r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Tue, 10 Jan 2023 00:01:38 GMT
Date: Mon, 09 Jan 2023 23:03:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6573
Expires: Tue, 10 Jan 2023 00:52:46 GMT
Date: Mon, 09 Jan 2023 23:03:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 22:41:42 GMT
content-type: application/json
age: 1291
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6746
Expires: Tue, 10 Jan 2023 00:55:39 GMT
Date: Mon, 09 Jan 2023 23:03:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VlP2WCS6H72ZL/E8N0U4jqWdYf0uojKm30ALdzj5B9Yc5JjSozfbBGyFiS/A07rBnuuRQqhlClE=
x-amz-request-id: AZF2X684T2ZQD54Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 23:01:25 GMT
age: 108
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aibjcc.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: aibjcc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 09 Jan 2023 23:03:13 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.aibjcc.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 22:17:22 GMT
age: 2751
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e8e0c910ffff02061a1806b1aa8cf9d2
c5bf0e7ad96e89b17a657fcb1e1cd1aa6d15ab89
896f08fa0030a1313df1f05ef47c5d1f11caa9094380fc026b95193164005448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5342
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:14 GMT
Last-Modified: Mon, 09 Jan 2023 21:34:12 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.aibjcc.com/index.php
200 OK 807 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 8025541a3bdd7733a288fabdab196695
d51b7ab27e7cf5ac9d2329ad2e02d3fb65a48643
d1e21edfad1e0eda8b96eb0edd7c08c89ce3ec114f0a7038be8ebdcfb8d93219
GET /index.php HTTP/1.1
Host: www.aibjcc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 23:03:14 GMT
Content-Type: text/html
Content-Length: 807
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lbi9NxnlL9GKW5NmP55k0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /IADGPAV33D3JCHiw41QzvACMEs=
www.aibjcc.com/common.js
200 OK 757 B IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash ae4f9ffe7a2eeb4f281eec7788eba03b
09d7e9e07ddb8f412b4e904bbfd609edef5353bf
8bce791cc2ad839158815f6e0a8a1073de39f96f4e6c2135e13736cd5f620aca
GET /common.js HTTP/1.1
Host: www.aibjcc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aibjcc.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 23:03:14 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.aibjcc.com/tj.js
200 OK 520 B IP
File type ASCII text, with CRLF line terminators
Hash b09eda1de0bda4159ba466ab38a8ee53
4cf71011595fe4fe7df81b6d10d96510ed437c8f
8c68110a07d05c8eaf0bb2e1e9a5782b23140f23165daf68f32cfed131eb4016
GET /tj.js HTTP/1.1
Host: www.aibjcc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aibjcc.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 23:03:14 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.aibjcc.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.aibjcc.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.aibjcc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aibjcc.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 23:03:14 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 14 Jan 2023 23:03:14 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
baidu.hnmaccms.xyz/news/index.php
200 OK 48 B URL HTTP/1.1 baidu.hnmaccms.xyz/news/index.php
IP
ASN #64050 BGPNET Global ASN
File type HTML document, ASCII text, with no line terminators
Hash 046691e8308c2adf72fc25247e2f9e80
a47d4ddf558d878140dd88a539159659e781345e
49f190d90d221b19e342cf6425fbb173e894ca0531935a3b08eaf83d980a6268
GET /news/index.php HTTP/1.1
Host: baidu.hnmaccms.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aibjcc.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 23:03:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 1d141c2bf97cf64f24516b631bbcb6da
14b733887bd0ee37a0337b2b2b0ee29afdc9ab91
e8042088784498cbecf810e768ef03a48d33930c9e94c0307a1f7492199786fe
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 13 Jan 2023 21:29:12 GMT
ETag: "14b733887bd0ee37a0337b2b2b0ee29afdc9ab91"
Last-Modified: Mon, 09 Jan 2023 21:29:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 280
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce1f6dabb52d-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 1d141c2bf97cf64f24516b631bbcb6da
14b733887bd0ee37a0337b2b2b0ee29afdc9ab91
e8042088784498cbecf810e768ef03a48d33930c9e94c0307a1f7492199786fe
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 13 Jan 2023 21:29:12 GMT
ETag: "14b733887bd0ee37a0337b2b2b0ee29afdc9ab91"
Last-Modified: Mon, 09 Jan 2023 21:29:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 280
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce1f8db6b52d-OSL
baidu.hnmaccms.xyz/news/data.php
200 OK 198 B URL HTTP/1.1 baidu.hnmaccms.xyz/news/data.php
IP
ASN #64050 BGPNET Global ASN
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7fde3fe5ec6a52fabfadca39c4b5ae08
58528832cf3a5e63b2648e6f840af94eca647bba
2bb7310c591b55457aceff5cb9ca3ebf0190d21ac21a91e785bd7a83b851d4fa
GET /news/data.php HTTP/1.1
Host: baidu.hnmaccms.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.hnmaccms.xyz/news/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 23:03:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5147
Expires: Tue, 10 Jan 2023 00:29:02 GMT
Date: Mon, 09 Jan 2023 23:03:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5147
Expires: Tue, 10 Jan 2023 00:29:02 GMT
Date: Mon, 09 Jan 2023 23:03:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5147
Expires: Tue, 10 Jan 2023 00:29:02 GMT
Date: Mon, 09 Jan 2023 23:03:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4753795f36012ff993f492314aa210ec
d5c8f6896fda40fc34dbc7554ce1ece173dd2d09
cbf28b1d51aae0e01fbe9228bfb1afead400ca7cc69875ffaef573f9e068a51f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9052
x-amzn-requestid: 51cb3d41-07e4-499a-b7a7-b4ee4963c587
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efp7aGB-oAMF-0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc89e2-7bb9960c3f0116240e5ba086;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:40:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Uj03bFs1JcsW67nDiC001HBFPRKWTas3EFwGDpU5LnGIKDINZ3mqQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:01:08 GMT
age: 3727
etag: "d5c8f6896fda40fc34dbc7554ce1ece173dd2d09"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff850da01-f29c-40c8-a4f5-8274939ba610.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff850da01-f29c-40c8-a4f5-8274939ba610.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c0edcdac4c3b3a94dbe82a274363f73
668dc0188d75cbf82bc8ba0e622ea63d8d9438b6
55e74389f68e33d8bc8fe8ba29f3f787374a410e9219bccc0ea060cdd2345f43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff850da01-f29c-40c8-a4f5-8274939ba610.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8999
x-amzn-requestid: 985cb7b8-ca04-498e-9cc3-e7427c6987de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efoYNHpxIAMF1Cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8767-3a33a1120a00500614486163;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qSTzT7TCB1fgktSz58LpgTpllcuvE7wiNeDN3dOPGE-9GqTcF4wUEg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:01:02 GMT
age: 3733
etag: "668dc0188d75cbf82bc8ba0e622ea63d8d9438b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb8de31-37c4-4e8f-9323-61ca0fc53903.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb8de31-37c4-4e8f-9323-61ca0fc53903.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2f950c4f2d7777fb10462be6d4fc138
a0d0ff0ec0b8e51e0ec4045c62b5cebd168d9f25
1916d294df0dda527a76c12f35f303a429b3ddee4c26c740e962c3fc69a971e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb8de31-37c4-4e8f-9323-61ca0fc53903.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10798
x-amzn-requestid: 3267fe92-e8cf-4c92-a815-6ecc7a3cb803
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efpx3F1yoAMFUKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc89a5-0c5b8cca27bb50d33bb6363a;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:39:49 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PwVYNSEkAwPncRrZiiChddV2r0pu3jj5Vlv3EzOy1aOheUCXGLesg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:04:53 GMT
age: 3502
etag: "a0d0ff0ec0b8e51e0ec4045c62b5cebd168d9f25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1427567eaf5a33fbade40a49afb785eb
d36efd23bf0846e93cf459bc745ac65801ae7536
b865810ab68ec856e11596e68437368e8bbacf84623d2f7668a7154993a6caf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14830
x-amzn-requestid: 70cae51a-4d22-40d5-a96e-5b4fd2e73aa7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efoXvFXBoAMFyYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8764-31043df63b816c8d7055bd67;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:30:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: huF1RWdeym0JBPVZzlAFGxBzQWVQGJrjwcZQ7GKMN1TbmiqLslnE8g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:04:51 GMT
age: 3504
etag: "d36efd23bf0846e93cf459bc745ac65801ae7536"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff038f7ab-fdd3-455e-a50e-bd980a481620.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff038f7ab-fdd3-455e-a50e-bd980a481620.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bf7d09fffbdeb29c81e49c453009cf3c
5ebf09afd40909e132ea7e5f2532a558ee954f0b
e3e76a07a199dfcb42fda159438fff7f4496030f4e2bcadc7d069a0682363468
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff038f7ab-fdd3-455e-a50e-bd980a481620.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9694
x-amzn-requestid: 9d46f93f-99be-4101-a6cd-442d76487afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0XzEYlIAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba3431-35988d5f0e3eb97443d02dbe;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V6ZBiHXKZzkxZ57wN516xlsf11HsjOuu1dLewWIPIYoKIKCBwdPmZA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:42:28 GMT
age: 69647
etag: "5ebf09afd40909e132ea7e5f2532a558ee954f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd443878-6531-4d14-a98a-4ce374074d06.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd443878-6531-4d14-a98a-4ce374074d06.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 856893f7ff66b46352bca2ea5cf85892
3179401c9811728aa50bc42a5d85567e24bde05c
956abf12c1c918e0add9ac081a235072f29fc5c919ccc83adcf4767bbfae85d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd443878-6531-4d14-a98a-4ce374074d06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4721
x-amzn-requestid: fc71e19d-6096-4caf-88f5-79c9b1a75481
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0WtEKuIAMFcjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba342a-3db3a2464ca357212e5e7b3e;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9xEqhWyqtsHvF-vXC1Q_9t2T90E0s-idawah0bfH8ZKusYjOCHVsKw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:49:53 GMT
age: 69202
etag: "3179401c9811728aa50bc42a5d85567e24bde05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5255ef1fa99e92d909e61747ad151863
f0edf4b9637dc8d08d6823330bb07a42a62c14f5
ab81fc80d909bc8dd49244af7b78cf46e1d4a527bf86cf177e782a92160d60ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB81FC80D909BC8DD49244AF7B78CF46E1D4A527BF86CF177E782A92160D60EE"
Last-Modified: Sun, 08 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Tue, 10 Jan 2023 05:03:05 GMT
Date: Mon, 09 Jan 2023 23:03:15 GMT
Connection: keep-alive
hm.baidu.com/hm.js?267adcd65cbe8ac0fcd75c03f38ff00a
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?267adcd65cbe8ac0fcd75c03f38ff00a
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 7718635e39a9e7a32de062d68a10991b
122de1a12beea2a735ebada6075087ef1c3f826d
da28e7739efb7953950a00b7ea055e8ac126bbcb31fbad2fc9cb4d8acd6cf30e
GET /hm.js?267adcd65cbe8ac0fcd75c03f38ff00a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.aibjcc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Mon, 09 Jan 2023 23:03:15 GMT
Etag: 18147c55ed455fd0d7f7562ed73de652
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=654A1F9386810489; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 16a153c6737fd4d09ab95822600d887b
6f9f17669f4ba2dc4967f7dc5d20dc077167a705
e99e54728ed8b4fbaea59115dd8316f3f07ae95dc05111f8826545f72c6bdee5
GET /hm.js?d8caaf5fc7e747bf497566f2be1cc916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.aibjcc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Mon, 09 Jan 2023 23:03:15 GMT
Etag: d0acf68954ae756e1e15c2bafc99f6e0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=47ED78DA6807B2A3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.henniu486.site/static/images/1.gif
200 OK 254 B URL HTTP/2 www.henniu486.site/static/images/1.gif
IP
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/1.gif HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 24 Dec 2021 10:11:17 GMT
etag: "61c59cc5-fe"
expires: Wed, 08 Feb 2023 23:03:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu486.site/template/dfcc/images/loading.svg
200 OK 506 B URL HTTP/2 www.henniu486.site/template/dfcc/images/loading.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/images/loading.svg HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:24 GMT
etag: "61da9f3c-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu486.site/dingpiao.html
200 OK 165 B URL HTTP/2 www.henniu486.site/dingpiao.html
IP
File type HTML document, ASCII text
Hash 66c2f45d9188476b6e481ba069ce9e9d
9f51483ecbaebea5aac50ab59f9bda809513381b
19b5694389d82ca564cd666e1d387f7bb779cc417854d7949d1baa9ac7e73b0c
Analyzer Verdict Alert quad9 Sinkholed
GET /dingpiao.html HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: text/html
content-length: 165
last-modified: Sat, 31 Dec 2022 07:45:08 GMT
etag: "63afe884-a5"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.henniu486.site/template/dfcc/html9/ads/dulian.js
200 OK 1.6 kB URL HTTP/2 www.henniu486.site/template/dfcc/html9/ads/dulian.js
IP
Hash 610a8ae483df9a29dba33117271d7140
125c3d7e5b343d2f7a690c9de29ae04749d6b4c7
7d3c50d020352f558e8be233c8ff182a686aed2e6137fbc0ea39c210287eb9c1
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/html9/ads/dulian.js HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: application/javascript
last-modified: Sat, 07 Jan 2023 10:56:06 GMT
vary: Accept-Encoding
etag: W/"63b94fc6-d71"
expires: Tue, 10 Jan 2023 11:03:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2057821869&si=267adcd65cbe8ac0fcd75c03f38ff00a&v=1.3.0&lv=1&sn=228&r=0&ww=1280&u=http%3A%2F%2Fwww.aibjcc.com%2Findex.php&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E7%9C%8B%E4%B9%8C%E4%BC%A0%E5%AA%92%E5%B9%BF%E5%91%8A%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2057821869&si=267adcd65cbe8ac0fcd75c03f38ff00a&v=1.3.0&lv=1&sn=228&r=0&ww=1280&u=http%3A%2F%2Fwww.aibjcc.com%2Findex.php&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E7%9C%8B%E4%B9%8C%E4%BC%A0%E5%AA%92%E5%B9%BF%E5%91%8A%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2057821869&si=267adcd65cbe8ac0fcd75c03f38ff00a&v=1.3.0&lv=1&sn=228&r=0&ww=1280&u=http%3A%2F%2Fwww.aibjcc.com%2Findex.php&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E7%9C%8B%E4%B9%8C%E4%BC%A0%E5%AA%92%E5%B9%BF%E5%91%8A%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.aibjcc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 09 Jan 2023 23:03:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=654BFC4FC1D651C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.henniu486.site/template/dfcc/css/ate.css
200 OK 6.2 kB URL HTTP/2 www.henniu486.site/template/dfcc/css/ate.css
IP
Hash bc35556c9855653113a0b9cd16e834f2
4a2087b856fe89c1a9e5a2e85d856bc639566f8f
c523b3567219441177cc03d90b62d9f6e862e157ceb158905533612dcaf7b091
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/css/ate.css HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:24 GMT
vary: Accept-Encoding
etag: W/"61d46414-126e4"
expires: Tue, 10 Jan 2023 11:03:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.henniu486.site/template/dfcc/css/zui.css
200 OK 21 kB URL HTTP/2 www.henniu486.site/template/dfcc/css/zui.css
IP
Hash c5c30a282fc3fe8939e0f070251248c1
a0da737dd430403999281caae444429baa46e1c9
e11f0f2b0bb6208e1299fc8b9d4791cc0af1c83e78b4413934cac0a246acbe14
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/css/zui.css HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 10:41:58 GMT
vary: Accept-Encoding
etag: W/"62861ef6-164b3"
expires: Tue, 10 Jan 2023 11:03:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1103342031&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=228&r=0&ww=1280&u=http%3A%2F%2Fwww.aibjcc.com%2Findex.php&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E7%9C%8B%E4%B9%8C%E4%BC%A0%E5%AA%92%E5%B9%BF%E5%91%8A%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1103342031&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=228&r=0&ww=1280&u=http%3A%2F%2Fwww.aibjcc.com%2Findex.php&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E7%9C%8B%E4%B9%8C%E4%BC%A0%E5%AA%92%E5%B9%BF%E5%91%8A%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1103342031&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=228&r=0&ww=1280&u=http%3A%2F%2Fwww.aibjcc.com%2Findex.php&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E7%9C%8B%E4%B9%8C%E4%BC%A0%E5%AA%92%E5%B9%BF%E5%91%8A%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.aibjcc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 09 Jan 2023 23:03:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=73F9F17A32E9F5BC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.henniu486.site/henniu.png
200 OK 5.0 kB URL HTTP/2 www.henniu486.site/henniu.png
IP
File type PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 66a858de209ee39809102a15257bbd71
6856ccaf274c24cdbe62155da4847eafd3b7f3e9
478f7ef871afdab3f845e3f501b9ec980ff449f34651ebc7f0b5b5498ea60296
Analyzer Verdict Alert quad9 Sinkholed
GET /henniu.png HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:16 GMT
content-type: image/png
content-length: 4973
last-modified: Wed, 18 May 2022 08:34:27 GMT
etag: "6284af93-136d"
expires: Wed, 08 Feb 2023 23:03:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
200 OK 489 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7471956
expires: Thu, 06 Apr 2023 10:35:53 GMT
date: Mon, 09 Jan 2023 23:03:17 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 153d454e04f8a923e05ed4094ecbd024
19c8b9d74ab73df9a60c5ebc6db67f651f621318
73cc1fa8c78e37e7a1b70988eabc16abae900c90814c5d40dc2022ae263baaa7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4386
Cache-Control: max-age=116893
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:17 GMT
Etag: "63bbb1b0-117"
Expires: Wed, 11 Jan 2023 07:31:30 GMT
Last-Modified: Mon, 09 Jan 2023 06:18:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 153d454e04f8a923e05ed4094ecbd024
19c8b9d74ab73df9a60c5ebc6db67f651f621318
73cc1fa8c78e37e7a1b70988eabc16abae900c90814c5d40dc2022ae263baaa7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4386
Cache-Control: max-age=116893
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:17 GMT
Etag: "63bbb1b0-117"
Expires: Wed, 11 Jan 2023 07:31:30 GMT
Last-Modified: Mon, 09 Jan 2023 06:18:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 153d454e04f8a923e05ed4094ecbd024
19c8b9d74ab73df9a60c5ebc6db67f651f621318
73cc1fa8c78e37e7a1b70988eabc16abae900c90814c5d40dc2022ae263baaa7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4386
Cache-Control: max-age=116893
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:17 GMT
Etag: "63bbb1b0-117"
Expires: Wed, 11 Jan 2023 07:31:30 GMT
Last-Modified: Mon, 09 Jan 2023 06:18:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
s2.loli.net/2022/01/07/deGgwzf7Tly9S3b.gif
404 Not Found 14 kB URL HTTP/2 s2.loli.net/2022/01/07/deGgwzf7Tly9S3b.gif
IP
File type PNG image data, 630 x 557, 8-bit colormap, non-interlaced\012- data
Hash 2d65a379c6d17fb9a9a6e9ae5112e79e
3c81d9aefdc66c7c034bd83d8cf06a94782487ca
a810996e1b9632593734f13a465418280c6fc1ba72f1aff719577192dd47df85
GET /2022/01/07/deGgwzf7Tly9S3b.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 09 Jan 2023 23:03:17 GMT
content-type: image/png
content-length: 14266
etag: "61aa33ab-37ba"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 654706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLKtkDWyqJg3K3RkP%2Fq9tULdNRABBYbd0znsxdH%2BI51b6Va1MBlH7MJ%2Bw%2BBREelObVv5OQUTVFFSonMLgje6IdJUbQX%2B8QhiVPLItpwYoObXh5qGBg%2Bceb%2F55usC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870ce2cace6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash 32c3d9ce024779ef02c1d78b8863eb3f
7d10dd3d35121dbd7001b7db2503fa1a93903a01
382986d8a586651325f0758e4511c14299ac13608f3384c5730b1c49f720a338
GET /hm.js?83778f58a428085f4ecef06936407d2b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Mon, 09 Jan 2023 23:03:16 GMT
Etag: 4c1ed349ce424fbdd84e2a198df2c7e7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AC22D00DB248AFDC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aibjcc.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 09 Jan 2023 23:03:17 GMT
Etag: "4078521116"
Expires: Tue, 09 Jan 2024 23:03:17 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=C7D97D51D7BE3879E28BE3B88246C247:FG=1; max-age=31536000; expires=Tue, 09-Jan-24 23:03:17 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1877730797&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=229&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu486.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1877730797&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=229&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu486.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1877730797&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=229&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu486.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 09 Jan 2023 23:03:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0FCF2B710AD7076A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
s2.loli.net/2022/12/17/HEqj23x1VeXcPB9.gif
200 OK 307 kB URL HTTP/2 s2.loli.net/2022/12/17/HEqj23x1VeXcPB9.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 307 kB (306734 bytes)
Hash ca810c35cea365abbacde41d2ee51764
a6f267356af7be51677d96a316bc2f1a0adc1ddf
a91c06c40e0f97e73ec9210126c1283afaba908fe0d0153aa690e0e388354dd4
GET /2022/12/17/HEqj23x1VeXcPB9.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:17 GMT
content-type: image/gif
content-length: 306734
last-modified: Sat, 17 Dec 2022 08:42:03 GMT
etag: "639d80db-4ae2e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkOOvePUaVWnZPsBU%2FAX8BqcbmtjDctDLos5ZvaNRzA%2FxE9PnGNYYE06cegkAgR%2FTLiSajDRdJXi1hDnemI23oPeE%2FnzXCr%2FtBRtdeX%2BSfUaxN6vY4aQr7pd2NAk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7870ce2cace2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s2.loli.net/2022/12/17/abCnUWzTh8xNFdt.gif
200 OK 547 kB URL HTTP/2 s2.loli.net/2022/12/17/abCnUWzTh8xNFdt.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 547 kB (546612 bytes)
Hash 894d4b311f1305ceced2750e8538b435
40d2bb2c8ddb460514c20bbe42000c3eb5db97bf
f3510bf38c769a233a3dc0756b43232569acc14e8d0c1a92a58b510cd60ef48d
GET /2022/12/17/abCnUWzTh8xNFdt.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:18 GMT
content-type: image/gif
content-length: 546612
last-modified: Sat, 17 Dec 2022 08:50:05 GMT
etag: "639d82bd-85734"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWB8CeQv9n87y%2FgIIHcmiEyO1iX%2BHZuQlho0v2JUJz12d%2FR2xzdpsiPp0u4NXdCzLcsVo4ODIpXMRw6XXR%2F0v7yiCPL47sFrvDDOz2B0kUFzwQsJgoVtT2o7u5PS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7870ce2ccd01b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fd1077dc296a46b1732adafd395bf633
09614d9ba9c64780cad99a25f57b70834f592f1e
da91f348443ce40ae845fd8aa6598cccbe6c37e24f5363028d4921721c311522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA91F348443CE40AE845FD8AA6598CCCBE6C37E24F5363028D4921721C311522"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19430
Expires: Tue, 10 Jan 2023 04:27:09 GMT
Date: Mon, 09 Jan 2023 23:03:19 GMT
Connection: keep-alive
xxx6686.app/960-60.gif
200 OK 381 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 381 kB (380774 bytes)
Hash d5b19fab300b34d93648b77ba1e87205
eabcc33b82a978d851b9af1337fc656a70f23c2f
e7cce7f77395b75187261e079f448c4b9de06f62f42ca0d2b87662efe80ea69b
GET /960-60.gif HTTP/1.1
Host: xxx6686.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: load-edge/2.1.1
date: Mon, 09 Jan 2023 23:03:18 GMT
content-type: image/gif
content-length: 380774
last-modified: Tue, 20 Dec 2022 08:28:12 GMT
etag: "63a1721c-5cf66"
strict-transport-security: max-age=31536000
lp-geo: edge-efmc
lp-addr: 91.90.42.154
lp-request: 06863655-38ad-4db9-82a6-bff18120760c
lp-id: ab1bf48ce78a1371587a71712c5cd767
expires: Mon, 09 Jan 2023 23:08:18 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
n0622.com/8c5bc25fea194e1ab37cb8c0b2395357.gif
200 OK 283 kB URL HTTP/1.1 n0622.com/8c5bc25fea194e1ab37cb8c0b2395357.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 283 kB (282913 bytes)
Hash e5e45b1fdf45915345965a07d0e4ad05
a7aaac92430fe423edacde9bff09c216e8aa5908
f485d7de51c5792fe1a1d18097932d7846356703265d2ba2ead1a4c66fdf09ec
GET /8c5bc25fea194e1ab37cb8c0b2395357.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:18 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 08 Jan 2023 13:32:52 GMT
ETag: W/"63bac604-68594"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 3302d367489c0f0630342aeff1404a5b
13096f8045cd396247deb40c4d4ac2d28d0eb023
de4889c6c6f911eb53c823b022a90b514cc965e06548b7c89d2763763d3d72aa
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 22:14:02 GMT
ETag: "13096f8045cd396247deb40c4d4ac2d28d0eb023"
Last-Modified: Mon, 09 Jan 2023 22:14:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 308
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3b8c37b506-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 5fd3d198ebdeb9007d9b2b99790b0d89
69f7f8b149726ed0da48691ae201ed09e14413ae
a6ade37b76a6f75d9bf4edffb4b2d5f78e4b6852292dc69e91a7589c6d25cbdc
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 21:46:14 GMT
ETag: "69f7f8b149726ed0da48691ae201ed09e14413ae"
Last-Modified: Mon, 09 Jan 2023 21:46:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2072
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3b9e1eb512-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 5fd3d198ebdeb9007d9b2b99790b0d89
69f7f8b149726ed0da48691ae201ed09e14413ae
a6ade37b76a6f75d9bf4edffb4b2d5f78e4b6852292dc69e91a7589c6d25cbdc
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 21:46:14 GMT
ETag: "69f7f8b149726ed0da48691ae201ed09e14413ae"
Last-Modified: Mon, 09 Jan 2023 21:46:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2072
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3b8e69b4f4-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 3302d367489c0f0630342aeff1404a5b
13096f8045cd396247deb40c4d4ac2d28d0eb023
de4889c6c6f911eb53c823b022a90b514cc965e06548b7c89d2763763d3d72aa
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 22:14:02 GMT
ETag: "13096f8045cd396247deb40c4d4ac2d28d0eb023"
Last-Modified: Mon, 09 Jan 2023 22:14:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 308
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3b8b8ab4f9-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 3302d367489c0f0630342aeff1404a5b
13096f8045cd396247deb40c4d4ac2d28d0eb023
de4889c6c6f911eb53c823b022a90b514cc965e06548b7c89d2763763d3d72aa
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 22:14:02 GMT
ETag: "13096f8045cd396247deb40c4d4ac2d28d0eb023"
Last-Modified: Mon, 09 Jan 2023 22:14:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 308
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3b8e10b524-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 3302d367489c0f0630342aeff1404a5b
13096f8045cd396247deb40c4d4ac2d28d0eb023
de4889c6c6f911eb53c823b022a90b514cc965e06548b7c89d2763763d3d72aa
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 22:14:02 GMT
ETag: "13096f8045cd396247deb40c4d4ac2d28d0eb023"
Last-Modified: Mon, 09 Jan 2023 22:14:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 308
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3b8b38b529-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 66f22c6352327e43bbb16d820754ca97
4fb9a32432e29a89fd95a01e51d12b8cc8514355
7f2f8fbf4804b55f588ba8286b57faefac59f2fe508c8ad4932613ba82968cb7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 21:30:09 GMT
ETag: "4fb9a32432e29a89fd95a01e51d12b8cc8514355"
Last-Modified: Mon, 09 Jan 2023 21:30:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2392
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3b9e76b4f4-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 66f22c6352327e43bbb16d820754ca97
4fb9a32432e29a89fd95a01e51d12b8cc8514355
7f2f8fbf4804b55f588ba8286b57faefac59f2fe508c8ad4932613ba82968cb7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 21:30:09 GMT
ETag: "4fb9a32432e29a89fd95a01e51d12b8cc8514355"
Last-Modified: Mon, 09 Jan 2023 21:30:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2392
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3bac45b506-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 80245b61c50e8c9a44c981ff97dd05f0
8c3a3ed0651b5354338b187c1953144278520ee3
9f171ad232c99bfbff2a69e6a893d522b31dfe5afdc4559cc519970a497350af
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 15:31:15 GMT
Expires: Sun, 15 Jan 2023 15:31:14 GMT
Etag: "8c3a3ed0651b5354338b187c1953144278520ee3"
Cache-Control: max-age=490674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7870ce3b7ae40b59-OSL
bxzst.com/img/5.jpg
200 OK 28 kB IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 377x377, components 3\012- data
Hash 4befa4e6df2856da33158012ef5840a3
a9ac8678c36a2e42047a34903477220ebcb26dc9
333d6186be191309a5202dee8fa8c6524dde9e6a8f75cf932da6aba6b31b6080
GET /img/5.jpg HTTP/1.1
Host: bxzst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 23:02:04 GMT
Content-Type: image/jpeg
Content-Length: 27857
Last-Modified: Thu, 08 Dec 2022 11:52:29 GMT
Connection: keep-alive
ETag: "6391cffd-6cd1"
Expires: Wed, 08 Feb 2023 23:02:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
bxzst.com/img/1.jpg
200 OK 16 kB IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 352x198, components 3\012- data
Hash 332e372126585ebcb1a39313b52cd63f
68588752c6a07c6ea01369754556a5386c2c5134
82950ea6f845b5ee30278736b468ddbe848191c37caae800d385282814c5bd35
GET /img/1.jpg HTTP/1.1
Host: bxzst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 23:02:04 GMT
Content-Type: image/jpeg
Content-Length: 16459
Last-Modified: Thu, 08 Dec 2022 11:52:30 GMT
Connection: keep-alive
ETag: "6391cffe-404b"
Expires: Wed, 08 Feb 2023 23:02:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash a8610d4c7d75eb9e8b65d4b5019399cd
afeb1db97270baaa6d4a7807647fb338d4b89b4d
8aaf1777a9ac2b0d2ddbfdae69bb83406cb2a671bd0f7982008c0d379c1fb93f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 09 Jan 2023 19:21:26 GMT
Expires: Tue, 10 Jan 2023 19:21:26 GMT
ETag: "afeb1db97270baaa6d4a7807647fb338d4b89b4d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1b15e03252ed0545aa6e9949eeebd671
eea9178399c1d2e9d1033408716b26ad19d84dc7
de0dcd469c22ee6464b0e0e09153d5d80847cfef5d1443f82a3fceeb1e063019
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE0DCD469C22EE6464B0E0E09153D5D80847CFEF5D1443F82A3FCEEB1E063019"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18135
Expires: Tue, 10 Jan 2023 04:05:34 GMT
Date: Mon, 09 Jan 2023 23:03:19 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4f62cb0d89727af2fa3264670e851ca9
bffa5d91bea7b8793e685a9baa27c328c0f6c023
70ee2159c45bae1028933082dfb28487f65d4f38359cccea9ffc73e531304dcd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 21:49:33 GMT
Expires: Fri, 13 Jan 2023 21:49:32 GMT
Etag: "bffa5d91bea7b8793e685a9baa27c328c0f6c023"
Cache-Control: max-age=340572,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7870ce3b8ee3b509-OSL
files.imgopen.vip/uploads/2023/01/03/63b3a7cfbfde2.gif
200 OK 4.6 MB URL HTTP/2 files.imgopen.vip/uploads/2023/01/03/63b3a7cfbfde2.gif
IP
File type GIF image data, version 89a, 500 x 218\012- data
Size 4.6 MB (4572669 bytes)
Hash 78c4226f28db316f58eed66621be9005
89a4c579386a3859bedca064c1d2d23ce439af16
67ebbabbe176008fd2029ecccf6ee307c6f850c5500d14bfd4647aed15141dce
GET /uploads/2023/01/03/63b3a7cfbfde2.gif HTTP/1.1
Host: files.imgopen.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:19 GMT
content-type: image/gif
content-length: 4572669
cache-control: max-age=14400
cf-cache-status: HIT
age: 356
last-modified: Mon, 09 Jan 2023 22:57:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geGX72W%2Fj%2B7MhUkSKn14Rsn3MkHlKDZtb8G2GOAhLjxWivOHwl38VPLC5KG2NawuZJXt4owNc%2Btb0Vgy8SmEgJJ8SnR6ktyh%2FPPzNl3D99PHpR9LAvTiExvEXpCL123IW4NESg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7870ce3c4f5db4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3a52ed51a294627530867aee76fa1f73
08b1f6c4371b5de3da0bcc7035085fd8e6ab88cf
d8774ca8bb193af785f3a967e4d0372b61e8b3555b19c1a86c7c66d71d5c2234
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 15:36:46 GMT
Expires: Sat, 14 Jan 2023 15:36:45 GMT
Etag: "08b1f6c4371b5de3da0bcc7035085fd8e6ab88cf"
Cache-Control: max-age=404605,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7870ce3b7f61b51e-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash ee17d23bc860b7024162b06e2b99792c
233911415ba2eb93d1fa372457356ed1747c722b
2b691ee9ca1363534c329a273684b7795d353b5fc76926f83068ad2906ca7539
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 20:18:39 GMT
ETag: "233911415ba2eb93d1fa372457356ed1747c722b"
Last-Modified: Mon, 09 Jan 2023 20:18:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3b9e23b512-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash ee17d23bc860b7024162b06e2b99792c
233911415ba2eb93d1fa372457356ed1747c722b
2b691ee9ca1363534c329a273684b7795d353b5fc76926f83068ad2906ca7539
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 20:18:39 GMT
ETag: "233911415ba2eb93d1fa372457356ed1747c722b"
Last-Modified: Mon, 09 Jan 2023 20:18:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce3c4c33b4f9-OSL
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash fbfe0f48d5291442a8be839005c57fa9
bf1a1781f474b5c513366804cefd3aa63c1b12d3
612594031f12960362586886ccb93865a68a5ad112f24098d5f6b3d27e3e6441
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 03:23:08 GMT
Expires: Sun, 15 Jan 2023 03:23:07 GMT
Etag: "bf1a1781f474b5c513366804cefd3aa63c1b12d3"
Cache-Control: max-age=446987,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7870ce3c09a9b4f7-OSL
ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
IP
Hash ade4d973301f3bbe7c92a8f2b6e04806
abc302c5b4bf4329fa19f3d58a606f86d4fd76f8
81b167c9d56386de386debc8c3d32d720d0c7b9713736ece6a1c93dda780eeb8
POST /s/gts1p5/IOl1ekfxYGk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 46e6ead89dcf6ae3311e7de782f38b79
db01eb6cbb2de75e3d174d4deac7a689749af0e3
b3c6ef56e698b27ab19c60ab265a178c3cb57ef2808803c1e42f88d0dbda16cb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B3C6EF56E698B27AB19C60AB265A178C3CB57EF2808803C1E42F88D0DBDA16CB"
Last-Modified: Mon, 09 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11032
Expires: Tue, 10 Jan 2023 02:07:11 GMT
Date: Mon, 09 Jan 2023 23:03:19 GMT
Connection: keep-alive
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0
200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOjG6Wz3dn3lNXZwgIOjiczpU7haUib9ibOuAc/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 09 Jan 2023 23:03:18 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Fri, 30 Dec 2022 04:47:40 GMT
cache-control: max-age=2592000
x-delay: 92 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: ad211730-2f3b-4b33-bf7f-ea55a686f62b
X-Firefox-Spdy: h2
aooacctp.vip/lm/ynv100.gif
200 OK 89 kB URL HTTP/2 aooacctp.vip/lm/ynv100.gif
IP
File type GIF image data, version 89a, 267 x 160\012- data
Hash 482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
GET /lm/ynv100.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 89034
last-modified: Sun, 29 May 2022 06:37:35 GMT
etag: "629314af-15bca"
expires: Thu, 02 Feb 2023 13:33:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 552515
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34VU%2BJRADE3B4ndfBqIxUOPXNxUFZF4gCfgtcx%2BX8S0F%2FwxGxmEOkuEUkuFQ9F8yHoflaYqsr0EIqVdljM4QcIeZBBEfzrQIEqfD%2F8B1cHMO04riBXOonxHn%2FHUyX10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7870ce402d49b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tupku.top/lm/031815-80.gif
200 OK 1.6 MB URL HTTP/2 www.tupku.top/lm/031815-80.gif
IP
File type GIF image data, version 89a, 500 x 281\012- data
Size 1.6 MB (1626999 bytes)
Hash 17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Wed, 01 Feb 2023 18:22:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 621587
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ8PJMRSc8k6L7flsTzT0sPZdsqxr5%2F2As9MCJ3WhdAI%2FGzxX24V6pmaYyQ%2F6GA8IvlLsOt6vTVGDEncDNojets87S1qjlWVEd8HiE2BUFQuyWxuldA9RDlEwpJRtQeD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7870ce402e76b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 3325d290815c820d5d0396f0ced92c9c
278601bd31f915f10467aa5991bd5524033610d6
4fd555018f4efee3289b31fce71a5f81ecac304aa1c7f7ad8a5a82988f943d4a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=651
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fabdd920bb9f161048e80d77d17416ad
8a29ef083f6c9c61a6adec05f9c4f501422b6352
b9cb3757f234755af08998d5c1dbe05f310efe684880dd3cc774495e0470bd36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9CB3757F234755AF08998D5C1DBE05F310EFE684880DD3CC774495E0470BD36"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18881
Expires: Tue, 10 Jan 2023 04:18:01 GMT
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 1759ca8db7e397c4d47d0837ef37f3e6
a4234119c5f318a6c5062a32cb2681db62cc2dd5
cfad38a8899074dd59bb0305c5e7ee7cb125bd094ff66085087e4f92830f2bce
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=236
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 1759ca8db7e397c4d47d0837ef37f3e6
a4234119c5f318a6c5062a32cb2681db62cc2dd5
cfad38a8899074dd59bb0305c5e7ee7cb125bd094ff66085087e4f92830f2bce
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=236
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
X-N: S
zhibo128x.xyz/128/960x120.gif
200 OK 417 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 417 kB (417166 bytes)
Hash 13c9b946edcde7ff1343201a30e2fd46
c58983acbb24dfd174e7e033c3054b9e5036cb7b
8e817dd37cc60ddd6de4dab6f55edf1132b6793ed7d391de2dd9200cd215a926
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 09 Jan 2023 23:01:20 GMT
Content-Type: image/gif
Content-Length: 417166
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 21:11:51 GMT
ETag: "63b5eb97-65d8e"
Expires: Fri, 03 Feb 2023 21:14:05 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1f1c1dbf956f006da308b04014839253
4a6f9ee38452aae04cc1914616a90c88cefe6da7
e6b412dc21e925603e0f4fed59aeb4538e9f250bdf5a6103012396abdd2e2220
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6B412DC21E925603E0F4FED59AEB4538E9F250BDF5A6103012396ABDD2E2220"
Last-Modified: Sun, 08 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 10 Jan 2023 05:03:20 GMT
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0
200 OK 62 kB URL HTTP/2 p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash ee52eff8577d4346eca344892bd41406
5e2ad497a1866f71f088860d05f2b962e82a16e1
b1d685515a8e1186c3f5d4844256b95fcc83121fa45f29a2e58e852537332267
GET /qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 09 Jan 2023 23:03:19 GMT
content-type: image/png
content-length: 62229
vary: Accept,Origin
last-modified: Tue, 19 Oct 2021 21:03:59 GMT
cache-control: max-age=2592000
x-delay: 17027 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 62229
chid: 0
fid: 0
x-nws-log-uuid: d5991499-84b2-415d-b440-deac67c0287a
X-Firefox-Spdy: h2
qppicture.oss-cn-shanghai.aliyuncs.com/xjimg/1419gif960x60.gif
200 OK 64 kB URL HTTP/1.1 qppicture.oss-cn-shanghai.aliyuncs.com/xjimg/1419gif960x60.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash c677e519fd2423d46d35b94059a1fa98
48f44e8cf932859a331edf203f6109a7d521314c
b470ee84eee1f73dfd2f3660ea8620fea1818bce9420efb7543e7353a7612578
GET /xjimg/1419gif960x60.gif HTTP/1.1
Host: qppicture.oss-cn-shanghai.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 09 Jan 2023 23:03:19 GMT
Content-Type: image/gif
Content-Length: 64508
Connection: keep-alive
x-oss-request-id: 63BC9D37216A4F3130E908A5
Accept-Ranges: bytes
ETag: "C677E519FD2423D46D35B94059A1FA98"
Last-Modified: Sun, 01 Jan 2023 09:56:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11255473868077813000
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: xnflGf0kI9RtNblAWaH6mA==
x-oss-server-time: 3
statuse.digitalcertvalidation.com/
200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP
Hash a51e6baef51cf7d04a85328c8cf96188
374168493dcd489d5c3cdb99baec2ce19aa153eb
997d7dbbffd65720cbeac0c0ea35c53f8ef57541402522e9eacbdef8750b9253
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6199
Cache-Control: max-age=127391
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:20 GMT
Etag: "63bbd3a0-1d7"
Expires: Wed, 11 Jan 2023 10:26:31 GMT
Last-Modified: Mon, 09 Jan 2023 08:43:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 53c50a0a3db23f3fa3943768aae0efa5
94014695053e75e76f596d81758e15d0cc634575
7bdd3ca313dd5a54415e41740a5ce8d081d39182342682c21ce74a72854e5241
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 21:40:01 GMT
ETag: "94014695053e75e76f596d81758e15d0cc634575"
Last-Modified: Mon, 09 Jan 2023 21:40:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1356
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce416b79b524-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b27d7f02c6ac8568f66ba1b863b8b85d
acb1ac3ac330e8995d99829fdfbd2618424ecc26
383791fe001b6acb271ec07f37da60e837a0084b58ab929420778a743c62b07c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "383791FE001B6ACB271EC07F37DA60E837A0084B58AB929420778A743C62B07C"
Last-Modified: Sun, 08 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9318
Expires: Tue, 10 Jan 2023 01:38:38 GMT
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash d2ce691e9c01a4f2dbcd69312b46895a
0ab16353828751d49f5673b2126d1e8d69c69142
184066353aed3141d213b64a646622886d65d0a146e10ba61bdbbec977d1af67
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=582
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
X-N: S
cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg
200 OK 98 kB URL HTTP/2 cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Hash c23b2edd3dce8616a9a723a26b2fd280
51451bb2e19c4f956b425221ede9cfdd90472a0e
4d47bba01041ef53fd4ee75b4c13e5730fe106b233a7a1b4e8e9f12fc7527f88
GET /img/ibank/2020/865/518/22902815568_1738432517.jpg HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 98277
date: Fri, 30 Dec 2022 15:58:08 GMT
last-modified: Thu, 15 Sep 2022 08:05:49 GMT
picasso-ret-code: SUCCESS
request-time: 0.094
traceid: 2ff62b2016724158887338733e
expires: Sat, 30 Dec 2023 15:58:08 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1672415889
via: cache9.l2de2[0,0,200-0,H], cache6.l2de2[1,0], cache1.se1[0,0,200-0,H], cache2.se1[1,0]
access-control-allow-origin: *
age: 889511
x-cache: HIT TCP_MEM_HIT dirn:8:353948567
x-swift-savetime: Fri, 30 Dec 2022 16:01:28 GMT
x-swift-cachetime: 31535801
timing-allow-origin: *
eagleid: 2ff62c9616733054005558363e
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
200 OK 599 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2807f8423563e4213b65ad7ba00df292
c8e0afafefe9da4e600ddd08368f35f78ed1b301
482716402c7c700498e05cd64df89750167a13be06f5450f152712040b85d0bb
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 09 Jan 2023 22:37:52 GMT
last-modified: Sun, 08 Jan 2023 00:39:49 GMT
expires: Sun, 15 Jan 2023 00:39:48 GMT
etag: "c8e0afafefe9da4e600ddd08368f35f78ed1b301"
cache-control: max-age=587288,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7870a8f3fddd2bb2-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673303872
via: cache3.l2de2[0,0,304-0,H], cache20.l2de2[1,0], cache1.se1[88,87,200-0,H], cache4.se1[90,0], cache1.se1[91,0]
age: 1528
x-cache: HIT TCP_REFRESH_HIT dirn:2:367442657
x-swift-savetime: Mon, 09 Jan 2023 23:03:20 GMT
x-swift-cachetime: 272
timing-allow-origin: *, *
eagleid: 2ff62c9516733054004851508e, 2ff62c9516733054004851508e
8499683.com/8499/zzxx/960x60.gif
200 OK 291 kB URL HTTP/2 8499683.com/8499/zzxx/960x60.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499683.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:19 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "46f0c-5f092cf097c3f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
200 OK 600 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 547f93929cc3453546a5c27039a8d54f
a3979dc8861ceed8093665892e548b0dec35c4c4
475c00efe6fba1e418e3a9e6544ac6411e66a8e23eec17ded13e6af34a7bbf28
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 09 Jan 2023 23:03:20 GMT
last-modified: Sat, 07 Jan 2023 05:47:53 GMT
expires: Sat, 14 Jan 2023 05:47:52 GMT
etag: "a3979dc8861ceed8093665892e548b0dec35c4c4"
cache-control: max-age=603213,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7870ce41aa9e90d6-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673305400
via: cache15.l2de2[26,25,304-0,M], cache15.l2de2[26,0], cache1.se1[108,107,200-0,H], cache4.se1[110,0], cache7.se1[111,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:407867977
x-swift-savetime: Mon, 09 Jan 2023 23:03:20 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9b16733054004884604e, 2ff62c9b16733054004884604e
mei.netlbtu.com/upload/art/gif/20200421/170511-1.mp4_1587324106344.gif
200 OK 13 kB URL HTTP/1.1 mei.netlbtu.com/upload/art/gif/20200421/170511-1.mp4_1587324106344.gif
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 480x270, components 3\012- data
Hash e1a576cbd51934165b0de029925eba4d
8225a3aa258bf5e6985492a834622a090376208f
7664f5c8b9e9611fc3d76c64ca431e0b96ba7d9bbc2ed1ebcc15b4037725b380
GET /upload/art/gif/20200421/170511-1.mp4_1587324106344.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: image/gif
Content-Length: 12943
Last-Modified: Wed, 09 Nov 2022 09:14:54 GMT
Connection: keep-alive
ETag: "636b6f8e-328f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvexx.com/d2527f7b8c975443eead165505e089df.gif
301 Moved Permanently 162 B URL HTTP/2 kvexx.com/d2527f7b8c975443eead165505e089df.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d2527f7b8c975443eead165505e089df.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/d2527f7b8c975443eead165505e089df.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
3761121ccc.com/6d6db2f871e642aea43166a6558256df.gif
200 OK 407 kB URL HTTP/1.1 3761121ccc.com/6d6db2f871e642aea43166a6558256df.gif
IP
File type GIF image data, version 89a, 750 x 240\012- data
Size 407 kB (406797 bytes)
Hash c2416147be2041fc12ed7ebd916e5c98
d051da0be7aa69cb858d3d937951459954e2ed86
359973b5075644745068c37d2302ad894fac3f297df162de744d66a17d2d9ceb
GET /6d6db2f871e642aea43166a6558256df.gif HTTP/1.1
Host: 3761121ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63998d02-6350d"
Date: Mon, 02 Jan 2023 22:52:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 14 Dec 2022 08:44:50 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-20
Content-Length: 406797
ocsp.digicert.com/
200 OK 727 B IP
Hash 07449c42b9cf5c753c4fb7937de50e40
cecfdc7116456874058376627e8fc7df0543c0d2
cb2bded3f1c046f6c7f63e20fa47bd755d67eeee74fe56377ffa4fe2c81ce5db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4518
Cache-Control: max-age=118124
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:20 GMT
Etag: "63bbb5fe-2d7"
Expires: Wed, 11 Jan 2023 07:52:04 GMT
Last-Modified: Mon, 09 Jan 2023 06:36:46 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 727
mei.netlbtu.com/upload/art/gif/gfdt/071616_341-4.gif
200 OK 14 kB URL HTTP/1.1 mei.netlbtu.com/upload/art/gif/gfdt/071616_341-4.gif
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Hash e994db89370c07131c299b37e86e0906
3166f9925170c117be7c77602c26f45105cae06c
d9a139378357052913b2b57af565d38baef6f7a10ff1c0b58376e57a764f16df
GET /upload/art/gif/gfdt/071616_341-4.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: image/gif
Content-Length: 13797
Last-Modified: Wed, 09 Nov 2022 11:39:06 GMT
Connection: keep-alive
ETag: "636b915a-35e5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
200 OK 354 kB URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 354 kB (354278 bytes)
Hash c6442fd82dd00372e745f394887172f2
dc8ce1d9b050eb7b70c1e47e815169c8ffdc77b9
813a5a49ef0682cdb74754e84f7b5d0159392b1fef69ec06e2875388e97d8843
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 354278
last-modified: Mon, 19 Dec 2022 07:47:28 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 09 Jan 2023 22:36:22 GMT
etag: "c6442fd82dd00372e745f394887172f2"
x-cache: Hit from cloudfront
via: 1.1 20bb709a751569d186bca51c132b4c86.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: kUanm37LaGM6Q2ArQYae76XuMemFnLFV4rwAboOelyHAZcx5-2K9uQ==
age: 1618
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/a31230445806508a2ce196f4072d2dff.gif
200 OK 902 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/a31230445806508a2ce196f4072d2dff.gif
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 980 x 100\012- data
Size 902 kB (902269 bytes)
Hash a31230445806508a2ce196f4072d2dff
01e87d5028860d7840bcf60ae6e4b64709734e54
befa1e0a9fad11791acfd2881e781e55f68ca964cafcbb68a4c19d3cc14dea6b
GET /bjh/a31230445806508a2ce196f4072d2dff.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 902269
expires: Sat, 07 Jan 2023 21:21:55 GMT
last-modified: Sun, 01 May 2022 03:09:14 GMT
etag: "a31230445806508a2ce196f4072d2dff"
age: 219390
accept-ranges: bytes
content-md5: oxIwRFgGUIos4Zb0By0t/w==
x-bce-content-crc32: 1513522899
x-bce-debug-id: O7Gi5XpPtuVUvaMZ4WJHM0isgFgTQ9qDht7irECU5SPxsmpFxJCWa2spuPnwKMWE4Ee2wAV8zjLiWh8bkdPx0A==
x-bce-request-id: 7470e3a6-fafd-4347-a1ca-39aa502ade7c
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 21:21:55 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache50 [4], suzix135 [2]
ohc-file-size: 902269
x-cache-status: HIT
X-Firefox-Spdy: h2
mei.netlbtu.com/upload/art/gif/gfdt/746bfd5d31fc37377d.gif
200 OK 20 kB URL HTTP/1.1 mei.netlbtu.com/upload/art/gif/gfdt/746bfd5d31fc37377d.gif
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 560x314, components 3\012- data
Hash ad1f30d4930167d4eff601f3fee06b8d
b0fa5f060045cad3ae25d6ce6e00758668a31f00
5605d7b7176cda10fc43bfe3ef7c57efda471a1d0ed5092aaca9e8426c747032
GET /upload/art/gif/gfdt/746bfd5d31fc37377d.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: image/gif
Content-Length: 19506
Last-Modified: Wed, 09 Nov 2022 09:12:48 GMT
Connection: keep-alive
ETag: "636b6f10-4c32"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1b15e03252ed0545aa6e9949eeebd671
eea9178399c1d2e9d1033408716b26ad19d84dc7
de0dcd469c22ee6464b0e0e09153d5d80847cfef5d1443f82a3fceeb1e063019
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE0DCD469C22EE6464B0E0E09153D5D80847CFEF5D1443F82A3FCEEB1E063019"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 10 Jan 2023 05:03:20 GMT
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 727 B IP
Hash 13d6681885735b48b4336df1f8c03f10
0304fb011524f235e770bb8c96e2525e6c1545c7
c2aba63fc9daeeed9d3a567f96af619a062119fc0df0d14382f8e81d74f7bf99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3112
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:20 GMT
Last-Modified: Mon, 09 Jan 2023 22:11:28 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 46e6ead89dcf6ae3311e7de782f38b79
db01eb6cbb2de75e3d174d4deac7a689749af0e3
b3c6ef56e698b27ab19c60ab265a178c3cb57ef2808803c1e42f88d0dbda16cb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B3C6EF56E698B27AB19C60AB265A178C3CB57EF2808803C1E42F88D0DBDA16CB"
Last-Modified: Mon, 09 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10398
Expires: Tue, 10 Jan 2023 01:56:38 GMT
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/IOl1ekfxYGk
IP
Hash ade4d973301f3bbe7c92a8f2b6e04806
abc302c5b4bf4329fa19f3d58a606f86d4fd76f8
81b167c9d56386de386debc8c3d32d720d0c7b9713736ece6a1c93dda780eeb8
POST /s/gts1p5/IOl1ekfxYGk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.cn/
200 OK 471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c12f72c9d629b983ba751aefacbe859c
d04d7549f14d13887e9cd39002bca75fd9fde005
b493e707c6b641d64133d38ae303881c4c2cca8eb84d373e0b98304683bfa94a
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 09 Jan 2023 23:03:20 GMT
Last-Modified: Mon, 09 Jan 2023 21:25:03 GMT
ETag: "63bc862f-1d7"
Expires: Wed, 11 Jan 2023 21:25:03 GMT
Cache-Control: max-age=166903
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673305400
Via: cache2.l2de2[192,192,200-0,M], cache2.l2de2[194,0], cache3.se1[216,216,200-0,M], cache3.se1[218,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 09 Jan 2023 23:03:20 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716733054005416323e
ocsp.digicert.com/
200 OK 727 B IP
Hash 07449c42b9cf5c753c4fb7937de50e40
cecfdc7116456874058376627e8fc7df0543c0d2
cb2bded3f1c046f6c7f63e20fa47bd755d67eeee74fe56377ffa4fe2c81ce5db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:20 GMT
Etag: "63bbb5fe-2d7"
Server: ECS (amb/6BB5)
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
200 OK 415 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 80\012- data
Size 415 kB (414979 bytes)
Hash ecd0f421a231299ffaa9117a67c1e38a
6dd0678ee6c2a91eca8db2428d8743f607360d3a
dbd0423b88c8d785dd015e2e80105d0bcd41e677c3588acbf34cf1ca542565c9
GET /obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 414979
date: Mon, 05 Dec 2022 07:16:52 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 07:09:21 GMT
nw-session-id: 2022120515092101015013207630C082CC7t5wt01dy
nw-session-trace: 2022-12-05T15:09:21.716293741+08:00 48
x-bdcdn-cache-status: TCP_HIT
x-length: 414979
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 15:09:21 GMT
x-tt-logid: 2022120515092101015013207630C082CC
via: n204-100-053, cache12.l2de2[0,0,206-0,H], cache5.l2de2[2,0], cache5.l2de2[2,0], cache2.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:27:681::36
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dab46e58f2ac949ece2051ac89e2dd2773be35d3e5369524bf1f9f46f4ea066e23b5378fe9943c2f968c40c38ced9fa128ef7bf579b1467b9a779eb22ac0c37e53b062293a8a1e8061f8daaf0ff7b4e0f99e8da2482833909c1ebdc2d578e
x-response-lb: image
ali-swift-global-savetime: 1670224612
age: 3080788
x-cache: HIT TCP_MEM_HIT dirn:11:333709724
x-swift-savetime: Mon, 05 Dec 2022 10:48:27 GMT
x-swift-cachetime: 31523305
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816733054007362881e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
200 OK 562 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (561802 bytes)
Hash 6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
GET /obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Sun, 08 Jan 2023 07:50:59 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 07 Jan 2023 17:02:53 GMT
nw-session-id: 2023010801025286BC305F3E34521AD755kbpzn03dy
nw-session-trace: 2023-01-08T01:02:53.1102234+08:00 112
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Sun, 08 Jan 2023 01:02:53 GMT
x-tt-logid: 2023010801025286BC305F3E34521AD755
via: n150-056-038, cache5.l2de2[0,0,206-0,H], cache12.l2de2[1,0], cache12.l2de2[3,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0162ae67638a11287dc6b033f165a53a6406f5f4e7a9c539353a89ce15718271fcb7ceacd85e2d1a632f2d6ecdc07e7e792ae0da53d0e50deef3a82262cedd9fdd707adc6d90495523892ece156b6cdbda2a532c53195d7c7cfbb57d921937441c
x-response-lb: image
ali-swift-global-savetime: 1673164259
age: 141141
x-cache: HIT TCP_MEM_HIT dirn:1:137696481 mlen:0
x-swift-savetime: Mon, 09 Jan 2023 20:58:16 GMT
x-swift-cachetime: 31402363
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816733054007452886e
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 24920d03bcbed22972fe99c8cb721144
44fd3651bacc620bdb1acdac6fe3125d14b4d0b2
9ef6dae31f3d95e11c95fcd63b8741ee93cf854ea29d1ada6a51bcc153a680b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3389
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:20 GMT
Last-Modified: Mon, 09 Jan 2023 22:06:51 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a
200 OK 147 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 120\012- data
Size 147 kB (146647 bytes)
Hash 3e19d4a109f5442429ab120014d83932
9b3ab408c1543c2a812d99f985ec7f014eb239ee
69a725e47512725f942332b0729ad94fe477f82b0d93055f5265793815bfa4a6
GET /obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 146647
date: Sat, 17 Dec 2022 12:44:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 17 Dec 2022 11:05:17 GMT
nw-session-id: 20221217190517010212075088049EE35Fpwrzh01dy
nw-session-trace: 2022-12-17T19:05:17.505827354+08:00 60
x-bdcdn-cache-status: TCP_HIT
x-length: 146647
x-powered-by: ImageX
x-response-date: Sat, 17 Dec 2022 19:05:17 GMT
x-tt-logid: 20221217190517010212075088049EE35F
via: n204-098-222, cache23.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache7.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:26:318::66
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 011f3179f65e79bd56134347320851a7aea6e0a18bf2c1c23c6d8014804fa9b0190235d5d93772c680138c643463983506d475df3a8b72e78a121b4f4f35ee7fedfab41d1744bafee7a1a00aacfbc0761d667083177ceac1c0964125934b59ee2b
x-response-lb: image
ali-swift-global-savetime: 1671281072
age: 2024328
x-cache: HIT TCP_MEM_HIT dirn:5:344041102
x-swift-savetime: Sat, 17 Dec 2022 13:21:53 GMT
x-swift-cachetime: 31533759
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816733054007702894e
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7ba08bb395d2d63556698d2a346bd950
f484e82437274ee045f5886ca9f41b5f52009384
c5cf69ae42511c3ff0f8490e86e3a32ec6b39f0a2c7bcad50a0ba5ca3d9de925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5CF69AE42511C3FF0F8490E86E3A32EC6B39F0A2C7BCAD50A0BA5CA3D9DE925"
Last-Modified: Sun, 08 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12439
Expires: Tue, 10 Jan 2023 02:30:39 GMT
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7ba08bb395d2d63556698d2a346bd950
f484e82437274ee045f5886ca9f41b5f52009384
c5cf69ae42511c3ff0f8490e86e3a32ec6b39f0a2c7bcad50a0ba5ca3d9de925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5CF69AE42511C3FF0F8490E86E3A32EC6B39F0A2C7BCAD50A0BA5CA3D9DE925"
Last-Modified: Sun, 08 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12439
Expires: Tue, 10 Jan 2023 02:30:39 GMT
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 141bf1230b520928f9b1c3ede2151689
ca78fb2ae914ee59b142197a07992b03d683c194
d9abe02701208830c557e560101fb2cb8d52d9a136ceeae8837ff33425346c59
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 22:45:46 GMT
Expires: Fri, 13 Jan 2023 22:45:45 GMT
Etag: "ca78fb2ae914ee59b142197a07992b03d683c194"
Cache-Control: max-age=343944,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7870ce43280eb4f7-OSL
628536nyv.com/9e12d82149d1427bb2785aa528a1c66a.gif
200 OK 553 kB URL HTTP/1.1 628536nyv.com/9e12d82149d1427bb2785aa528a1c66a.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /9e12d82149d1427bb2785aa528a1c66a.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b3bfb5-86f72"
Date: Tue, 03 Jan 2023 15:49:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 03 Jan 2023 05:40:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-20
Content-Length: 552818
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26a1ca4165ce76993b19826e3174f7cf
917a1f75418897d49cd803015a150d9d4cc2da9c
f3121f80a8c2953ac60bfb6f35070632f956a13c6c65e1da8945125c73fe57d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3121F80A8C2953AC60BFB6F35070632F956A13C6C65E1DA8945125C73FE57D4"
Last-Modified: Sun, 08 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10294
Expires: Tue, 10 Jan 2023 01:54:54 GMT
Date: Mon, 09 Jan 2023 23:03:20 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash d83a07e481dc6916cdcf30aefc86442b
c18f70e765c56b36b32a80744d85b4af62c1638b
0c25820a9c85ca5449920f21f0784e950d121af6e8e2c23fae70f64ca5eb4c39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1628
Cache-Control: max-age=163853
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:20 GMT
Etag: "63bc73e9-117"
Expires: Wed, 11 Jan 2023 20:34:13 GMT
Last-Modified: Mon, 09 Jan 2023 20:07:05 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 279
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 141bf1230b520928f9b1c3ede2151689
ca78fb2ae914ee59b142197a07992b03d683c194
d9abe02701208830c557e560101fb2cb8d52d9a136ceeae8837ff33425346c59
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 22:45:46 GMT
Expires: Fri, 13 Jan 2023 22:45:45 GMT
Etag: "ca78fb2ae914ee59b142197a07992b03d683c194"
Cache-Control: max-age=343944,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7870ce437859b4f7-OSL
p9.toutiaoimg.com/origin/pgc-image/440e4613c87e49aaa978851137a2e2cb
200 OK 87 kB URL HTTP/2 p9.toutiaoimg.com/origin/pgc-image/440e4613c87e49aaa978851137a2e2cb
IP
File type GIF image data, version 89a, 960 x 120\012- data
Hash c93b3ed293066d747d880ea368f305c3
7847cf128db1b0cc6f25cbfb54125348bf6dda97
79a2ddaa98a1421d78798163acdce3928ac97d2f63e5a7a64ff011180661a2b3
GET /origin/pgc-image/440e4613c87e49aaa978851137a2e2cb HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 86697
date: Mon, 12 Dec 2022 11:29:41 GMT
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 01 Oct 2022 07:02:23 GMT
nw-session-id: 202210011502230101580290973524D9F3w9r7n01tt
nw-session-trace: 2022-10-01T15:02:23.478621019+08:00 41
x-bdcdn-cache-status: TCP_MISS
x-length: 86697
x-powered-by: ImageX
x-response-date: Sat, 01 Oct 2022 15:02:23 GMT
x-tt-logid: 202210011502230101580290973524D9F3
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
x-response-lb: image
x-ser: BC199_dx-lt-yd-jiangsu-huaian-8-cache-10, BC6_US-Georgia-atlanta-1-cache-2, BC103_US-Colorado-Denver-1-cache-1
x-cache: HIT from BC103_US-Colorado-Denver-1-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=1
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
www.henniu486.site/
200 OK 313 kB IP
Size 313 kB (313361 bytes)
Hash cfe97ed91ec2759153a7a62abe6ab0c4
9b7135bc5d8cc3e66007c95d64ace108e6b746a9
887fc07cdc249aa9a151cfd4157ce907e9469b86da21753bba1b201516087be1
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baidu.hnmaccms.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 65bb657b61dcb11d02fff293fe813bd1
f8afa04a917701b6628f6089609649813f785f63
5f337910f34d535d3187cb780ab05a80b8cdf683ec1fac1f0dccacf212ca320a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 13 Jan 2023 20:31:48 GMT
ETag: "f8afa04a917701b6628f6089609649813f785f63"
Last-Modified: Mon, 09 Jan 2023 20:31:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce42fb82b52d-OSL
kvhuuu.top/d2527f7b8c975443eead165505e089df.gif
200 OK 173 kB URL HTTP/2 kvhuuu.top/d2527f7b8c975443eead165505e089df.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 173 kB (173022 bytes)
Hash 0150d0f30376c3b95a72b139841a67ef
06a0ce0cc79d843e351750e5aed2da29e108b8a1
44cd0d11592ab967d2d9cb1fd48e69b98cac0998bc78f95e1427cd96ab849066
GET /d2527f7b8c975443eead165505e089df.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.henniu486.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 173022
last-modified: Sat, 07 Jan 2023 13:29:54 GMT
etag: "63b973d2-2a3de"
expires: Mon, 06 Feb 2023 17:25:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 193043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKeqs7ltjgnDeUr%2BdIk8%2BVTMr2nCOOtCXSya1AYsiMPIoLSNucsHl4h8FmqcCI1y68XADBos51fX%2FYG9Qcc5fy%2FSjvLyc7K1uE5uHGkYwfyszbRi4TsQLs55hqxN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7870ce43ece3d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash d83a07e481dc6916cdcf30aefc86442b
c18f70e765c56b36b32a80744d85b4af62c1638b
0c25820a9c85ca5449920f21f0784e950d121af6e8e2c23fae70f64ca5eb4c39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1737
Cache-Control: max-age=163961
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 23:03:21 GMT
Etag: "63bc73e9-117"
Expires: Wed, 11 Jan 2023 20:36:02 GMT
Last-Modified: Mon, 09 Jan 2023 20:07:05 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 65bb657b61dcb11d02fff293fe813bd1
f8afa04a917701b6628f6089609649813f785f63
5f337910f34d535d3187cb780ab05a80b8cdf683ec1fac1f0dccacf212ca320a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 13 Jan 2023 20:31:48 GMT
ETag: "f8afa04a917701b6628f6089609649813f785f63"
Last-Modified: Mon, 09 Jan 2023 20:31:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7870ce43886cb4f7-OSL
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
200 OK 1.4 MB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 640 x 200\012- data
Size 1.4 MB (1362871 bytes)
Hash b43c54ced7fcd33ebd9405eb26d533b7
05e5eb23ef5a79364bc8f8fd778d54a9fa335174
7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 09 Jan 2023 23:03:18 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 638 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 6dbd1722-bf93-4f76-9e1c-f51eaad5d8d7
X-Firefox-Spdy: h2
cdn-jinjutupian-cdn.com/jj/640-160.gif
200 OK 102 kB URL HTTP/2 cdn-jinjutupian-cdn.com/jj/640-160.gif
IP
File type GIF image data, version 89a, 640 x 160\012- data
Size 102 kB (102217 bytes)
Hash 32d05120ecf8eee624df684e04289dab
03610e3030b2f6c6a706025fd8dbc9b82a68f0b4
81d241c89df61d338b60bfa9886971b37e072873a64084e772f02fccb8e5c7e6
GET /jj/640-160.gif HTTP/1.1
Host: cdn-jinjutupian-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 102217
last-modified: Wed, 28 Dec 2022 16:09:37 GMT
etag: "63ac6a41-18f49"
expires: Wed, 08 Feb 2023 15:41:31 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 08a1826eb128ae25beebff5564e1d172
838c97ed825fd3217834b85b08cf9f071ed7efa0
71c5f68b4ae7e0f9b522c39cb4ddd730bcd476c3207d5be0fc6a67fd9fb7a80f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 09 Jan 2023 04:32:31 GMT
Expires: Mon, 16 Jan 2023 04:32:30 GMT
Etag: "838c97ed825fd3217834b85b08cf9f071ed7efa0"
Cache-Control: max-age=537548,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7870ce43c8f70b59-OSL
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
200 OK 400 kB URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 09 Jan 2023 21:48:17 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 265469026e8f406d053e31b75a003ea2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: vdkDNG-iTW-B0GFtdHZ3aFLRsXvrY__cpAjhic0m7E6ilSEYeBWU1g==
age: 41214
X-Firefox-Spdy: h2
kzeoo.com/39ece0ec38182f6a9c5191222a2a17bd.gif
200 OK 452 kB URL HTTP/2 kzeoo.com/39ece0ec38182f6a9c5191222a2a17bd.gif
IP
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 1000 x 70\012- data
Size 452 kB (451650 bytes)
Hash d36b47fd223d12e145bef662950636ca
e4a8fcb7fc1cd333568eba0beb86d21c7134d33d
38eb2d417d15a38f262f8cce57c2ce0deb020c3d2823332c4cb760d87c39db8a
GET /39ece0ec38182f6a9c5191222a2a17bd.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 451650
last-modified: Fri, 19 Aug 2022 17:02:33 GMT
etag: "62ffc229-6e442"
expires: Tue, 10 Jan 2023 11:03:20 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 88590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgciwQblXWxK2CczKhPodP5AsHZFbh3acz9pk5DWOl3qVHOcqNwU0pxNZzqG7LWEF6LOFKRRjKiW5ETLc%2FUMDL3recyMkudED4QOShCXQNo2uHmC2HDq%2Fnco9jlX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f8d1d21f2d279e-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg
200 OK 465 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=120, yresolution=120], baseline, precision 8, 1280x720, components 3\012- data
Size 465 kB (464670 bytes)
Hash ba0bc684cabb92a694d67237b2637887
cf57fb92bcca91174e038eb25b9fcd4c36af9a49
07de171b4735f70b00021bf230231faf69573e9e90e60b3974aeae196375a27d
GET /upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 09 Jan 2023 23:04:35 GMT
Content-Type: image/jpeg
Content-Length: 464670
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 16:45:06 GMT
ETag: "620d2a12-7171e"
Expires: Wed, 08 Feb 2023 23:03:20 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
200 OK 1.6 MB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 640 x 200\012- data
Size 1.6 MB (1607696 bytes)
Hash 9c26f4dcfdfa72ecdcbe3ea854547b4c
fed85b90734400d6810be2b07403f5c8a194a507
ebd842d015d6684a6995a73f1e81f0dea219815318f8993501da9ca79cca74d2
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 09 Jan 2023 23:03:18 GMT
content-type: image/gif
content-length: 1607696
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:45 GMT
cache-control: max-age=2592000
x-delay: 108117 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1607696
chid: 0
fid: 0
x-nws-log-uuid: ba124415-f704-4c4c-8228-9c3ea0f81e0a
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.aibjcc.com/index.php
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.aibjcc.com/index.php
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.aibjcc.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aibjcc.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 09 Jan 2023 23:03:21 GMT
kvegg.com/6c2bdfc52ef6d8572dcf0d370f891c1f.gif
200 OK 103 kB URL HTTP/2 kvegg.com/6c2bdfc52ef6d8572dcf0d370f891c1f.gif
IP
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 180 x 180\012- data
Size 103 kB (103315 bytes)
Hash 1c5964f75be8302dd87def5ab80b1e56
b69009eaa2bea4c2b7dfc5cbbb219e99320499a5
d057519306b8ee0bcc39bdfc76784a78162d627171054209a742c52d83ca3fe2
GET /6c2bdfc52ef6d8572dcf0d370f891c1f.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 103315
last-modified: Wed, 07 Dec 2022 06:27:53 GMT
etag: "63903269-19393"
expires: Tue, 10 Jan 2023 11:03:20 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 50419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoTH8k4ps3UWaoyL4Ch6DmADZT0gqC0v6XPto5sZydqqX%2BK0Ka5R5ShrAP3rBd6O8pMeyAlSc9pI0KCOcy2aVVFMsWZ5BSY6TeOVLTlIrjxh%2FphxqWJJzQG9PNz9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f52df16e7061ee-YVR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image
200 OK 807 kB URL HTTP/2 p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image
IP
File type GIF image data, version 89a, 400 x 420\012- data
Size 807 kB (806826 bytes)
Hash ce6a32bc15190689f6891ff7973e913f
99a64f0bdb4351f86032d9b1c9d9079ea6667cc8
18cdc10ae1ad7de191dd2adc346add24ded8e35c69f25a63bb91c928fe837331
GET /img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 806826
date: Mon, 25 Jul 2022 09:10:29 GMT
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 31 Mar 2022 10:03:03 GMT
nw-session-id: 2022033118030201019409901840A77C0Endgts03la
nw-session-trace: 2022-03-31T18:03:03.257713369+08:00 344
x-bdcdn-cache-status: TCP_HIT
x-length: 806826
x-powered-by: ImageX
x-response-date: Thu, 31 Mar 2022 18:03:03 GMT
x-tt-logid: 2022033118030201019409901840A77C0E
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-lb: image
x-ser: BC177_dx-lt-yd-zhejiang-jinhua-12-cache-13, BC177_dx-lt-yd-zhejiang-jinhua-12-cache-13, BC6_US-Michigan-chieago-1-cache-1, BC102_US-Colorado-Denver-1-cache-1
x-cache: HIT from BC102_US-Colorado-Denver-1-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=1
access-control-allow-origin: *
timing-allow-origin: *
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
X-Firefox-Spdy: h2
8499583.com/8499/150x150.gif
200 OK 185 kB URL HTTP/2 8499583.com/8499/150x150.gif
IP
File type GIF image data, version 89a, 150 x 150\012- data
Size 185 kB (185171 bytes)
Hash 09b278a0ce767cdcdc3b9be868a94320
b69d4a2345f4d5ae6cc772a70456ea7aea74ce95
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
GET /8499/150x150.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 185171
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "2d353-5f0e00094173c"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
gtm-cn-9lb3119w00i.gtm-a5b3.com/pj1/xpj96080a.gif
200 OK 400 kB URL HTTP/1.1 gtm-cn-9lb3119w00i.gtm-a5b3.com/pj1/xpj96080a.gif
IP
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 80\012- data
Size 400 kB (399604 bytes)
Hash 3eb91b8deae22eb3d3a11d342c9eda28
44e020d38f605686c9df960a5465b948373a2c9d
82d5837b611786314d5e5b84754b5e037396cf99dd6c154d19f7887657c3989c
GET /pj1/xpj96080a.gif HTTP/1.1
Host: gtm-cn-9lb3119w00i.gtm-a5b3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 03 Jan 2023 12:02:01 GMT
Etag: "3eb91b8deae22eb3d3a11d342c9eda28"
Content-Type: image/gif
Date: Tue, 03 Jan 2023 12:04:19 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 829713022953361634
x-cos-request-id: NjNiNDE5YzNfNmE1MGI3MDlfMWM2ODVfMjRhNjczYg==
Content-Length: 399604
Accept-Ranges: bytes
X-NWS-LOG-UUID: 5903650777513472026
Connection: keep-alive
X-Cache-Lookup: Cache Hit
88669aaa.com/c4085e5382a244379dc50150ca7a8732.gif
200 OK 115 kB URL HTTP/1.1 88669aaa.com/c4085e5382a244379dc50150ca7a8732.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 180 x 180\012- data
Size 115 kB (114978 bytes)
Hash 3c9e95a9db732ac71d81286b1c192754
565e4379ef9377f2d17abfdfaa774de9d4a3004c
167e29a1512c3e710bdbb8121d3926ec8205b0b51ad9874a23c300a937d5c810
Analyzer Verdict Alert quad9 Sinkholed
GET /c4085e5382a244379dc50150ca7a8732.gif HTTP/1.1
Host: 88669aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b3be11-1c122"
Date: Wed, 04 Jan 2023 09:44:03 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 03 Jan 2023 05:33:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-45
Content-Length: 114978
taiwtp1.com/img/200200.gif
200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 22:56:34 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Wed, 08 Feb 2023 22:56:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
200 OK 400 kB URL HTTP/1.1 gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
IP
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (399450 bytes)
Hash 4e1e4b8f46ac2e67539d5881785ba29a
7d3c9c963087ffc8c196cb7e67629342027a8a45
4c9cc489a2e26500ace73c53ce05bdfa52876a8700b7e9e73c1554187acefb0d
GET /ky960x60.gif HTTP/1.1
Host: gtm-cn-j6730u6sd0b.gtm-a3b8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 29 Dec 2022 12:09:17 GMT
Etag: "4e1e4b8f46ac2e67539d5881785ba29a"
Content-Type: image/gif
Date: Sat, 07 Jan 2023 19:02:33 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 10945751995987991778
x-cos-request-id: NjNiOWMxYzlfMjk1NGU0MDlfOWNiNV8yN2VlODI2
Content-Length: 399450
Accept-Ranges: bytes
X-NWS-LOG-UUID: 5853335777774709211
Connection: keep-alive
X-Cache-Lookup: Cache Hit
ky891.oss-cn-shenzhen.aliyuncs.com/891-960x120.gif
200 OK 407 kB URL HTTP/1.1 ky891.oss-cn-shenzhen.aliyuncs.com/891-960x120.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 407 kB (407212 bytes)
Hash 0f175e48fc5d3c25093bba6f5e2a8357
d5882f0d778cd7f455833093d0bc26e918b271f9
0b4254d3e3af56cf6e7c8ce9dd05cac2d4683310b0047c9430f3f79b7f71b3a5
GET /891-960x120.gif HTTP/1.1
Host: ky891.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: image/gif
Content-Length: 407212
Connection: keep-alive
x-oss-request-id: 63BC9D38C197983430A588AE
Accept-Ranges: bytes
ETag: "0F175E48FC5D3C25093BBA6F5E2A8357"
Last-Modified: Mon, 02 Jan 2023 14:11:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14239271872762606610
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: DxdeSPxdPCUJO7pvXiqDVw==
x-oss-server-time: 3
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 92e864405f40a6263ee66633432e74d5
c94fc1ade7b536af375e585f195d713b269e8bf0
9b13565933ae9c24fad9bbcb41ecb8a433e4574e305afe1de0edcf0beef4bd7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B13565933AE9C24FAD9BBCB41ECB8A433E4574E305AFE1DE0EDCF0BEEF4BD7D"
Last-Modified: Sun, 08 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4550
Expires: Tue, 10 Jan 2023 00:19:12 GMT
Date: Mon, 09 Jan 2023 23:03:22 GMT
Connection: keep-alive
595tuchuang.com/960x120.gif
200 OK 339 kB URL HTTP/1.1 595tuchuang.com/960x120.gif
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 339 kB (338572 bytes)
Hash 497ec973bccb9f68caabc1801b42057f
210fd7feea2126d002d3c8e77a9d31d3f6f90623
1eb10e6d757e0422d2244e4d4623eb008b0114f9fd22731278310e57bb9d36eb
GET /960x120.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: image/gif
Content-Length: 338572
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 16:53:32 GMT
ETag: "63b1ba8c-52a8c"
Expires: Wed, 01 Feb 2023 07:14:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
200 OK 301 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:20 GMT
content-type: image/gif
content-length: 301024
server: openresty
age: 13502674
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=4
via: CHN-HElangfang-AREACUCC1-CACHE5[4],CHN-HElangfang-AREACUCC1-CACHE15[0,TCP_HIT,4],CHN-TJ-GLOBAL1-CACHE90[6],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,4]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash d0f823d9f54918e479ca42989b02f54d
aaf579fbd0338b3add20098f25119418e87245ae
6e8bc407032473cd60959426f8eac8e66e5d04294655355a46208d23f4856ad8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 23:03:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 15:22:07 GMT
Expires: Fri, 13 Jan 2023 15:22:06 GMT
Etag: "aaf579fbd0338b3add20098f25119418e87245ae"
Cache-Control: max-age=317323,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7870ce4c6e510b59-OSL
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
200 OK 409 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 409 kB (408644 bytes)
Hash bcfbb4b0078b03be1636d20ac5102ff1
e18886f1cbf23adf9188bc82aa0961afe6e91f11
d3b834351a460b41f249d0b69b008860b7ecbe6f2c916bf30778826239e5f7b5
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 09 Jan 2023 23:03:20 GMT
Content-Type: image/gif
Content-Length: 408644
Connection: keep-alive
x-oss-request-id: 63BC9D38DD75B73235C73F15
Accept-Ranges: bytes
ETag: "BCFBB4B0078B03BE1636D20AC5102FF1"
Last-Modified: Fri, 30 Dec 2022 05:27:28 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9529281951725548429
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDC4P.FqxgiIDdlNzBlMDIzMGE1ZDQwZmY5YTBiNTkxM2I2MDQwOWZk
Content-MD5: vPu0sAeLA74WNtIKxRAv8Q==
x-oss-server-time: 2
yunduweek.com/i/2022/12/20/63a1571d30fa0.gif
200 OK 0 B URL HTTP/2 yunduweek.com/i/2022/12/20/63a1571d30fa0.gif
IP
GET /i/2022/12/20/63a1571d30fa0.gif HTTP/1.1
Host: yunduweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 23:03:22 GMT
content-type: image/gif
content-length: 194847
last-modified: Tue, 20 Dec 2022 06:33:01 GMT
etag: "63a1571d-2f91f"
expires: Wed, 08 Feb 2023 01:55:09 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.9376x.com/images/63664dfd09d6345f4f98bebe.gif
302 Found 0 B URL HTTP/2 img.9376x.com/images/63664dfd09d6345f4f98bebe.gif
IP
GET /images/63664dfd09d6345f4f98bebe.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
200 OK 0 B URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
IP
GET /ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:21 GMT
content-type: image/gif
content-length: 1368366
cache-control: max-age=15552000
expires: Wed, 05 Jul 2023 02:43:09 GMT
last-modified: Fri, 25 Nov 2022 14:35:51 GMT
age: 332412
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-16 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672972989434-0-0-0-10-10;200;200-1673004887085-0-0-0-9-9;200-1673305401096-0-0-0-1-1
X-Firefox-Spdy: h2
img.9787x.com/images/638eff88dc3c67fd6d683362.gif
302 Found 0 B URL HTTP/2 img.9787x.com/images/638eff88dc3c67fd6d683362.gif
IP
GET /images/638eff88dc3c67fd6d683362.gif HTTP/1.1
Host: img.9787x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
403 Forbidden 0 B URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 09 Jan 2023 23:03:21 GMT
content-type: application/xml
cf-ray: 7870ce4319e20b4d-OSL
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-id-2: pphDJibgaF0fM7SRkeQNHFrpRTIwDKZcJi0k8DMS9uihQpbkxpO440x31VN9DfaBPSEgODDwxP0=
x-amz-request-id: 779EXC9JJ1MCZWSW
set-cookie: __cf_bm=hsW8IiDF079THnyixJK.vZnf7t9EU61HZjd.EXnX_1M-1673305401-0-AfOOrhFpMQW+sc5fMHfENh12flwmPokHB+qKNZFgLZpWXd7EKELmdo69sOUHTqbfX6Y8NXpCINZCEVD4Kk6g8Ps=; path=/; expires=Mon, 09-Jan-23 23:33:21 GMT; domain=.pngtree.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
img.1137555.com/images/639f110ff854fb2e3980a017.gif
302 Found 0 B URL HTTP/2 img.1137555.com/images/639f110ff854fb2e3980a017.gif
IP
GET /images/639f110ff854fb2e3980a017.gif HTTP/1.1
Host: img.1137555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/96aa24e372b24b738c655b317f481f2a
X-Firefox-Spdy: h2
www.henniu486.site/template/dfcc/static/js/jquery.min.js
200 OK 0 B URL HTTP/2 www.henniu486.site/template/dfcc/static/js/jquery.min.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/static/js/jquery.min.js HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:32 GMT
vary: Accept-Encoding
etag: W/"61d99aa4-17b8b"
expires: Tue, 10 Jan 2023 11:03:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.henniu486.site/template/dfcc/static/js/jquery.lazyload.min.js
200 OK 0 B URL HTTP/2 www.henniu486.site/template/dfcc/static/js/jquery.lazyload.min.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /template/dfcc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: www.henniu486.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu486.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 23:03:15 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:22 GMT
vary: Accept-Encoding
etag: W/"61d99ad6-d35"
expires: Tue, 10 Jan 2023 11:03:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
199.233.236.246
143.92.57.79
104.18.32.68
119.167.147.253
93.184.220.29
220.128.218.220
47.246.44.224
104.110.17.24
45.89.208.114
43.154.254.32
20.222.36.106