.putaozy.info/20220413/CEF46FB062A66A44/CEF46FB062A66A44.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 9x8, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f63caccb9af39b8df18d80aba0940232
18837349dbfb481d18da4a5d2ce8899f9f6e88b3
1cd2a4843a0a9bed083539839066c1b964ddd50b34df3c2e6a8676faf26d8adb
GET /20220413/CEF46FB062A66A44/CEF46FB062A66A44.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 12509
Last-Modified: Thu, 08 Sep 2022 08:12:49 GMT
Connection: keep-alive
ETag: "6319a401-30dd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220305/F64D8CD7FA64FB88/F64D8CD7FA64FB88.jpg
5.180.83.52200 OK 5.9 kB URL HTTP/1.1 pt1.putaozy.info/20220305/F64D8CD7FA64FB88/F64D8CD7FA64FB88.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 94022187579008c754cca4a15b79ea7b
89b631eac05e713dbe29e130af7f4df23430ca98
da7bb92715ce6e78b7328dc8a91eb3e42b644b2672203b269d1f80b666437095
GET /20220305/F64D8CD7FA64FB88/F64D8CD7FA64FB88.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 5873
Last-Modified: Thu, 08 Sep 2022 08:09:04 GMT
Connection: keep-alive
ETag: "6319a320-16f1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220306/E586CF9B9CA58F79/E586CF9B9CA58F79.jpg
5.180.83.52200 OK 8.4 kB URL HTTP/1.1 pt1.putaozy.info/20220306/E586CF9B9CA58F79/E586CF9B9CA58F79.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d55d6222d43f9547e81d7bdffddb6877
ff16084bdac5d1bcb0e709f2a6d667c2e7976c9c
9e9777d7e980915932acfcf7ea9a6d6ba92a923df04e25b3eed0d34dc549342d
GET /20220306/E586CF9B9CA58F79/E586CF9B9CA58F79.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 8354
Last-Modified: Thu, 08 Sep 2022 08:16:27 GMT
Connection: keep-alive
ETag: "6319a4db-20a2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220309/D760A59241874F0F/D760A59241874F0F.jpg
5.180.83.52200 OK 12 kB URL HTTP/1.1 pt1.putaozy.info/20220309/D760A59241874F0F/D760A59241874F0F.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3f6a93a815b5ade10f6d6a5ea4cbd5f1
43512c132fb20acaf2ad448465d7ec86d159f298
348dc14aedcc3ff89ad66c9637debb8558e1e789ca2e8d9b8d861b2e281420d0
GET /20220309/D760A59241874F0F/D760A59241874F0F.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 11934
Last-Modified: Thu, 08 Sep 2022 08:13:17 GMT
Connection: keep-alive
ETag: "6319a41d-2e9e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220113/633BC7D0C950D038/633BC7D0C950D038.jpg
5.180.83.45200 OK 13 kB URL HTTP/1.1 pic1.semaobf1.com/20220113/633BC7D0C950D038/633BC7D0C950D038.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bfc7ae55520b082634aebc16077382fe
cae04790294cf4082cf6be0a2845bb0c484aaf85
b91aa8cf9e97ff10ab41cc72de566065e015fddabec5bc00ff1026c9dcb43c32
GET /20220113/633BC7D0C950D038/633BC7D0C950D038.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 13222
Last-Modified: Tue, 06 Sep 2022 14:29:10 GMT
Connection: keep-alive
ETag: "63175936-33a6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220511/852E863D2C15E537/852E863D2C15E537.jpg
5.180.83.52200 OK 17 kB URL HTTP/1.1 pt1.putaozy.info/20220511/852E863D2C15E537/852E863D2C15E537.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 27x64, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b564b2bc5c750fcf80e82f01d3446d9d
0cdbd932cf72f6a22c81d66a1789345512810a62
12f00586d54850f11265479587db891fd5d5473a2dddd04f6cd1d419a7370ed5
GET /20220511/852E863D2C15E537/852E863D2C15E537.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 16721
Last-Modified: Thu, 08 Sep 2022 08:13:46 GMT
Connection: keep-alive
ETag: "6319a43a-4151"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220519/81CFB4DA921421DE/81CFB4DA921421DE.jpg
5.180.83.45200 OK 9.9 kB URL HTTP/1.1 pic1.semaobf1.com/20220519/81CFB4DA921421DE/81CFB4DA921421DE.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fc8cc00dd8c57e485dcbf1ddadc65fa9
78085f3f1cad684fd9719055ac7d203ba18def80
3480687b4a2122d13f63e1a803ddbcfdf93bce5eb79637741dfd42e7b90e3c5e
GET /20220519/81CFB4DA921421DE/81CFB4DA921421DE.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9864
Last-Modified: Tue, 06 Sep 2022 14:28:13 GMT
Connection: keep-alive
ETag: "631758fd-2688"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20211023/1386621DCA8D5427/1386621DCA8D5427.jpg
5.180.83.45200 OK 8.2 kB URL HTTP/1.1 pic1.semaobf1.com/20211023/1386621DCA8D5427/1386621DCA8D5427.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8b8772c3a774978168d8957b4cc0ee10
276fecea0772f3a99ef4454f37467f7fd35c7626
289973c02cf065efe2d6b16224352203a8e36ec0b7c36f19990ffcd985f7dcba
GET /20211023/1386621DCA8D5427/1386621DCA8D5427.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 8230
Last-Modified: Tue, 06 Sep 2022 14:29:06 GMT
Connection: keep-alive
ETag: "63175932-2026"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220208/821B11BB3F15ADBD/821B11BB3F15ADBD.jpg
5.180.83.45200 OK 9.2 kB URL HTTP/1.1 pic1.semaobf1.com/20220208/821B11BB3F15ADBD/821B11BB3F15ADBD.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 27x64, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c0ec184f7ccf2aac472e6854f27a1f7a
20acf4eba0e1fd6ab36921a034316524d2ce1288
380f699c62509ed8fa5e94ffd04f60cd1a3172467dfe729082f2a5ab4cc29fb8
GET /20220208/821B11BB3F15ADBD/821B11BB3F15ADBD.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9164
Last-Modified: Tue, 06 Sep 2022 14:28:07 GMT
Connection: keep-alive
ETag: "631758f7-23cc"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/upload/vod/20201107-1/d227cd82aaea55e2d579177977791241.jpg
45.89.208.114200 OK 33 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20201107-1/d227cd82aaea55e2d579177977791241.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data
Hash df9973decc980d5e7f6d3d85c0231bf7
f1be906ae6146f82746879266896a37db7436f7d
e53aa5339303f185a3b24a0d933035b885784c97dd4b88f309a16fe07253898f
GET /upload/vod/20201107-1/d227cd82aaea55e2d579177977791241.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 32884
Last-Modified: Thu, 11 Aug 2022 04:55:13 GMT
Connection: keep-alive
ETag: "62f48bb1-8074"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
de88deggtp89.com/235tp/%E5%A4%9C%E5%A4%9C%E5%97%A8%E8%A7%86%E9%A2%91.gif
23.224.145.236200 OK 76 kB URL HTTP/2 de88deggtp89.com/235tp/%E5%A4%9C%E5%A4%9C%E5%97%A8%E8%A7%86%E9%A2%91.gif
IP 23.224.145.236:0
File type GIF image data, version 89a, 175 x 250\012- data
Hash 83e5595eeda0e76702d51631a449e6cb
6df9e78003bf5c8e2610f9b988999817f26b0706
74b1a1a1175139ae022c7c086b2e8702f42364ccac23395ecc58e52bcd3a3d3d
GET /235tp/%E5%A4%9C%E5%A4%9C%E5%97%A8%E8%A7%86%E9%A2%91.gif HTTP/1.1
Host: de88deggtp89.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 08:46:53 GMT
content-type: image/gif
content-length: 75949
last-modified: Thu, 17 Nov 2022 02:41:36 GMT
etag: "63759f60-128ad"
expires: Fri, 03 Feb 2023 22:41:58 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
sycdn.comtucdncom.com/dderwmzw-pic/image_20190311130538864635.jpg
45.89.208.114200 OK 56 kB URL HTTP/1.1 sycdn.comtucdncom.com/dderwmzw-pic/image_20190311130538864635.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash b23682dff0879611afbc6750c3b5f960
6277f293b60be56ffa4d27b17d3f61c98ef11313
12150c8cc0b07a37351bf62b877c8d803a4762a48d3ba843916fa68909db3771
GET /dderwmzw-pic/image_20190311130538864635.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 55838
Last-Modified: Thu, 11 Aug 2022 05:03:28 GMT
Connection: keep-alive
ETag: "62f48da0-da1e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/20210829-1/c0bd640982ee23f1d6a6ffe3969c81d0.jpg
45.89.209.74200 OK 71 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210829-1/c0bd640982ee23f1d6a6ffe3969c81d0.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 795x530, components 3\012- data
Hash 96e0d99098e01ad9da22773dfe37b280
51c68262ff40e3e4093746aa1bbc56bf49fa53ed
8e0012a8c20964b8a9cf9f7e31bdbfc34880b1fbc2117eca2544e9e2977e1c8a
GET /upload/vod/20210829-1/c0bd640982ee23f1d6a6ffe3969c81d0.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 70599
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 16:51:09 GMT
ETag: "620d2b7d-113c7"
Expires: Tue, 07 Feb 2023 08:46:53 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
pic1.semaobf1.com/20220502/2980C620183D96F8/2980C620183D96F8.jpg
5.180.83.45404 Not Found 146 B URL HTTP/1.1 pic1.semaobf1.com/20220502/2980C620183D96F8/2980C620183D96F8.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /20220502/2980C620183D96F8/2980C620183D96F8.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
pic1.semaobf1.com/20220329/6CB1FF32A6B7E4E5/6CB1FF32A6B7E4E5.jpg
5.180.83.45200 OK 9.0 kB URL HTTP/1.1 pic1.semaobf1.com/20220329/6CB1FF32A6B7E4E5/6CB1FF32A6B7E4E5.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 554624b1c2bdfe59ad37d60fc7fb38dd
546040541fdb38193dd915378894826582ec3d17
3015ca39685173721ef78c13b0baf4a09076bb7111f4a9fd994efa4478ac94a4
GET /20220329/6CB1FF32A6B7E4E5/6CB1FF32A6B7E4E5.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9004
Last-Modified: Tue, 06 Sep 2022 14:29:06 GMT
Connection: keep-alive
ETag: "63175932-232c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
121.226.246.3200 OK 894 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 08:46:52 GMT
content-type: image/gif
content-length: 893726
cache-control: max-age=15552000
expires: Tue, 04 Jul 2023 05:33:33 GMT
last-modified: Fri, 25 Nov 2022 14:40:05 GMT
age: 270799
via: http/1.1 ORI-CLOUD-HUZ-MIX-29 (jcs [cRs f ]), http/1.1 SQ-CT-1-MIX-18 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672896813609-0-0-15-93-93;200;200-1672915104168-0-0-0-1-1;200-1673167612546-0-0-0-1-1
X-Firefox-Spdy: h2
sycdn.comtucdncom.com/upload/vod/20200724-1/e0020205eb7626f581f1f87094b8d25c.jpg
45.89.208.114200 OK 56 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20200724-1/e0020205eb7626f581f1f87094b8d25c.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 761x512, components 3\012- data
Hash 55ccca617ad41511bbacbee812d69fdd
ac84b6b436634b0f4af24c31290fc09b768d66c9
e6138d766338456475afac5a00d6c4c8af651b2e4746217264cb73d07cd01cd0
GET /upload/vod/20200724-1/e0020205eb7626f581f1f87094b8d25c.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 56516
Last-Modified: Thu, 11 Aug 2022 04:58:39 GMT
Connection: keep-alive
ETag: "62f48c7f-dcc4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/dderwmzw-pic/image_20180510022730724571.jpg
45.89.208.114200 OK 64 kB URL HTTP/1.1 sycdn.comtucdncom.com/dderwmzw-pic/image_20180510022730724571.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 735c9eacc80cfe8237ee3297350ae789
675dae369d82804672728b0dc335de0f95508fdb
8f9db9301d1b8d2d9e07c073c6b5fa95c4372eaeb297b3edfcf16579698b343d
GET /dderwmzw-pic/image_20180510022730724571.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 64034
Last-Modified: Thu, 11 Aug 2022 05:00:50 GMT
Connection: keep-alive
ETag: "62f48d02-fa22"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/kpd-pic/1BgUvZLJ.jpg
45.89.208.114200 OK 24 kB URL HTTP/1.1 sycdn.comtucdncom.com/kpd-pic/1BgUvZLJ.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 515x326, components 3\012- data
Hash 7743c68d38f958e6c101bd9c648e0ee1
726bfbed4324e061978624be12690b082874be53
8d6bc97185508d84320cba86e6bd067c986cd78e830fa215fc2b890e34ad2d30
GET /kpd-pic/1BgUvZLJ.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 23919
Last-Modified: Thu, 11 Aug 2022 05:02:33 GMT
Connection: keep-alive
ETag: "62f48d69-5d6f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/upload/vod/20210301-1/c54d72db61b71723c6f2493534874701.jpg
45.89.208.114200 OK 57 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20210301-1/c54d72db61b71723c6f2493534874701.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 795x458, components 3\012- data
Hash 8640e7ddb7205979fe391d93446278bf
a009b817bba0511bb8675993470d7693cd17ff11
aafbda04e2635b327c8871ef48010485d5b9ecebd4a43efd3ebecf7315f137ae
GET /upload/vod/20210301-1/c54d72db61b71723c6f2493534874701.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 57173
Last-Modified: Thu, 11 Aug 2022 04:56:54 GMT
Connection: keep-alive
ETag: "62f48c16-df55"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pt1.putaozy.info/20220429/433F181F6775F91D/433F181F6775F91D.jpg
5.180.83.52200 OK 11 kB URL HTTP/1.1 pt1.putaozy.info/20220429/433F181F6775F91D/433F181F6775F91D.jpg
IP 5.180.83.52:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6bb471e467741bf5faa52624710c98c0
a7c953a740c8a3a5382244696f4533f9bb65c87b
b3c175b9458f8626e6e75f0b682cde955fbfae38ac4ae2115d5bd2f2c46ce4d3
GET /20220429/433F181F6775F91D/433F181F6775F91D.jpg HTTP/1.1
Host: pt1.putaozy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 10700
Last-Modified: Thu, 08 Sep 2022 08:15:33 GMT
Connection: keep-alive
ETag: "6319a4a5-29cc"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220210/5FB83CE9842D8336/5FB83CE9842D8336.jpg
5.180.83.45200 OK 9.4 kB URL HTTP/1.1 pic1.semaobf1.com/20220210/5FB83CE9842D8336/5FB83CE9842D8336.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4a17fb377e1561f93ee7cb82a07ead5d
364993719a460c5fb81a85a3fd373a7498327100
f3a3d1be72726fe1c171b12b790cd0239b23acfe2036ef79ae307ffc1a12bde4
GET /20220210/5FB83CE9842D8336/5FB83CE9842D8336.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 9417
Last-Modified: Tue, 06 Sep 2022 14:28:41 GMT
Connection: keep-alive
ETag: "63175919-24c9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220227/E1A81FCAD8B83A22/E1A81FCAD8B83A22.jpg
5.180.83.45200 OK 8.1 kB URL HTTP/1.1 pic1.semaobf1.com/20220227/E1A81FCAD8B83A22/E1A81FCAD8B83A22.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bdc05534a01dc7d998971b2a612e9de7
9408b3472c56c8d27d01b7deb4ad3e9dfee986de
30aa081c40e792f083672d4bf76e4af3dcfa57bc2948505fa779e7a18fe50582
GET /20220227/E1A81FCAD8B83A22/E1A81FCAD8B83A22.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/jpeg
Content-Length: 8148
Last-Modified: Tue, 06 Sep 2022 14:29:11 GMT
Connection: keep-alive
ETag: "63175937-1fd4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/pic/20200217bentu-gc/G8TbTn8g.jpg
45.89.208.114200 OK 10 kB URL HTTP/1.1 sycdn.comtucdncom.com/pic/20200217bentu-gc/G8TbTn8g.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash dcf7601399e4482f0498781ddafd9867
62d45470929a5af453a25d4f579dcb688e1e11de
e9ed71a9a00e6b836e520a8a10a651d0ce9fddc467ca1506c1870b19e9442c25
GET /pic/20200217bentu-gc/G8TbTn8g.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 10395
Last-Modified: Thu, 11 Aug 2022 05:01:55 GMT
Connection: keep-alive
ETag: "62f48d43-289b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20220424/5ED9A46343607686/5ED9A46343607686.jpg
5.180.83.45404 Not Found 146 B URL HTTP/1.1 pic1.semaobf1.com/20220424/5ED9A46343607686/5ED9A46343607686.jpg
IP 5.180.83.45:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /20220424/5ED9A46343607686/5ED9A46343607686.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
fmlb.netlbtu.com/images/2021/9/7/heyzo3120.jpg
45.89.209.74200 OK 135 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/9/7/heyzo3120.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, progressive, precision 8, 960x540, components 3\012- data
Size 135 kB (134631 bytes)
Hash ad84bd31d9d51486ba8b49f21a5b92b6
44aaca228136bc81a4d606df51e9806a49873f59
7e8fd1747f6f41f5084c8edecbc24d12f09810648ddcc70c42ae3215e5c70be4
GET /images/2021/9/7/heyzo3120.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ahruntang.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 134631
Last-Modified: Fri, 25 Nov 2022 12:39:31 GMT
Connection: keep-alive
ETag: "6380b783-20de7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
de88deggtp89.com/100tp/120-170.gif
23.224.145.236200 OK 92 kB URL HTTP/2 de88deggtp89.com/100tp/120-170.gif
IP 23.224.145.236:0
File type GIF image data, version 89a, 120 x 170\012- data
Hash 47e5bb3ce57ef32da992fd4ee5b58c6a
88b2d56e6572ef2544f7719c63181c2af578a79b
9b431eb99c84942feafc123174b5d42e8dc27bb594b2260b4165e5ec186d49ee
GET /100tp/120-170.gif HTTP/1.1
Host: de88deggtp89.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 08:46:53 GMT
content-type: image/gif
content-length: 91977
last-modified: Thu, 29 Dec 2022 10:42:19 GMT
etag: "63ad6f0b-16749"
expires: Sat, 28 Jan 2023 10:54:03 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ljcdn.comtucdncom.com/upload/vod/20200909-1/5d1e961b291cc4672a280a4ab3d48c6f.jpg
45.89.209.74200 OK 216 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20200909-1/5d1e961b291cc4672a280a4ab3d48c6f.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x540, components 3\012- data
Size 216 kB (215815 bytes)
Hash 03088f3ef5bd6afc98c2e9acc300f5b7
c55a0474cd1ffc71bf3176fd9878b80db5980a93
d0c00ecfef9fd1a0443e49873ec2afc111c3cc7d6144d42dd68ceba99cac08e8
GET /upload/vod/20200909-1/5d1e961b291cc4672a280a4ab3d48c6f.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 215815
Connection: keep-alive
Last-Modified: Wed, 09 Sep 2020 04:15:48 GMT
ETag: "5f5856f4-34b07"
Expires: Tue, 07 Feb 2023 08:40:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
sycdn.comtucdncom.com/papa-PIC/avid595df57a28b5e.jpg
45.89.208.114200 OK 30 kB URL HTTP/1.1 sycdn.comtucdncom.com/papa-PIC/avid595df57a28b5e.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 1026x576, components 3\012- data
Hash 08cf2373c43fd57f38e23ace544afadd
3f779d85486315a7d49fee795115cc686b418df9
a44608153d426215f92cafb1c9dae9f4bd8fd00e8a02e6816bdaf9ddd03a33d6
GET /papa-PIC/avid595df57a28b5e.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:53 GMT
Content-Type: image/jpeg
Content-Length: 29984
Last-Modified: Thu, 11 Aug 2022 04:53:15 GMT
Connection: keep-alive
ETag: "62f48b3b-7520"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2022/01/19/hey5303.jpg
45.89.209.74200 OK 135 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2022/01/19/hey5303.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 820x462, components 3\012- data
Size 135 kB (134828 bytes)
Hash 7ec25e0f083e5b7ab579d4438995a4d4
561adc8444ec339860be25dffe6f410d189f0e81
d0a580a7a8bc4d32c042f6ede57e162bb2cfdc21c284fa23b43cdd6f50679a00
GET /images/2022/01/19/hey5303.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ahruntang.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 134828
Last-Modified: Fri, 25 Nov 2022 12:43:07 GMT
Connection: keep-alive
ETag: "6380b85b-20eac"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.23.69200 OK 432 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 432 kB (432195 bytes)
Hash 66560dc1fbaeb67885a45dd7dc5831e1
38584ed6146b3cd7f220a7cf5db732f462cf1474
5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/gif
Content-Length: 432195
Connection: keep-alive
x-oss-request-id: 63BA82FC7CF84235326BFF90
Accept-Ranges: bytes
ETag: "66560DC1FBAEB67885A45DD7DC5831E1"
Last-Modified: Sun, 06 Nov 2022 07:48:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15586424114477953781
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q==
x-oss-server-time: 2
ddcdn.comtucdncom.com/upload/vod/20220203-1/dcd2deee8703e5c79bcfb41a7a88e4d9.jpg
45.89.209.74200 OK 476 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20220203-1/dcd2deee8703e5c79bcfb41a7a88e4d9.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=120, yresolution=120], baseline, precision 8, 1280x720, components 3\012- data
Size 476 kB (476392 bytes)
Hash 7ffbf9113c213988914450df4f65a179
a70c356842c2f2ba4abae2c9cb34a5421dcae5ea
43c8f96da9d5209315af886825f93f18e5c13bd7089272c823a71764294b1940
GET /upload/vod/20220203-1/dcd2deee8703e5c79bcfb41a7a88e4d9.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 476392
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 16:41:56 GMT
ETag: "620d2954-744e8"
Expires: Tue, 07 Feb 2023 08:46:53 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
sycdn.comtucdncom.com/uptu/20220601/i4IvoZMb/1.jpg
45.89.208.114200 OK 8.8 kB URL HTTP/1.1 sycdn.comtucdncom.com/uptu/20220601/i4IvoZMb/1.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 7x9, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 82a2f144bb7188cbf33c135b6b0dc651
8815c1f2e71b1facdd69a478abb5da0fa8a91075
28b8c83fbfdc968d3f68ea98a588ef010b0ba79b3533ce834bcd7fc5e5bf67e3
GET /uptu/20220601/i4IvoZMb/1.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 8805
Last-Modified: Thu, 11 Aug 2022 04:57:57 GMT
Connection: keep-alive
ETag: "62f48c55-2265"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/18SEAV-PIC/41009.jpg
45.89.208.114200 OK 17 kB URL HTTP/1.1 sycdn.comtucdncom.com/18SEAV-PIC/41009.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 400x224, components 3\012- data
Hash 86b6bb408e26a79f7ad8f0339316b4b4
d81dc667a469598ca6fda6c5d536077ac500862f
01a77776079ca92740fe11df3cf7ae759b3b8b544c46d4196530a66b1b036972
GET /18SEAV-PIC/41009.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 17323
Last-Modified: Thu, 11 Aug 2022 04:53:02 GMT
Connection: keep-alive
ETag: "62f48b2e-43ab"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/upload/vod/20200806-1/ad2583785f53e804b4b8759a441d7251.jpg
45.89.208.114200 OK 52 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20200806-1/ad2583785f53e804b4b8759a441d7251.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 761x512, components 3\012- data
Hash 453415f618594776815077ab2c8d2eeb
41a1f3ef2c47adecca3f69b8f7c0b5af743de1b4
30b6227f5077a2e6a5a576897ada3c01e189e33001f08bd34ff74849ba733b26
GET /upload/vod/20200806-1/ad2583785f53e804b4b8759a441d7251.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 52462
Last-Modified: Thu, 11 Aug 2022 04:57:19 GMT
Connection: keep-alive
ETag: "62f48c2f-ccee"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/papa-PIC/avid5c2d8c63da36.jpg
45.89.208.114200 OK 60 kB URL HTTP/1.1 sycdn.comtucdncom.com/papa-PIC/avid5c2d8c63da36.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 795x458, components 3\012- data
Hash 470b5855a7999aa56216888fea1cf75e
245af27966d32bda349d9c180a07f2a8576317f6
f826c6913de9b2d784a4b893facd4c35d3b1ada12e9246b4cdf8f8b1ab287df9
GET /papa-PIC/avid5c2d8c63da36.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 60109
Last-Modified: Thu, 11 Aug 2022 04:54:45 GMT
Connection: keep-alive
ETag: "62f48b95-eacd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/20220129-1/a4b31d8507642b4c8653712ff4b728f9.jpg
45.89.209.74200 OK 849 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20220129-1/a4b31d8507642b4c8653712ff4b728f9.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=72, yresolution=72], baseline, precision 8, 1280x720, components 3\012- data
Size 849 kB (848993 bytes)
Hash 7f924580a91d7eae2d724d19d772321c
706bf238482b47043ea05ec0991ed6920afe2d68
23e423966b25f4849b61c05733311e3058746fb2056156ba7be1e587a2df4875
GET /upload/vod/20220129-1/a4b31d8507642b4c8653712ff4b728f9.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 848993
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 16:42:11 GMT
ETag: "620d2963-cf461"
Expires: Tue, 07 Feb 2023 08:46:53 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
xinchacha2dv.ocsp-certum.com/
95.101.10.193200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash caf4a2178748048a68663c5495c5865a
036108a373ce9a258446280858d33d3803234919
94fed5b178b07d92441f35e141df3e67b6e4f6a2c2c45590b39aaffc46f89c41
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=470
Date: Sun, 08 Jan 2023 08:46:54 GMT
Connection: keep-alive
X-N: S
kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
121.226.246.3200 OK 1.4 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.4 MB (1411145 bytes)
Hash 3e2a08c45f216f23995e08dc45ed0e86
c9390027ee4885cb509d8b2ad37d6daa9698631e
ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f
GET /ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 08:46:52 GMT
content-type: image/gif
content-length: 1411145
cache-control: max-age=15552000
expires: Sun, 02 Jul 2023 11:46:08 GMT
last-modified: Sat, 26 Nov 2022 04:47:42 GMT
age: 421245
via: http/1.1 ORI-CLOUD-HUZ-MIX-15 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-18 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672746368071-0-0-1-160-160;200;200-1672990090599-0-0-0-4-4;200-1673167612596-0-0-0-1-1
X-Firefox-Spdy: h2
kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X60.gif
47.75.19.247200 OK 254 kB URL HTTP/1.1 kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X60.gif
IP 47.75.19.247:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /960X60.gif HTTP/1.1
Host: kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 08 Jan 2023 08:46:52 GMT
Content-Type: image/gif
Content-Length: 253519
Connection: keep-alive
x-oss-request-id: 63BA82FCDA8A7938356BD514
Accept-Ranges: bytes
ETag: "F744E995971941B6A95FCD2636F5A545"
Last-Modified: Tue, 29 Nov 2022 08:27:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 1
sycdn.comtucdncom.com/papaduanpian-img/3c2Bz0it.jpg
45.89.208.114200 OK 24 kB URL HTTP/1.1 sycdn.comtucdncom.com/papaduanpian-img/3c2Bz0it.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 1024x576, components 3\012- data
Hash 8823ef36594ab1a7909a5a607d99dd50
97f509e99994fcaf472122b8fb224ea57e60c685
2ad5a1446272082600ec1861800c570e9bcb8aa6551a4b4b0bffadabb21b6672
GET /papaduanpian-img/3c2Bz0it.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 23687
Last-Modified: Thu, 11 Aug 2022 05:11:13 GMT
Connection: keep-alive
ETag: "62f48f71-5c87"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/images/2022/03/16/zhubo186962.jpg
45.89.208.114200 OK 54 kB URL HTTP/1.1 sycdn.comtucdncom.com/images/2022/03/16/zhubo186962.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.16.100", baseline, precision 8, 405x720, components 3\012- data
Hash 4b45df3af0fcfcc27e186115c8326814
37aa92ec978e9ea0f49bdec2a8d4d81351e057c5
b7fe7663c935bfe32ad352175b95c903cc7432774570e6f9c4f3dac8f8b5a511
GET /images/2022/03/16/zhubo186962.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 54372
Last-Modified: Thu, 11 Aug 2022 04:57:48 GMT
Connection: keep-alive
ETag: "62f48c4c-d464"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/20210824-1/852a5558adfe6d54c150858f671cfec8.jpg
45.89.209.74200 OK 343 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210824-1/852a5558adfe6d54c150858f671cfec8.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=120, yresolution=120], baseline, precision 8, 1280x720, components 3\012- data
Size 343 kB (342990 bytes)
Hash 18bf44354f3d08609f27ba9846102e05
c3cb3cbac7961e4c0e995d4bddf20fcf4291726e
be3f52aecd33e40a29866b91ac81b653b304cdded24995db3ce66d019f950aba
GET /upload/vod/20210824-1/852a5558adfe6d54c150858f671cfec8.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 342990
Last-Modified: Sun, 04 Dec 2022 11:08:16 GMT
Connection: keep-alive
ETag: "638c7fa0-53bce"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
121.226.246.3200 OK 1.2 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 08:46:52 GMT
content-type: image/gif
content-length: 1197751
cache-control: max-age=15552000
expires: Wed, 05 Jul 2023 10:10:14 GMT
last-modified: Fri, 25 Nov 2022 14:36:03 GMT
age: 167799
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-18 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672999813961-0-0-14-239-239;200;200-1673048079428-0-0-0-8-8;200-1673167612573-0-0-0-1-1
X-Firefox-Spdy: h2
sycdn.comtucdncom.com/upload/vod/20201228-1/95e0307d7e91adf04550b8174218bc0b.jpg
45.89.208.114200 OK 115 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20201228-1/95e0307d7e91adf04550b8174218bc0b.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 980x550, components 3\012- data
Size 115 kB (114569 bytes)
Hash 0db99f97c173a7243f8b7e23899c0703
bb239c4c53a0a5ab4dee9555a59d0b87d7671fa0
d4e0ff41bb104ebbcba73bc313cb8d6ac0d6e44cb39e7328f29c7f1d801d47df
GET /upload/vod/20201228-1/95e0307d7e91adf04550b8174218bc0b.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 114569
Last-Modified: Thu, 11 Aug 2022 05:08:46 GMT
Connection: keep-alive
ETag: "62f48ede-1bf89"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sycdn.comtucdncom.com/upload/vod/20210830-1/0571b9e8414866bef0903c407ff61c8f.jpg
45.89.208.114200 OK 170 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20210830-1/0571b9e8414866bef0903c407ff61c8f.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 170 kB (169768 bytes)
Hash ad283c2adcf134b180ca400e8622792a
6b1afb40b552cec2bf373e76b609ac9742360333
ff1ff1215e93a70d01ea1c808447b5fb1a12c36d15a7152d5a9b58d30c8521b0
GET /upload/vod/20210830-1/0571b9e8414866bef0903c407ff61c8f.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 169768
Last-Modified: Thu, 11 Aug 2022 04:55:52 GMT
Connection: keep-alive
ETag: "62f48bd8-29728"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
tpcdnde88de.com/79tp/960x60-2.gif
23.224.145.235200 OK 322 kB URL HTTP/2 tpcdnde88de.com/79tp/960x60-2.gif
IP 23.224.145.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 322 kB (322376 bytes)
Hash c41a909fa1e62a4ebc583626a93c05c1
10adfd5b6d78d04cc93c76b14a29fc93ce4f2708
b60310fa346cdc56ed271a244d9c4f1e137e0fd46571802f25c0c8e09131aa4e
GET /79tp/960x60-2.gif HTTP/1.1
Host: tpcdnde88de.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 08:46:53 GMT
content-type: image/gif
content-length: 322376
last-modified: Sat, 25 Jun 2022 12:15:37 GMT
etag: "62b6fc69-4eb48"
expires: Sun, 05 Feb 2023 03:48:34 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
sycdn.comtucdncom.com/upload/vod/20201126-1/bc474c68f13d5a41f72a393d44569ca9.jpg
45.89.208.114200 OK 551 kB URL HTTP/1.1 sycdn.comtucdncom.com/upload/vod/20201126-1/bc474c68f13d5a41f72a393d44569ca9.jpg
IP 45.89.208.114:0
File type PNG image data, 800 x 539, 8-bit/color RGBA, non-interlaced\012- data
Size 551 kB (550634 bytes)
Hash f2d67013287f78ef91ca781e12eaff69
3df6fead64a9fcf7685660d25ffd9ad6393a6578
9a33805626d056ef72fa25084f45b82e68a55536b9c88e93b71a573dbad4cd89
GET /upload/vod/20201126-1/bc474c68f13d5a41f72a393d44569ca9.jpg HTTP/1.1
Host: sycdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/jpeg
Content-Length: 550634
Last-Modified: Thu, 11 Aug 2022 05:01:04 GMT
Connection: keep-alive
ETag: "62f48d10-866ea"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/20210829-1/627f5b7d3bbe9149897ab58b9c36a22d.jpg
45.89.209.74200 OK 699 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210829-1/627f5b7d3bbe9149897ab58b9c36a22d.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=120, yresolution=120], baseline, precision 8, 1280x720, components 3\012- data
Size 699 kB (698862 bytes)
Hash c0d894671e7c5a38c1562a484a56a715
350a229f49ddd9f9a0ec9d221894848d0eca8106
1e8ede8b209fcf88fd7c8e14ea802328ea99db62003b87d3b66065dcf2e00991
GET /upload/vod/20210829-1/627f5b7d3bbe9149897ab58b9c36a22d.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 08 Jan 2023 16:45:42 GMT
Content-Type: image/jpeg
Content-Length: 698862
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 16:51:08 GMT
ETag: "620d2b7c-aa9ee"
Expires: Tue, 07 Feb 2023 08:46:53 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
tpcdnde88de.com/235tp/960x60.gif
23.224.145.235200 OK 590 kB URL HTTP/2 tpcdnde88de.com/235tp/960x60.gif
IP 23.224.145.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 590 kB (590255 bytes)
Hash d9d8d54236add0a03997175e250e51ef
b65ebc88346d3a308dbf4791ade0637330df8895
81954cd3768276219bbf7aca8ce82881fbda51a1721ef78d559cdd7772800571
GET /235tp/960x60.gif HTTP/1.1
Host: tpcdnde88de.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 08:46:53 GMT
content-type: image/gif
content-length: 590255
last-modified: Wed, 15 Jun 2022 13:02:58 GMT
etag: "62a9d882-901af"
expires: Sun, 05 Feb 2023 03:59:43 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
113.1.0.117200 OK 400 kB URL HTTP/1.1 gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
IP 113.1.0.117:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (399450 bytes)
Hash 4e1e4b8f46ac2e67539d5881785ba29a
7d3c9c963087ffc8c196cb7e67629342027a8a45
4c9cc489a2e26500ace73c53ce05bdfa52876a8700b7e9e73c1554187acefb0d
GET /ky960x60.gif HTTP/1.1
Host: gtm-cn-j6730u6sd0b.gtm-a3b8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 29 Dec 2022 12:09:17 GMT
Etag: "4e1e4b8f46ac2e67539d5881785ba29a"
Content-Type: image/gif
Date: Thu, 29 Dec 2022 12:22:00 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 10945751995987991778
x-cos-request-id: NjNhZDg2NjhfNGU1MGI3MDlfMTg0MzRfMWY2YWRhOA==
Content-Length: 399450
Accept-Ranges: bytes
X-NWS-LOG-UUID: 2267389625483280646
Connection: keep-alive
X-Cache-Lookup: Cache Hit
img.9617x.com/images/636b356914dd2ea30a790fe8.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.9617x.com/images/636b356914dd2ea30a790fe8.gif
IP 38.54.81.125:0
GET /images/636b356914dd2ea30a790fe8.gif HTTP/1.1
Host: img.9617x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b1f4270216704c0f8cc43a10401d2f97
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
120.52.95.237200 OK 0 B URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
IP 120.52.95.237:0
ASN #133119 China Unicom IP network
GET /bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 08:46:54 GMT
Content-Type: image/gif
Content-Length: 1082384
Connection: keep-alive
Server: openresty
Age: 1562823
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "a2513b4510f6797c4cbe4012fc79c64c"
Last-Modified: Wed, 21 Dec 2022 06:06:41 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE23[3],CHN-HElangfang-AREACUCC1-CACHE30[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE54[16],CHN-TJ-GLOBAL1-CACHE30[0,TCP_HIT,13]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFhv2Sr1BDL3xCdwQqA6DE4Gw8YvJHp
x-amz-request-id: 00000185334A8E1F900DAF7A4A1D6950
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
img.1134555.com/images/63a7da80b5bef8e4e6408476.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.1134555.com/images/63a7da80b5bef8e4e6408476.gif
IP 38.54.81.125:0
GET /images/63a7da80b5bef8e4e6408476.gif HTTP/1.1
Host: img.1134555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
X-Firefox-Spdy: h2
img.u1669.com/images/63523ea35fe50f0585d3ef84.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.u1669.com/images/63523ea35fe50f0585d3ef84.gif
IP 38.54.81.125:0
GET /images/63523ea35fe50f0585d3ef84.gif HTTP/1.1
Host: img.u1669.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ahruntang.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
X-Firefox-Spdy: h2