Report - www.allfixmechanical.com/

Report Overview

Submitted URL
www.allfixmechanical.com/
IP
217.18.56.153
ASN
#46261 QUICKPACKET
Submitted
2022-11-28 09:26:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
s2.loli.net	100401	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.8 MB	104.26.0.190
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	696 B	2.4 kB	104.18.32.68
nvhaaa.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	160 kB	104.21.234.40
zhibo128x.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	648 kB	154.83.25.141
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	114 B	182.61.201.93
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	9.3 kB	23.36.79.17
kvezz.com	237784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	422 B	45.154.215.92
mei.netlbtu.com	917912	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	47 kB	172.247.77.90
p26.toutiaoimg.com	75286	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	890 B	982 kB	120.52.95.234
kjimg10.360buyimg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	1.4 MB	182.140.218.3
www.allfixmechanical.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.0 kB	217.18.56.153
kveff.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	422 B	64.32.13.142
223969ufy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	636 kB	45.61.212.223
img.2633u.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	182 B	185.239.226.23
aooacctp.vip	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	90 kB	104.21.82.179
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	10 kB	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.8 kB	172.64.155.188
8499483.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	331 kB	162.209.128.164
n0622.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	142 kB	20.78.78.186
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	15 kB	23.36.77.32
kvkggg.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	401 kB	172.67.154.165
u1022.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	359 kB	103.170.15.52
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	294 B	750 B	182.61.240.101
baidu.hnmaccms.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	709 B	662 B	143.92.57.79
max002.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	367 kB	104.21.233.254
nkiun.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	534 B	40 kB	8.210.99.166
img.1153555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	182 B	185.239.226.23
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	12 kB	104.18.21.226
p9.toutiaoimg.com	59405	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	870 B	896 kB	4.79.109.102
cbu01.alicdn.com	44205	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	99 kB	47.246.44.252
s3.uuu.ovh	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	629 kB	194.13.80.102
kvegg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	422 B	45.154.215.92
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.1 kB	142.250.74.3
www.tupku.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	1.6 MB	172.67.200.40
kzeaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	422 B	67.198.205.125
dl66d.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	470 kB	185.135.77.192
p.qlogo.cn	48578	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	3.4 MB	43.154.254.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
kvheee.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	66 kB	104.21.234.198
398375178.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	141 kB	47.75.19.145
ggt999.oss-cn-hangzhou.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	346 kB	47.110.23.69
cdn.u1.huluxia.com	865541	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	307 B	478 kB	104.250.44.2
www.henniu455.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	16 kB	173.231.12.252
365tupian.oss-cn-shenzhen.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	341 kB	120.77.166.102
png.pngtree.com	48376	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	620 B	104.18.2.157
678tktp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	42 kB	154.83.24.157
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	5.7 kB	104.18.21.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
kvtooo.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	374 kB	172.67.175.176
ddcdn.comtucdncom.com	240637	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	465 kB	45.89.209.74
8499583.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	135 kB	162.209.128.164
sz88.oss-cn-shenzhen.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	479 kB	120.77.166.72
img.9376x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	182 B	185.239.226.23
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.84.125
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	37 kB	103.235.46.191
ocsp.digicert.cn	37572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	1.1 kB	47.246.44.205
p3.douyinpic.com	23536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.5 MB	47.246.44.231
kvhaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	422 B	170.178.176.170
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	23.36.77.32
jackie4fun.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	114 kB	58.218.208.85

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	kvkggg.top	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed
2022-11-28	medium	henniu455.site	Sinkholed

JavaScript (20)

	URL	Size	First Seen	Last Seen
	www.allfixmechanical.com/common.js	1.5 kB	2023-03-07	2023-03-17
Pretty URL www.allfixmechanical.com/common.js IP 217.18.56.153 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2023-03-17 12:40:02 Times Seen1 Hash 18ac90c0a88951615363d6ee8ceed9a2 e894023834a6c5102cdc4459c57251866382504b 9c78d58924be5f7e66557483cc53def1aa55c8839bda5d6911118d6e709255e9 Loading...

	www.henniu455.site/template/dfcc/static/js/jquery.min.js	97 kB	2023-03-07	2024-05-07
Pretty URL www.henniu455.site/template/dfcc/static/js/jquery.min.js IP 173.231.12.252 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-07 04:56:44 Times Seen119141 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	www.henniu455.site/	126 B	2023-03-07	2024-05-05
Pretty URL www.henniu455.site/ IP 173.231.12.252 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-05-05 02:51:50 Times Seen700 Hash 2f869be15fc72c6b1c27b0722717f7b9 4c14a9d014274a315deb6c2066659a5472de3281 86ab4a35529048ff85c373322d7b7cc6bf047551f014c721a210c01c5a070db6 Loading...

	hm.baidu.com/hm.js?e999deeef0f51d57f8d135ece1f722db	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?e999deeef0f51d57f8d135ece1f722db IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:50:58 Last Seen2023-03-11 21:50:58 Times Seen1 Hash 9d3fe5adfcd049fb519edb1337c6d9fb 2b5c7a0568389433914e1b7705bf9726772a3b08 c02aa693a359b38f85db6498d207325f4cc1850bdd49527fe7f7802e91c8089f Loading...

	hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:50:58 Last Seen2023-03-11 21:50:58 Times Seen1 Hash 7911d987966301cbebc9e4954a5c58bf f11620df7eed329f398bda14342a880ee143ce91 cc4d646bbf203cb797f7ad1229c398acb92f92b3b79a95875afc178f5fdd01d2 Loading...

	www.allfixmechanical.com/	34 B	2023-03-11	2023-03-11
Pretty URL www.allfixmechanical.com/ IP 217.18.56.153 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:50:58 Last Seen2023-03-11 21:50:58 Times Seen1 Hash 487f67b830e3fb0bb74490e8c32e896d 5c90d665311ffc45093fa70f9174b86a20dcb142 b79e087d4a8160990e0241f9782201e2970bfa962a7512db1f7857e824d4f7ca Loading...

	www.allfixmechanical.com/	404 B	2023-03-07	2024-05-06
Pretty URL www.allfixmechanical.com/ IP 217.18.56.153 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-06 05:43:26 Times Seen3014 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-05-07
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.240.101 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-07 05:25:54 Times Seen19345 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	baidu.hnmaccms.xyz/news/data.php	387 B	2023-03-11	2023-03-11
Pretty URL baidu.hnmaccms.xyz/news/data.php IP 143.92.57.79 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:14:50 Last Seen2023-03-11 22:19:42 Times Seen1 Hash 1178053782a6afe025d81f21b6950091 a55a6509be2f7c166a3a1f4b4d8cd2a59ca1db39 43955247231569d16766ffaf38f8e7592f3a4af126f88b9fdce3c58d5df67512 Loading...

	www.henniu455.site/template/dfcc/static/js/jquery.lazyload.min.js	3.4 kB	2023-03-07	2024-05-07
Pretty URL www.henniu455.site/template/dfcc/static/js/jquery.lazyload.min.js IP 173.231.12.252 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-05-07 04:47:00 Times Seen4122 Hash 112c8d1b40b3e62e883c743e9d71e0bf 338318e930487b2791a7bcf53ad4601630cc41e2 ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e Loading...

	www.henniu455.site/logo.html	448 B	2023-03-07	2023-04-05
Pretty URL www.henniu455.site/logo.html IP 173.231.12.252 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2023-04-05 02:01:03 Times Seen113 Hash 85ed82b5f9fb4040d4c6e5165e458e6b 43a80e8dedae9ef5e4500d129cfecaf39bbeb2e5 7e40c67aca6c28510901aca57be804353d55494e7a0890d3fd3f31b7243f77ee Loading...

	hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:50:58 Last Seen2023-03-11 21:50:58 Times Seen1 Hash 547830f0ebe3e1e8be4751ba1d9dd797 367c7dcef550f14f29a37bf8c1558958d1286b8d 441fdec7a80f03465287ce4e43fd5b4f6f252223be74f7a42344b7e43c834efc Loading...

	www.allfixmechanical.com/tj.js	520 B	2023-03-07	2023-03-13
Pretty URL www.allfixmechanical.com/tj.js IP 217.18.56.153 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:52 Last Seen2023-03-13 00:02:05 Times Seen1 Hash 645b849433caa9671a36773280b7cbcd 7b2893ee802185c1ad717547146aa69ebd4337c6 985b2fd4e4d340bd50de5bc284bccdf79d26d4d58c1782b2a876a99feed7d956 Loading...

	www.henniu455.site/template/dfcc/html9/ads/dulian.js	1.7 kB	2023-03-11	2023-03-11
Pretty URL www.henniu455.site/template/dfcc/html9/ads/dulian.js IP 173.231.12.252 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:43:23 Last Seen2023-03-11 21:50:58 Times Seen1 Hash e1f7a449ad4eb2fd36159bbfe38fd8d2 abff2bfd9457ade50aa70cb81deaf515c5fe9290 5ed623aba241aa0193f9f3c52dd371b606fb6cf5e9f3f3b96441a68b570c7e7b Loading...

	www.henniu455.site/	254 B	2023-03-07	2023-04-14
Pretty URL www.henniu455.site/ IP 173.231.12.252 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2023-04-14 00:52:17 Times Seen34 Hash 05f0373ea7e281c385907cb6386e0545 f3bf9f91dcc0e52ce2366cf0880e880539b5f7fc ea2cf285809c5418877d8d21b5fcef883d144ec6bb364bd429c8f54d90da7f19 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1357a7bd51b1ce39e15274e9bc98b64b	475 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:50:58 Last Seen2023-03-11 21:50:58 Times Seen1 Hash 1357a7bd51b1ce39e15274e9bc98b64b 995575312671f1d1fcdc6f9958357bb8e8af64c0 72a3e32af5ad0ebd54ddd2442402c861dfe76041852b5d846688d97839fd6419 Loading...

		Size	First Seen	Last Seen
	#1 Write - 0520ad9cb98d8433c63c38ef9d92ff4b	456 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:50:58 Last Seen2023-03-11 21:50:58 Times Seen1 Hash 0520ad9cb98d8433c63c38ef9d92ff4b 5b02d92b7d679be60800866f3ebe2deac55bea58 0d34422b9eac76423858df679cf29da65df49619ccf211693c135a2e6b99b7e9 Loading...

	#2 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-05-03
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-05-03 23:56:26 Times Seen3763 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#3 Write - 1aa0edf945751368a41a3061fda880f3	566 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 15:12:35 Last Seen2023-03-11 21:50:58 Times Seen1 Hash 1aa0edf945751368a41a3061fda880f3 491f9087d36e2e07448e363ace4f18db5a593218 44cbcb9ea4a240cdf901c982e6c4fb0febe60ccb37e445452619d1c2b1f1d37a Loading...

	#4 Write - 7da19c2b2c64575568019c470d8df671	529 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 20:43:23 Last Seen2023-03-11 21:50:58 Times Seen1 Hash 7da19c2b2c64575568019c470d8df671 cf159245f6e992b249bf621a3c6d2eb87c787230 dffe4418406e28a666168f228e9c055b77c166a98e702b693aa07cf1f84fa9f4 Loading...

HTTP Transactions (152)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10553
Expires: Mon, 28 Nov 2022 12:22:40 GMT
Date: Mon, 28 Nov 2022 09:26:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9257
Expires: Mon, 28 Nov 2022 12:01:04 GMT
Date: Mon, 28 Nov 2022 09:26:47 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 7NrN3Xmx9/QZiKLWRqTc2nvSQhXAa3DYIKFZNwGlzEfBP0X6BkiApve2b1HYo2R7SLRwAavoAp4=
x-amz-request-id: K1R1W456Y2J7MM2A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 08:44:58 GMT
age: 2509
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2560
Cache-Control: max-age=92826
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:47 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:13:53 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 09:17:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 541
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.allfixmechanical.com/

217.18.56.153

200 OK

801 B

URL HTTP/1.1
www.allfixmechanical.com/
IP
217.18.56.153:0
ASN
#46261 QUICKPACKET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
801 B (801 bytes)
Hash
a5938d944f5c385551ed16182d4c39ce
79a6102cf6cb562a727f95da7fd85bfa4b4e27a0
43f823c57ea19d42e89cca1a59aea47ce6824af67aac87148a9123a490744e97

HTTP Headers

GET / HTTP/1.1
Host: www.allfixmechanical.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:26:47 GMT
Content-Type: text/html
Content-Length: 801
Connection: keep-alive

www.allfixmechanical.com/tj.js

217.18.56.153

200 OK

520 B

URL HTTP/1.1
www.allfixmechanical.com/tj.js
IP
217.18.56.153:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
645b849433caa9671a36773280b7cbcd
7b2893ee802185c1ad717547146aa69ebd4337c6
985b2fd4e4d340bd50de5bc284bccdf79d26d4d58c1782b2a876a99feed7d956

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.allfixmechanical.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allfixmechanical.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:26:47 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

www.allfixmechanical.com/common.js

217.18.56.153

200 OK

757 B

URL HTTP/1.1
www.allfixmechanical.com/common.js
IP
217.18.56.153:0
ASN
#46261 QUICKPACKET

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
757 B (757 bytes)
Hash
ae4f9ffe7a2eeb4f281eec7788eba03b
09d7e9e07ddb8f412b4e904bbfd609edef5353bf
8bce791cc2ad839158815f6e0a8a1073de39f96f4e6c2135e13736cd5f620aca

HTTP Headers

GET /common.js HTTP/1.1
Host: www.allfixmechanical.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allfixmechanical.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:26:47 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5878
Cache-Control: max-age=91083
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:47 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:44:50 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 09:08:55 GMT
cache-control: public,max-age=3600
age: 1072
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.84.125

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.84.125:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PJyPiRAl1sjV8TUVJmv9bw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JEzpePhNrRjJf5snjQ2L2rcXXOQ=

www.allfixmechanical.com/favicon.ico

217.18.56.153

200 OK

1.2 kB

URL HTTP/1.1
www.allfixmechanical.com/favicon.ico
IP
217.18.56.153:0
ASN
#46261 QUICKPACKET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.allfixmechanical.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allfixmechanical.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:26:48 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 03 Dec 2022 09:26:48 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

baidu.hnmaccms.xyz/news/index.php

143.92.57.79

200 OK

48 B

URL HTTP/1.1
baidu.hnmaccms.xyz/news/index.php
IP
143.92.57.79:0
ASN
#64050 BGPNET Global ASN

File type
HTML document, ASCII text, with no line terminators
Size
48 B (48 bytes)
Hash
046691e8308c2adf72fc25247e2f9e80
a47d4ddf558d878140dd88a539159659e781345e
49f190d90d221b19e342cf6425fbb173e894ca0531935a3b08eaf83d980a6268

HTTP Headers

GET /news/index.php HTTP/1.1
Host: baidu.hnmaccms.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allfixmechanical.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:26:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.zhanzhang.baidu.com/push.js

182.61.240.101

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.240.101:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allfixmechanical.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 28 Nov 2022 09:26:48 GMT
Etag: "4078521116"
Expires: Tue, 28 Nov 2023 09:26:48 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=AD20868B2F649FEE586EBDDF7648F6AA:FG=1; max-age=31536000; expires=Tue, 28-Nov-23 09:26:48 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

baidu.hnmaccms.xyz/news/data.php

143.92.57.79

200 OK

198 B

URL HTTP/1.1
baidu.hnmaccms.xyz/news/data.php
IP
143.92.57.79:0
ASN
#64050 BGPNET Global ASN

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
198 B (198 bytes)
Hash
129e8138e06bd1b8253d4e085dd20765
8d912f0a8fffc97d33a938a360a775281e0b643e
af60632c5457d59bba80f177ea9a65f072d469a112af2d025cd8274ae8398a3a

HTTP Headers

GET /news/data.php HTTP/1.1
Host: baidu.hnmaccms.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://baidu.hnmaccms.xyz/news/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:26:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
4e1da2dd4fbf4fe13150df8a479e96e4
153f29a00e890de7d96af41b6cc554b23ae09277
d0067732ae097018b3bc257b5dfe5425ae39b3831fca40150bd1ae0f39a97006

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:22:39 GMT
ETag: "153f29a00e890de7d96af41b6cc554b23ae09277"
Last-Modified: Mon, 28 Nov 2022 06:22:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2729
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712106ed84b1c16-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
4e1da2dd4fbf4fe13150df8a479e96e4
153f29a00e890de7d96af41b6cc554b23ae09277
d0067732ae097018b3bc257b5dfe5425ae39b3831fca40150bd1ae0f39a97006

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:22:39 GMT
ETag: "153f29a00e890de7d96af41b6cc554b23ae09277"
Last-Modified: Mon, 28 Nov 2022 06:22:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2729
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712106ee8571c16-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94b20e0d7fa76162e8b466285dffd148
35d589f6d085cf15a82c811da2f7b19da9f03a8d
98e6f46037362a0a92fb02a90439c2f699ab7986528f7182cfa700b99c781816

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98E6F46037362A0A92FB02A90439C2F699AB7986528F7182CFA700B99C781816"
Last-Modified: Sat, 26 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21547
Expires: Mon, 28 Nov 2022 15:25:56 GMT
Date: Mon, 28 Nov 2022 09:26:49 GMT
Connection: keep-alive

api.share.baidu.com/s.gif?l=http://www.allfixmechanical.com/

182.61.201.93

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.allfixmechanical.com/
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.allfixmechanical.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allfixmechanical.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 28 Nov 2022 09:26:49 GMT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 09:26:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 09:26:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 09:26:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 09:26:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 09:26:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11255 bytes)
Hash
6e240caa3153ea25c34d07185b47f8a5
602e8ba5c6671ff947acfda757577ddc8ecec6ec
c2b37bf1ef003ceffaaf4612f2001b6f7998d5b95cd55b32c79fefcb24ccad7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11255
x-amzn-requestid: ce06e0cc-3874-4a3d-a6c5-5cc1cb342138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7w8EEOIAMF_6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99f-5ca652aa369ee1690b0d08cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0diXekmaxz0zbwy1wShePUxsvtC59YoEPcLJmS_ql6uKG0MtqbxbeQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:03:04 GMT
age: 41025
etag: "602e8ba5c6671ff947acfda757577ddc8ecec6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6376 bytes)
Hash
78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 41123
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15639 bytes)
Hash
0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxNulyOR88nEcjtrXm1dECsulI-MsAxm2Zl0Y83uMz23lGh18d-ZBA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:55 GMT
age: 41394
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12555 bytes)
Hash
f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KcI_BV4rZkM-2CmcFI5qkJLT-OOwYQnRNEPXrQJvlNA9A3Da0EzgEA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 41745
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 41133
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5989 bytes)
Hash
fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P0Nx-FcvcV-f5cRPwZr5sEMb8pH3AoYFr185q_D0X2bE7z40nDn91w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 41745
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.henniu455.site/static/images/1.gif

173.231.12.252

200 OK

254 B

URL HTTP/2
www.henniu455.site/static/images/1.gif
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static/images/1.gif HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:49 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 24 Dec 2021 10:11:17 GMT
etag: "61c59cc5-fe"
expires: Wed, 28 Dec 2022 09:26:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu455.site/template/dfcc/images/loading.svg

173.231.12.252

200 OK

506 B

URL HTTP/2
www.henniu455.site/template/dfcc/images/loading.svg
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
506 B (506 bytes)
Hash
bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/dfcc/images/loading.svg HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:49 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:24 GMT
etag: "61da9f3c-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu455.site/template/dfcc/html9/ads/dulian.js

173.231.12.252

200 OK

845 B

URL HTTP/2
www.henniu455.site/template/dfcc/html9/ads/dulian.js
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type
data
Size
845 B (845 bytes)
Hash
99bce0d0e39824b45ff4f11a9cb62262
1264faaa0c1991af82e2816c008a069ca7951c47
ae3d9af3529df78d65ffeeb6c164506f5a9b313e659e57150b9a240575cd6e4d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/dfcc/html9/ads/dulian.js HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:49 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 09:30:43 GMT
vary: Accept-Encoding
etag: W/"6381dcc3-6b1"
expires: Mon, 28 Nov 2022 21:26:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
bea2d76faa15418095ff0a03c19f099a
226225816fffc044d5d1809c5c18c6dfa6337bd0
97732f2da51fb87f606c8433778bf6c26954d28347cf0a479a9e24a7bdd37e26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4845
Cache-Control: max-age=166340
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:50 GMT
Etag: "638452b1-116"
Expires: Wed, 30 Nov 2022 07:39:10 GMT
Last-Modified: Mon, 28 Nov 2022 06:18:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

www.henniu455.site/logo.html

173.231.12.252

200 OK

879 B

URL HTTP/2
www.henniu455.site/logo.html
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type
HTML document, Unicode text, UTF-8 (with BOM) text
Size
879 B (879 bytes)
Hash
a4229e5d02151f80ae5438c1b96aeeff
84b0a174ce8032bb83a4b015d3122d6014540b89
94f1b6a919ebd8d414f1c423ef3ad76df2349a7782ae45a313d3b2743b6b31e0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /logo.html HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:50 GMT
content-type: text/html
content-length: 879
last-modified: Wed, 18 May 2022 08:37:40 GMT
etag: "6284b054-36f"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
bea2d76faa15418095ff0a03c19f099a
226225816fffc044d5d1809c5c18c6dfa6337bd0
97732f2da51fb87f606c8433778bf6c26954d28347cf0a479a9e24a7bdd37e26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4845
Cache-Control: max-age=166340
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:50 GMT
Etag: "638452b1-116"
Expires: Wed, 30 Nov 2022 07:39:10 GMT
Last-Modified: Mon, 28 Nov 2022 06:18:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
bea2d76faa15418095ff0a03c19f099a
226225816fffc044d5d1809c5c18c6dfa6337bd0
97732f2da51fb87f606c8433778bf6c26954d28347cf0a479a9e24a7bdd37e26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4845
Cache-Control: max-age=166340
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:50 GMT
Etag: "638452b1-116"
Expires: Wed, 30 Nov 2022 07:39:10 GMT
Last-Modified: Mon, 28 Nov 2022 06:18:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

www.henniu455.site/template/dfcc/images/video-mask.png

173.231.12.252

200 OK

107 B

URL HTTP/2
www.henniu455.site/template/dfcc/images/video-mask.png
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type
PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/dfcc/images/video-mask.png HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/template/dfcc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:50 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-6b"
expires: Wed, 28 Dec 2022 09:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu455.site/template/dfcc/images/video-play.png

173.231.12.252

200 OK

1.6 kB

URL HTTP/2
www.henniu455.site/template/dfcc/images/video-play.png
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/dfcc/images/video-play.png HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/template/dfcc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:50 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:20 GMT
etag: "61d4644c-61f"
expires: Wed, 28 Dec 2022 09:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.henniu455.site/henniu.png

173.231.12.252

200 OK

5.0 kB

URL HTTP/2
www.henniu455.site/henniu.png
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type
PNG image data, 120 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (4973 bytes)
Hash
66a858de209ee39809102a15257bbd71
6856ccaf274c24cdbe62155da4847eafd3b7f3e9
478f7ef871afdab3f845e3f501b9ec980ff449f34651ebc7f0b5b5498ea60296

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /henniu.png HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:50 GMT
content-type: image/png
content-length: 4973
last-modified: Wed, 18 May 2022 08:34:27 GMT
etag: "6284af93-136d"
expires: Wed, 28 Dec 2022 09:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
72abd2241769bcf4f69ec62077080c58
02de67c5ffa79ab01bc07a4b8aeccbf10ac9906d
44a8613385f936a9955061d3709672be506ae53661623a2a2d54f8ce6c9ff39d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44A8613385F936A9955061D3709672BE506AE53661623A2A2D54F8CE6C9FF39D"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11000
Expires: Mon, 28 Nov 2022 12:30:10 GMT
Date: Mon, 28 Nov 2022 09:26:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
384c3f4292d34beec77fbca620eca889
e0cfbea6abead42030c7d4655ac123115079e818
31d7c3c10bcce1980236c0ca9edf54a938685cb0f9b21a78cfbac212f09b129c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31D7C3C10BCCE1980236C0CA9EDF54A938685CB0F9B21A78CFBAC212F09B129C"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17967
Expires: Mon, 28 Nov 2022 14:26:17 GMT
Date: Mon, 28 Nov 2022 09:26:50 GMT
Connection: keep-alive

hm.baidu.com/hm.js?e999deeef0f51d57f8d135ece1f722db

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?e999deeef0f51d57f8d135ece1f722db
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
370010e667c9d0e51d97c261ae291323
229ba0b85a6bf836635aeb91d26d06b2e62c54b4
5bc1593af5f8cf4ba1b4515662348b7f76ead46e1e6a45231eeedc2b648d7aab

HTTP Headers

GET /hm.js?e999deeef0f51d57f8d135ece1f722db HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allfixmechanical.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 09:26:49 GMT
Etag: f35b68d3e62a6b2b759e08406e8e77f3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=40BC5879246F47B0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?d8caaf5fc7e747bf497566f2be1cc916
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (621)
Size
11 kB (11259 bytes)
Hash
908c6ff54fa45a76e5ca6d6f688b9ef7
7c8f01dbb9f3e734d4a73b6ea41bcca17a2e58cb
d051232da1c0df7292df8d3482f0aa84f1d1c1fdd1827230df56098a6a3d4830

HTTP Headers

GET /hm.js?d8caaf5fc7e747bf497566f2be1cc916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allfixmechanical.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 09:26:49 GMT
Etag: 20f90f64f94b40ea6a2f96bc9967b5c1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=09EF613BCC738C43; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

s3.uuu.ovh/imgs/2022/11/19/6f431e4f52047cda.gif

194.13.80.102

200 OK

628 kB

URL HTTP/2
s3.uuu.ovh/imgs/2022/11/19/6f431e4f52047cda.gif
IP
194.13.80.102:0
ASN
#197540 netcup GmbH

File type
GIF image data, version 89a, 960 x 120\012- data
Size
628 kB (628226 bytes)
Hash
f9f1662ef340031afb90532b7d6eae1d
7ba723466aa5b7afd79f1b7e3a83c4d416367461
0c52d18925c4306e353fb064c9551285c8087468786b88c0c519b13d6f8e4fe6

HTTP Headers

GET /imgs/2022/11/19/6f431e4f52047cda.gif HTTP/1.1
Host: s3.uuu.ovh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:50 GMT
content-type: image/gif
content-length: 628226
content-security-policy: block-all-mixed-content
etag: "f9f1662ef340031afb90532b7d6eae1d"
last-modified: Sat, 19 Nov 2022 11:31:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 172B1F73E01D1855
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Mon, 12 Dec 2022 09:26:50 GMT
cache-control: max-age=1209600
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: GET,POST
xcdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bb91c299245e243adb2f229137ff59eb
98864e93ea0e6872ffbc527f5a98d9d8097a7573
00208b1b1208122769519dd5bdbd95b99da4f1d771d28116c67d6a4bf0bbdc82

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00208B1B1208122769519DD5BDBD95B99DA4F1D771D28116C67D6A4BF0BBDC82"
Last-Modified: Sun, 27 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11673
Expires: Mon, 28 Nov 2022 12:41:23 GMT
Date: Mon, 28 Nov 2022 09:26:50 GMT
Connection: keep-alive

hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?83778f58a428085f4ecef06936407d2b
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (624)
Size
11 kB (11262 bytes)
Hash
e67e1057ef17b3faf973730f481055b6
59643278155c0e65779e4865a55d63c486c7f23c
a50685105e133c066af702119fde916d10fd63be25eb2f8982c982d34e87b063

HTTP Headers

GET /hm.js?83778f58a428085f4ecef06936407d2b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 09:26:50 GMT
Etag: b1f665ef18a3fd5972dba0be121e8b0d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AF2EB9AE11795113; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

kvegg.com/53223777da2c042d1033909afab5c5a6.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvegg.com/53223777da2c042d1033909afab5c5a6.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /53223777da2c042d1033909afab5c5a6.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 09:26:50 GMT
content-type: text/html
content-length: 162
location: https://kvtooo.top/53223777da2c042d1033909afab5c5a6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

678tktp.com/tp/960x60.gif

154.83.24.157

200 OK

42 kB

URL HTTP/1.1
678tktp.com/tp/960x60.gif
IP
154.83.24.157:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 60\012- data
Size
42 kB (41618 bytes)
Hash
4fd9de737ce6698fb5c3a0eb52ed3cdf
da1fc841a82ddbfcee0dde9dd50b34acad24ce50
03cae438deedf1f1eb905ac79daef3fa63b8a45c51c9fbbe8164e7df0ac4a58c

HTTP Headers

GET /tp/960x60.gif HTTP/1.1
Host: 678tktp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 28 Nov 2022 09:26:50 GMT
Content-Type: image/gif
Content-Length: 41618
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 04:31:47 GMT
ETag: "63688a33-a292"
Expires: Mon, 26 Dec 2022 16:13:03 GMT
Cache-Control: max-age=2592000
Via: 154.83.24.154
CDN-Cache: HIT
Accept-Ranges: bytes

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=859134426&si=e999deeef0f51d57f8d135ece1f722db&v=1.3.0&lv=1&sn=57950&r=0&ww=1280&u=http%3A%2F%2Fwww.allfixmechanical.com%2F&tt=%E6%B1%95%E5%B0%BE%E8%86%B3%E8%88%B7%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=859134426&si=e999deeef0f51d57f8d135ece1f722db&v=1.3.0&lv=1&sn=57950&r=0&ww=1280&u=http%3A%2F%2Fwww.allfixmechanical.com%2F&tt=%E6%B1%95%E5%B0%BE%E8%86%B3%E8%88%B7%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=859134426&si=e999deeef0f51d57f8d135ece1f722db&v=1.3.0&lv=1&sn=57950&r=0&ww=1280&u=http%3A%2F%2Fwww.allfixmechanical.com%2F&tt=%E6%B1%95%E5%B0%BE%E8%86%B3%E8%88%B7%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allfixmechanical.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 09:26:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9E06EAA989E0927E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1770111830&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=57950&r=0&ww=1280&u=http%3A%2F%2Fwww.allfixmechanical.com%2F&tt=%E6%B1%95%E5%B0%BE%E8%86%B3%E8%88%B7%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1770111830&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=57950&r=0&ww=1280&u=http%3A%2F%2Fwww.allfixmechanical.com%2F&tt=%E6%B1%95%E5%B0%BE%E8%86%B3%E8%88%B7%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1770111830&si=d8caaf5fc7e747bf497566f2be1cc916&v=1.3.0&lv=1&sn=57950&r=0&ww=1280&u=http%3A%2F%2Fwww.allfixmechanical.com%2F&tt=%E6%B1%95%E5%B0%BE%E8%86%B3%E8%88%B7%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allfixmechanical.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 09:26:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8EBC2C34E56B3C5A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg

104.26.0.190

200 OK

9.2 kB

URL HTTP/2
s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
IP
104.26.0.190:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Size
9.2 kB (9166 bytes)
Hash
43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e

HTTP Headers

GET /2022/05/21/zAxwCKkLnFjlaQ8.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:50 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Sat, 21 May 2022 11:42:12 GMT
etag: "6288d014-23ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VupOPJxGPqMNOaVOYCxoRaF4bRg9G6hmPWJb93rDMdOLIFfqIG%2FqTT%2BnEvGf9APBK2RfnhlFXTcR5Gxf3HBwDAk%2B%2FJ%2Fx6BNi2PjrSqVI0Liu2jsyOb97KfC%2BjKfU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771210740cf5b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
79bd5a2860ce909a1eef0cd8773c77d1
12b4558cb310b355d5d26a2b3f41fa8272c8aeb7
32ccb36f7a907d37bc54e8bafd05693abf429d19a81c2d40581a80f1d6304716

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:09:12 GMT
ETag: "12b4558cb310b355d5d26a2b3f41fa8272c8aeb7"
Last-Modified: Mon, 28 Nov 2022 06:09:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2104
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712107888cd1bfe-OSL

ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b22686707e8e96b9c7f9e89ae848104f
a5df101de54337b7c80ddff61a902630f55a3035
a1a02d8a43f6073a62830530ce5768f9fdb33fcc03bd7ddc5c907a0001825f19

HTTP Headers

POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.tupku.top/lm/031815-80.gif

172.67.200.40

200 OK

1.6 MB

URL HTTP/2
www.tupku.top/lm/031815-80.gif
IP
172.67.200.40:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 500 x 281\012- data
Size
1.6 MB (1626999 bytes)
Hash
17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435

HTTP Headers

GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Thu, 15 Dec 2022 23:37:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1031757
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJDYvwyEvc9QVxsG24Qf7fHJOUvsPU5Qfs0C5tiuQh5ujk2xIATQxuW%2F2pLDTzVUOt%2FqdYDSxDl9FHahfNzFhej1O4Sk5w40J4uxhRjsyr%2Bjpd3x7AMiRh%2FQsbfWOhNf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77121078be7c1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
57a5ebff12a55db170cd1fa0b71fea8a
9da22e92e0e9d79ed68400c52f85fbd5df03c7ec
16308bc0b9e3b4875cbe01fab729f57ed77e19b7674014a14aaed762ab228a1c

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive
X-N: S

www.henniu455.site/template/dfcc/static/js/jquery.lazyload.min.js

173.231.12.252

200 OK

2.9 kB

URL HTTP/2
www.henniu455.site/template/dfcc/static/js/jquery.lazyload.min.js
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type
data
Size
2.9 kB (2941 bytes)
Hash
1ef7545cf8a744b19b9eabc070ac82c7
693e39027690142f9e95ecce50a942b8c71d7cd8
9b4f5b846742435a120c61ddd6c1f087c04b10ca135cbc450ee80b7a5a1dbfb4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/dfcc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:49 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:22 GMT
vary: Accept-Encoding
etag: W/"61d99ad6-d35"
expires: Mon, 28 Nov 2022 21:26:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1194041597&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=57950&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu455.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1194041597&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=57950&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu455.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1194041597&si=83778f58a428085f4ecef06936407d2b&su=http%3A%2F%2Fbaidu.hnmaccms.xyz%2F&v=1.3.0&lv=1&sn=57950&r=0&ww=1268&u=https%3A%2F%2Fwww.henniu455.site%2F&tt=%E5%BE%88%E7%89%9B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 09:26:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6C0BF929C5526F17; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6da37727167ab27c97911af31889a211
8cef6abdd32d5a252a4ae2c52db779c65fa02018
f69bbaa4c9faeaba866b4a85904c8c206fafed8ac5123a3aed5769d186201563

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F69BBAA4C9FAEABA866B4A85904C8C206FAFED8AC5123A3AED5769D186201563"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15037
Expires: Mon, 28 Nov 2022 13:37:28 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9eb8e7ca3228921fbfecafedf257b610
e83de138d99a587fcdb2d957f42ef01c2ad94d75
8957928c7a5db887e28b43d28bab44517d7b685f6018787eab96460eccd730f6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:36:47 GMT
Expires: Sat, 03 Dec 2022 15:36:46 GMT
Etag: "e83de138d99a587fcdb2d957f42ef01c2ad94d75"
Cache-Control: max-age=453594,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771210787bdab512-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0264a72e2a0c041eab36990fb6856444
b7f8b2fec1a041e6560fcd1d4a24fd333daf5003
81d305f15e1629e2725f7b034f8d2080f6450fe841765fadfc9106834ec977f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81D305F15E1629E2725F7B034F8D2080F6450FE841765FADFC9106834EC977F9"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18707
Expires: Mon, 28 Nov 2022 14:38:38 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

aooacctp.vip/lm/ynv100.gif

104.21.82.179

200 OK

89 kB

URL HTTP/2
aooacctp.vip/lm/ynv100.gif
IP
104.21.82.179:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 267 x 160\012- data
Size
89 kB (89034 bytes)
Hash
482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083

HTTP Headers

GET /lm/ynv100.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 89034
last-modified: Sun, 29 May 2022 06:37:35 GMT
etag: "629314af-15bca"
expires: Sat, 03 Dec 2022 22:39:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2072094
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FJTOSJ12J80OUV7G35Rrjxfb9LFrojP3E4jqjrnbxtRw0KCWSnFV3A4AIqrQCYM%2BstMZOFRqlIopcjxTN6uszM01xp10IRkNTuLX4it%2BB1TCm2Ned6v4QVruQGxs1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77121079ca890af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
bea2d76faa15418095ff0a03c19f099a
226225816fffc044d5d1809c5c18c6dfa6337bd0
97732f2da51fb87f606c8433778bf6c26954d28347cf0a479a9e24a7bdd37e26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4846
Cache-Control: max-age=166340
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:51 GMT
Etag: "638452b1-116"
Expires: Wed, 30 Nov 2022 07:39:11 GMT
Last-Modified: Mon, 28 Nov 2022 06:18:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f524d6afaad8038b17f7e675efca55ee
4996823fdc6ee00d67bbe7c9c35c55a453f1d5d9
6c32b1dcd393f020d8f92903920d09ef351a54ab81fb44d1060d70fdb0ff3feb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C32B1DCD393F020D8F92903920D09EF351A54AB81FB44D1060D70FDB0FF3FEB"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=342
Expires: Mon, 28 Nov 2022 09:32:33 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
71e27ecf8fb7ab5ea91eb3e10bcc04fc
6bfb1ec65d740e6385399d9549f0720bfd8a67cb
6bd5656f1536958241ecd6a04bce78a08f0252904c0f3c3ac3991468a32c668c

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 11:09:41 GMT
Expires: Fri, 02 Dec 2022 11:09:40 GMT
Etag: "6bfb1ec65d740e6385399d9549f0720bfd8a67cb"
Cache-Control: max-age=351168,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77121079cd9fb4f7-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
11d7a2faa60822ec3230a6300d3f845a
6424f4c50990cc355d631eb3193633832c8cc352
fa4964296deebde2cd34444f98d79a50103a1b3b9b3af14b8ad37abc2311c1d7

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 08:35:35 GMT
ETag: "6424f4c50990cc355d631eb3193633832c8cc352"
Last-Modified: Mon, 28 Nov 2022 08:35:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 850
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712107a2a521bfe-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
eceb80e0cc6d0bf508d07eb6ca1815cd
59cc8072a5f6f157d18ef32bee9c09bf4bddb504
170807983ebafae8a64338433ed0d1de2e175e39e859cb8cd10b474ea8c05fa8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2360
Cache-Control: max-age=133655
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:51 GMT
Etag: "6383dcba-2d7"
Expires: Tue, 29 Nov 2022 22:34:26 GMT
Last-Modified: Sun, 27 Nov 2022 21:55:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d9a62d7b750de6a5c2e1b47bc5d40621
1fea436ec269593b68e497b97463641c9337a121
baadc21658c7c41dc11c0989fdca5b20eb8b10fe5c87dc821c0cc64a4fa70055

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BAADC21658C7C41DC11C0989FDCA5B20EB8B10FE5C87DC821C0CC64A4FA70055"
Last-Modified: Sun, 27 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11947
Expires: Mon, 28 Nov 2022 12:45:58 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

p3.douyinpic.com/obj/tos-cn-i-dy/089f3a1286414d82ae6996008b165e45

47.246.44.231

200 OK

420 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/089f3a1286414d82ae6996008b165e45
IP
47.246.44.231:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
420 kB (420442 bytes)
Hash
7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb

HTTP Headers

GET /obj/tos-cn-i-dy/089f3a1286414d82ae6996008b165e45 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Thu, 17 Nov 2022 15:58:44 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 15:50:17 GMT
nw-session-id: 2022111723501701020803521406D172A0m425803dy
nw-session-trace: 2022-11-17T23:50:17.892997564+08:00 41
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 23:50:17 GMT
x-tt-logid: 2022111723501701020803521406D172A0
via: n204-098-012, cache4.l2de2[0,0,206-0,H], cache6.l2de2[1,0], cache6.l2de2[2,0], cache5.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc01:26:318::66
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01d8a37559a42dab1df9ddb2359a3e18948507c6b373bf4ea151dd04e9e53f40853d434f6fe7a67381440a85e967118d6902515a19439b56f21c681efa926d07d71f65787927462bdd51a41ff032662f35aca71ddabac3eaf0fe5c9b728f42bfbf
x-response-lb: image
ali-swift-global-savetime: 1668700724
age: 926887
x-cache: HIT TCP_MEM_HIT dirn:11:420780317
x-swift-savetime: Thu, 17 Nov 2022 16:25:06 GMT
x-swift-cachetime: 31534418
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816696276112345527e
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/4bd29c7e9a5b4161ad0f05921c40288e

47.246.44.231

200 OK

475 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/4bd29c7e9a5b4161ad0f05921c40288e
IP
47.246.44.231:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 80\012- data
Size
475 kB (474754 bytes)
Hash
187c69beaa798211a2760f0e7944d8cc
645bc6d28abf2cf3756a014fb2fc9075d0f0fe20
50bc3ac7422522639cd47b65d6cb5683ba8f80395087ba0c105e47edb69b81d4

HTTP Headers

GET /obj/tos-cn-i-dy/4bd29c7e9a5b4161ad0f05921c40288e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 474754
date: Thu, 17 Nov 2022 09:55:40 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:05 GMT
nw-session-id: 2022111717530501021004914549AA1B1Dx7xdl03dy
nw-session-trace: 2022-11-17T17:53:05.479651358+08:00 74
x-bdcdn-cache-status: TCP_HIT
x-length: 474754
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:05 GMT
x-tt-logid: 2022111717530501021004914549AA1B1D
via: n204-098-025, cache3.l2de2[0,0,206-0,H], cache23.l2de2[0,0], cache23.l2de2[1,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:25:582::100
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01db2ef58bb0f251f58322562d06fcbd2f62774c95199d5c6ca1ecc6ce9db8add0cc4560d6fbb52dd46bff78f9a89db36d8279770d0b5b8c72c547a4771e50e96821faacbf127d48ca32d75b3ee5be3dfdb2209d714210068b2b4b69e7ee917aa2
x-response-lb: image
ali-swift-global-savetime: 1668678940
age: 948671
x-cache: HIT TCP_MEM_HIT dirn:2:58591294
x-swift-savetime: Thu, 17 Nov 2022 09:57:02 GMT
x-swift-cachetime: 31535918
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816696276112425533e
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6da37727167ab27c97911af31889a211
8cef6abdd32d5a252a4ae2c52db779c65fa02018
f69bbaa4c9faeaba866b4a85904c8c206fafed8ac5123a3aed5769d186201563

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F69BBAA4C9FAEABA866B4A85904C8C206FAFED8AC5123A3AED5769D186201563"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15037
Expires: Mon, 28 Nov 2022 13:37:28 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

kvtooo.top/53223777da2c042d1033909afab5c5a6.gif

172.67.175.176

200 OK

374 kB

URL HTTP/2
kvtooo.top/53223777da2c042d1033909afab5c5a6.gif
IP
172.67.175.176:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
374 kB (373731 bytes)
Hash
cf97219922dd7d97965a5100350ac241
2c0947fad658e5bbcc035ad980d8742a966cd816
728bc7bed27cd30e3964e416bcb3d06faaff9705933da2d73f444dab72d4f86c

HTTP Headers

GET /53223777da2c042d1033909afab5c5a6.gif HTTP/1.1
Host: kvtooo.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.henniu455.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 373731
last-modified: Thu, 17 Nov 2022 07:58:50 GMT
etag: "6375e9ba-5b3e3"
expires: Sat, 24 Dec 2022 05:34:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 359517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnbc7yXrDCNFEx%2FGOj5OA6WHnqRGvAczk5gnRWQ%2BhqFHWAvMskXHqN1D0nbwqmMnfHWsdwnvb%2FTwDWKy8JYJVdLd37SQ3puZxKazumaTOEgzpol8rZ4H7frLZswe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7712107a8fad0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7d03c457056334ca3d41969384763b1
4f3e19442848c1415b9bf0cc6f25ff381964a63e
36f4c61112066821e5a505f142dd76ef9a6b3b63e27b0bb5864e1b9ca211428f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36F4C61112066821E5A505F142DD76EF9A6B3B63E27B0BB5864E1B9CA211428F"
Last-Modified: Mon, 28 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15212
Expires: Mon, 28 Nov 2022 13:40:23 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481

47.246.44.231

200 OK

562 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
IP
47.246.44.231:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 80\012- data
Size
562 kB (561802 bytes)
Hash
6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05

HTTP Headers

GET /obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Thu, 24 Nov 2022 07:56:06 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 23 Nov 2022 14:37:37 GMT
nw-session-id: 202211232237370101581631462B703C71nqps503dy
nw-session-trace: 2022-11-23T22:37:37.933349302+08:00 42
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Wed, 23 Nov 2022 22:37:37 GMT
x-tt-logid: 202211232237370101581631462B703C71
via: n132-069-106, cache5.l2de2[0,0,206-0,H], cache16.l2de2[1,0], cache16.l2de2[1,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:15:294::68
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 019f4845bcec5a43d6c9e96cb2b392b7bb8f77a8f9f69ab6c1bf7160a3f6dc2a60b0425e62b43b69ad3b1ec3633fb5c8cde6ab92d270f32725740e32fd30d5d8e23a8a1e78a16de7ed5f60387b3dadca8caff76fbfb65a5a2181410f6fe9092e13
x-response-lb: image
ali-swift-global-savetime: 1669276566
age: 351045
x-cache: HIT TCP_MEM_HIT dirn:11:29641968 mlen:0
x-swift-savetime: Fri, 25 Nov 2022 13:30:08 GMT
x-swift-cachetime: 31429558
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816696276112675547e
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
8be047b9eea5204769ef354d954aff4a
21f52c131af86006ecfc79580efaa98eb55da849
d478955d6cd59d7982f65b85dcdaf6907d1d88fcadf943922d48bd16c64faf06

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 20:23:24 GMT
Expires: Sun, 04 Dec 2022 20:23:23 GMT
Etag: "21f52c131af86006ecfc79580efaa98eb55da849"
Cache-Control: max-age=557191,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77121079ab2b1c16-OSL

kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif

67.198.205.125

301 Moved Permanently

162 B

URL HTTP/2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
67.198.205.125:0
ASN
#35908 VPLSNET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: text/html
content-length: 162
location: https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
540fc9cbbd62e8147ee1c770824c3b4a
22b5364b36c33f118ea80f7314d1cc22e8c48993
bed1e08f979cdfdc1762bc96f9989a9fb604458b9e8c22dd08e835ce7283b0e1

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:28:57 GMT
ETag: "22b5364b36c33f118ea80f7314d1cc22e8c48993"
Last-Modified: Mon, 28 Nov 2022 06:28:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1621
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712107b2afa1bfe-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
540fc9cbbd62e8147ee1c770824c3b4a
22b5364b36c33f118ea80f7314d1cc22e8c48993
bed1e08f979cdfdc1762bc96f9989a9fb604458b9e8c22dd08e835ce7283b0e1

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:28:57 GMT
ETag: "22b5364b36c33f118ea80f7314d1cc22e8c48993"
Last-Modified: Mon, 28 Nov 2022 06:28:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1621
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712107b28790b51-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
540fc9cbbd62e8147ee1c770824c3b4a
22b5364b36c33f118ea80f7314d1cc22e8c48993
bed1e08f979cdfdc1762bc96f9989a9fb604458b9e8c22dd08e835ce7283b0e1

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:28:57 GMT
ETag: "22b5364b36c33f118ea80f7314d1cc22e8c48993"
Last-Modified: Mon, 28 Nov 2022 06:28:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1621
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712107b2b4b0b65-OSL

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
4f7a29c1007c277f89206a7030707d01
b9e4486214ec26997a05a276b439743f55b4925b
4423d9bfd43907e63e119b9c617a6a39fd2cca57a5f4880663341da9e950d930

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=442
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive
X-N: S

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e6b8e9a142acbc406a42a5c342834670
daf56982bf509da6254b21dd97846495ff2486f5
ccbcfc8848fd59224745abe58a2de0ef4cd8db02fec4822e2b1ce05106cb26e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCBCFC8848FD59224745ABE58A2DE0EF4CD8DB02FEC4822E2B1CE05106CB26E5"
Last-Modified: Sun, 27 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3651
Expires: Mon, 28 Nov 2022 10:27:42 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d1aef1163092278015bc15aeb1db97c6
c91ef0fe0661462faeb64ac5dcca90bd109ae0b0
94f22e22629ed12113aa16825a4f5bb498aef958dda1745f067d934e31c09a50

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94F22E22629ED12113AA16825A4F5BB498AEF958DDA1745F067D934E31C09A50"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2911
Expires: Mon, 28 Nov 2022 10:15:22 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
8be047b9eea5204769ef354d954aff4a
21f52c131af86006ecfc79580efaa98eb55da849
d478955d6cd59d7982f65b85dcdaf6907d1d88fcadf943922d48bd16c64faf06

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 20:23:24 GMT
Expires: Sun, 04 Dec 2022 20:23:23 GMT
Etag: "21f52c131af86006ecfc79580efaa98eb55da849"
Cache-Control: max-age=557191,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7712107a3f74b512-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1fbb7f61e76866ea359f7919c12bef99
e60b44b493885b9e3bfcd727a512d8fded812887
87e51cc1ada762613fa8ddea12a61e0bfc1056f679cc8f7e4a464e4a6e77861a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 03:39:04 GMT
Expires: Sun, 04 Dec 2022 03:39:03 GMT
Etag: "e60b44b493885b9e3bfcd727a512d8fded812887"
Cache-Control: max-age=496931,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7712107b3c9b1c16-OSL

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
70a989ddf916063fd6d50ebc64e6db2f
49ef79d20a2ed51f3bcfa9979bea11be8fd26ade
4bc9206912ce15588266a1992922997be61248d3648be9d80b208a1c6cd38264

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=711
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
70a989ddf916063fd6d50ebc64e6db2f
49ef79d20a2ed51f3bcfa9979bea11be8fd26ade
4bc9206912ce15588266a1992922997be61248d3648be9d80b208a1c6cd38264

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=480
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive
X-N: S

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e0b84e002a1fc7737720f6e07f2e86cc
357350dc84a9ea32e8b3325d89719c5765feb8bf
b5a44501a7d65bf04cedcd5433a1ae4d72d58c30cdc15eabc5887e783b0af024

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 28 Nov 2022 09:26:51 GMT
Last-Modified: Sun, 27 Nov 2022 21:24:59 GMT
ETag: "6383d5ab-1d7"
Expires: Tue, 29 Nov 2022 21:24:59 GMT
Cache-Control: max-age=129488
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669627611
Via: cache19.l2de2[246,245,200-0,M], cache19.l2de2[246,0], cache1.se1[267,267,200-0,M], cache1.se1[268,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 28 Nov 2022 09:26:51 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516696276111482843e

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
70a989ddf916063fd6d50ebc64e6db2f
49ef79d20a2ed51f3bcfa9979bea11be8fd26ade
4bc9206912ce15588266a1992922997be61248d3648be9d80b208a1c6cd38264

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=728
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive
X-N: S

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d9a62d7b750de6a5c2e1b47bc5d40621
1fea436ec269593b68e497b97463641c9337a121
baadc21658c7c41dc11c0989fdca5b20eb8b10fe5c87dc821c0cc64a4fa70055

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BAADC21658C7C41DC11C0989FDCA5B20EB8B10FE5C87DC821C0CC64A4FA70055"
Last-Modified: Sun, 27 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11947
Expires: Mon, 28 Nov 2022 12:45:58 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
45568fcd9a32d5cf0e5145761159a24c
6f1ecd38db9c49af12b179accc609b2e8b024696
af114af187190b086868098d82e13ee2a9571ea0e2a366318deb06a6dbfc6624

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF114AF187190B086868098D82E13EE2A9571EA0E2A366318DEB06A6DBFC6624"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5706
Expires: Mon, 28 Nov 2022 11:01:57 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
dd57dfa6ed27d572dd972ae149518bd5
f4e8ac0b476e881fc2897adc09c4d1041662ebbf
ed6b575824fe55ae1cff4c491811ce9cb287cc8041bba03f68e355234d9058ec

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 06:29:15 GMT
ETag: "f4e8ac0b476e881fc2897adc09c4d1041662ebbf"
Last-Modified: Mon, 28 Nov 2022 06:29:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 689
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712107beb8b1bfe-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
5f1346fd72e6304f9dd8b42bb0d758b5
b3113d10721db6759a3248d4081ad55876793b0f
f770403479c70ab47061a2b58f5b669dabbbc1e65d6ee7bb4c167c852c6210f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5469
Cache-Control: max-age=168067
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:51 GMT
Etag: "63845701-2d7"
Expires: Wed, 30 Nov 2022 08:07:58 GMT
Last-Modified: Mon, 28 Nov 2022 06:36:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727

cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg

47.246.44.252

200 OK

98 kB

URL HTTP/2
cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg
IP
47.246.44.252:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
98 kB (98277 bytes)
Hash
c23b2edd3dce8616a9a723a26b2fd280
51451bb2e19c4f956b425221ede9cfdd90472a0e
4d47bba01041ef53fd4ee75b4c13e5730fe106b233a7a1b4e8e9f12fc7527f88

HTTP Headers

GET /img/ibank/2020/865/518/22902815568_1738432517.jpg HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 98277
date: Thu, 30 Dec 2021 15:58:00 GMT
last-modified: Thu, 24 Dec 2020 19:19:13 GMT
picasso-ret-code: SUCCESS
request-time: 0.083
expires: Fri, 30 Dec 2022 15:58:00 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1640879880
via: cache9.l2de2[0,0,200-0,H], cache23.l2de2[1,0], cache1.se1[0,0,200-0,H], cache4.se1[1,0]
access-control-allow-origin: *
age: 28747731
x-cache: HIT TCP_MEM_HIT dirn:11:98715752
x-swift-savetime: Wed, 31 Aug 2022 14:25:15 GMT
x-swift-cachetime: 10459965
timing-allow-origin: *
eagleid: 2ff62c9816696276115015670e
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
5f1346fd72e6304f9dd8b42bb0d758b5
b3113d10721db6759a3248d4081ad55876793b0f
f770403479c70ab47061a2b58f5b669dabbbc1e65d6ee7bb4c167c852c6210f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5469
Cache-Control: max-age=168067
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:51 GMT
Etag: "63845701-2d7"
Expires: Wed, 30 Nov 2022 08:07:58 GMT
Last-Modified: Mon, 28 Nov 2022 06:36:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727

kvhaa.com/f0e76a5c8312a00241ad726bac0f2d0f.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvhaa.com/f0e76a5c8312a00241ad726bac0f2d0f.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /f0e76a5c8312a00241ad726bac0f2d0f.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/f0e76a5c8312a00241ad726bac0f2d0f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b92678d8bfcefe51e926eac3acb442de
f4f13e283fe87a7c2b755c0fda71a1b7a483f17d
bb8b384b8b9a3b6c73717378a0ccfceee5473f6e7d14bc350241ced35a9f3a22

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BB8B384B8B9A3B6C73717378A0CCFCEEE5473F6E7D14BC350241CED35A9F3A22"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16889
Expires: Mon, 28 Nov 2022 14:08:20 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

kveff.com/68a7807de3933bf7079116fa9df99e6f.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: text/html
content-length: 162
location: https://max002.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
f4ed737390e88018a817cd614f9f0c37
b73ceac50688ecaa446219d0d7c650c24ac30df6
db088a4c142b6f48e61b42ccd7e3b6009feefa3836f7057c4bbd3df0721fd1cf

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 21:48:56 GMT
Expires: Fri, 02 Dec 2022 21:48:55 GMT
Etag: "b73ceac50688ecaa446219d0d7c650c24ac30df6"
Cache-Control: max-age=389523,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7712107c58c3b4f7-OSL

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8407d17d66eea1ca613456d1390d76d7
11ce6e9c8a3a3a6fc2f2365b377a3f46f9e15ad4
0a1ac5fe84d66393e583315518ac31d3463dc5233832fb892aefdf0ede6b8054

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

172.67.154.165

200 OK

400 kB

URL HTTP/2
kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
172.67.154.165:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
400 kB (400264 bytes)
Hash
b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.henniu455.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Sat, 10 Dec 2022 11:40:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1547164
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNVe14GHd3DYzIju9F1mAcaMOLgFjaYeBpPq%2Bh%2B1A%2F6z2Vk%2FLWcUI0g6IzKuZrThCdljFi1mN0MMswkW%2BWBPxl7HmtEWgLzXOey1hwa%2F7VYA7btBRlQ%2FmIXmXjPR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7712107cac600b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mei.netlbtu.com/upload/art/gif/gfdt/071616_341-4.gif

172.247.77.90

200 OK

14 kB

URL HTTP/1.1
mei.netlbtu.com/upload/art/gif/gfdt/071616_341-4.gif
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Size
14 kB (13797 bytes)
Hash
e994db89370c07131c299b37e86e0906
3166f9925170c117be7c77602c26f45105cae06c
d9a139378357052913b2b57af565d38baef6f7a10ff1c0b58376e57a764f16df

HTTP Headers

GET /upload/art/gif/gfdt/071616_341-4.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 09:28:39 GMT
Content-Type: image/gif
Content-Length: 13797
Last-Modified: Wed, 09 Nov 2022 11:39:13 GMT
Connection: keep-alive
ETag: "636b9161-35e5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif

104.21.234.198

200 OK

65 kB

URL HTTP/2
kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP
104.21.234.198:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
65 kB (65414 bytes)
Hash
514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvheee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.henniu455.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:02 GMT
etag: "637c023e-ff86"
expires: Wed, 21 Dec 2022 23:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 555901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4nWbzZXfHY%2FbZkacqfUD4Fo2TYVcgufmKc9pvi3yn6%2BmZK%2Bsr7lsY6umrD1yPwNvw9xqNXdfdlTL6qyeT1R8T3YNrVuheC44pmY7ch74Xt%2FM6t%2B%2F%2B6rHh6DPcYs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7712107c8b5ddcff-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s2.loli.net/2022/11/21/HXSObKxZrpNoT8w.gif

104.26.0.190

200 OK

375 kB

URL HTTP/2
s2.loli.net/2022/11/21/HXSObKxZrpNoT8w.gif
IP
104.26.0.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
375 kB (375054 bytes)
Hash
893c2eaccd9a2ddb1c1a9fd2c9e18f0d
4b8f92fd3a66b9064eed25bf1c785c78118e1de4
86021668104ddf758f57a26eb01a60683bab0fc019c7856b962308ebe775a6d7

HTTP Headers

GET /2022/11/21/HXSObKxZrpNoT8w.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 375054
last-modified: Mon, 21 Nov 2022 09:00:42 GMT
etag: "637b3e3a-5b90e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EI2NgF29gWtOZWiez%2FmZN2WVGJNxIiwr3%2FfjtcAuC9aWFVAWwDI0pKcQVQsjav8WhWTfPUh6%2BRkTfnseFD2hR92hziiy6Gw066FH%2BYi0o2clr6M9WAN0Goi8B0rF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771210743d2eb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mei.netlbtu.com/upload/art/gif/20200421/170511-1.mp4_1587324106344.gif

172.247.77.90

200 OK

13 kB

URL HTTP/1.1
mei.netlbtu.com/upload/art/gif/20200421/170511-1.mp4_1587324106344.gif
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 480x270, components 3\012- data
Size
13 kB (12943 bytes)
Hash
e1a576cbd51934165b0de029925eba4d
8225a3aa258bf5e6985492a834622a090376208f
7664f5c8b9e9611fc3d76c64ca431e0b96ba7d9bbc2ed1ebcc15b4037725b380

HTTP Headers

GET /upload/art/gif/20200421/170511-1.mp4_1587324106344.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 09:28:39 GMT
Content-Type: image/gif
Content-Length: 12943
Last-Modified: Wed, 09 Nov 2022 09:18:36 GMT
Connection: keep-alive
ETag: "636b706c-328f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b92678d8bfcefe51e926eac3acb442de
f4f13e283fe87a7c2b755c0fda71a1b7a483f17d
bb8b384b8b9a3b6c73717378a0ccfceee5473f6e7d14bc350241ced35a9f3a22

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BB8B384B8B9A3B6C73717378A0CCFCEEE5473F6E7D14BC350241CED35A9F3A22"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16889
Expires: Mon, 28 Nov 2022 14:08:20 GMT
Date: Mon, 28 Nov 2022 09:26:51 GMT
Connection: keep-alive

s2.loli.net/2022/11/21/GjPS2c1pFvEmyUd.gif

104.26.0.190

200 OK

508 kB

URL HTTP/2
s2.loli.net/2022/11/21/GjPS2c1pFvEmyUd.gif
IP
104.26.0.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
508 kB (508025 bytes)
Hash
a2ed6c020d6acb8be4d5bb10e2cd0c80
e9c3f1c4f8615d16d3c9e8a39cd175dc94a9086c
5f7d936f3948400e6d4f51442c50cf16eaa6267c086943f1333c44594a7824c6

HTTP Headers

GET /2022/11/21/GjPS2c1pFvEmyUd.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 508025
last-modified: Mon, 21 Nov 2022 09:00:08 GMT
etag: "637b3e18-7c079"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzfrX0ngfmrpncTois7KgC3N45%2FCNEflypwOaheT%2BzZghWm%2FyJA0WBIRvdhSYk4fc7xblrpou9JgDNl2D0ApMAZ6XgYalbErFinWgv4n%2Fxb%2FGdrhe4tv5ZVvF6IG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771210742d15b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mei.netlbtu.com/upload/art/gif/gfdt/746bfd5d31fc37377d.gif

172.247.77.90

200 OK

20 kB

URL HTTP/1.1
mei.netlbtu.com/upload/art/gif/gfdt/746bfd5d31fc37377d.gif
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 560x314, components 3\012- data
Size
20 kB (19506 bytes)
Hash
ad1f30d4930167d4eff601f3fee06b8d
b0fa5f060045cad3ae25d6ce6e00758668a31f00
5605d7b7176cda10fc43bfe3ef7c57efda471a1d0ed5092aaca9e8426c747032

HTTP Headers

GET /upload/art/gif/gfdt/746bfd5d31fc37377d.gif HTTP/1.1
Host: mei.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 09:28:39 GMT
Content-Type: image/gif
Content-Length: 19506
Last-Modified: Wed, 09 Nov 2022 11:40:19 GMT
Connection: keep-alive
ETag: "636b91a3-4c32"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8407d17d66eea1ca613456d1390d76d7
11ce6e9c8a3a3a6fc2f2365b377a3f46f9e15ad4
0a1ac5fe84d66393e583315518ac31d3463dc5233832fb892aefdf0ede6b8054

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

max002.top/68a7807de3933bf7079116fa9df99e6f.gif

104.21.233.254

200 OK

366 kB

URL HTTP/2
max002.top/68a7807de3933bf7079116fa9df99e6f.gif
IP
104.21.233.254:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
366 kB (366444 bytes)
Hash
86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: max002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.henniu455.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Sun, 25 Dec 2022 12:12:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 249263
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyejZuXsHS7y21SC5MgM3cCmxW5h0M1SkrD7DxbOyYf8YHTltmVmdUyP5Xdz0b3kminHBFDpesaPSMcthwjRm8OUiFp9gkOmbBU4TMRLBPPbJ2Ly4eUV6x3wDBQw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7712107d08a77417-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
079ea414f924ad9665a398269467b8aa
2e8df10522bf38cac57bf4ce7adab17164b2cc3b
643954a511f03747c0b83cc2b379c1c5a2b965b7cf1b7f5846daa98d044a6272

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129857
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:51 GMT
Etag: "6383d71c-118"
Expires: Tue, 29 Nov 2022 21:31:08 GMT
Last-Modified: Sun, 27 Nov 2022 21:31:08 GMT
Server: nginx
Content-Length: 280

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b407444fc65f86948d0f257a7a63c73c
2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1
300712a9df82ffbb5fd337feddd86f3b23bc602b78969fee87fda5d6de9b05f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:19:39 GMT
Expires: Sat, 03 Dec 2022 15:19:38 GMT
Etag: "2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1"
Cache-Control: max-age=452566,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7712107e3d44b512-OSL

nkiun.xyz/guanggao/5678.jpg

8.210.99.166

200 OK

16 kB

URL HTTP/1.1
nkiun.xyz/guanggao/5678.jpg
IP
8.210.99.166:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, components 3\012- data
Size
16 kB (15532 bytes)
Hash
61cdbfab0213705019d0f0359a69334c
687637f6ef3219935e2c7a1f2ec30d52383bd789
3011f4fab001f3af1c122c6e03b73e2dd60da42ee7e1f692dc917cd254e65045

HTTP Headers

GET /guanggao/5678.jpg HTTP/1.1
Host: nkiun.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: image/jpeg
Content-Length: 15532
Last-Modified: Tue, 20 Sep 2022 14:00:47 GMT
Connection: keep-alive
ETag: "6329c78f-3cac"
Expires: Wed, 28 Dec 2022 09:26:51 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

s2.loli.net/2022/01/07/deGgwzf7Tly9S3b.gif

104.26.0.190

200 OK

906 kB

URL HTTP/2
s2.loli.net/2022/01/07/deGgwzf7Tly9S3b.gif
IP
104.26.0.190:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 200 x 200\012- data
Size
906 kB (905505 bytes)
Hash
3abde39f91e4a75e550b7e50eb25e68a
75e357b027236d81ea4b1002d992117d53212bd8
2ee18fe5f2dec0caa8ddca814b0f318e2574bd52b389bb8a2348356567a7db7d

HTTP Headers

GET /2022/01/07/deGgwzf7Tly9S3b.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:50 GMT
content-type: image/gif
content-length: 905505
last-modified: Fri, 07 Jan 2022 15:29:57 GMT
etag: "61d85c75-dd121"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGn%2FmqinH3eceqm%2BV1MMuZrAekuEWM%2FK1GyV2XV4Wo3NBIshCKNS%2FT3I%2FjoSJbNAq4Y3brp6Wz6nACcQG%2Ben5kzQ1Ig3bBrCQth4t%2F97N9uWjfmDweb1zQRfNDRI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771210740cf1b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

nkiun.xyz/guanggao/88.jpg

8.210.99.166

200 OK

23 kB

URL HTTP/1.1
nkiun.xyz/guanggao/88.jpg
IP
8.210.99.166:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 377x377, components 3\012- data
Size
23 kB (23407 bytes)
Hash
4e0430d10999201c61bd8ca67a1b9ad5
35ac2369a649edff8176762d7a4c2cc442545cbe
1ab4cb62c3914b2780555cc36cc0e4f6094bf271be62c6939cf9ff19c766c5fa

HTTP Headers

GET /guanggao/88.jpg HTTP/1.1
Host: nkiun.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: image/jpeg
Content-Length: 23407
Last-Modified: Mon, 10 Oct 2022 13:06:55 GMT
Connection: keep-alive
ETag: "634418ef-5b6f"
Expires: Wed, 28 Dec 2022 09:26:51 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
079ea414f924ad9665a398269467b8aa
2e8df10522bf38cac57bf4ce7adab17164b2cc3b
643954a511f03747c0b83cc2b379c1c5a2b965b7cf1b7f5846daa98d044a6272

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=129857
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:52 GMT
Etag: "6383d71c-118"
Expires: Tue, 29 Nov 2022 21:31:09 GMT
Last-Modified: Sun, 27 Nov 2022 21:31:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

p9.toutiaoimg.com/origin/pgc-image/440e4613c87e49aaa978851137a2e2cb

4.79.109.102

200 OK

87 kB

URL HTTP/2
p9.toutiaoimg.com/origin/pgc-image/440e4613c87e49aaa978851137a2e2cb
IP
4.79.109.102:0
ASN
#3356 LEVEL3

File type
GIF image data, version 89a, 960 x 120\012- data
Size
87 kB (86697 bytes)
Hash
c93b3ed293066d747d880ea368f305c3
7847cf128db1b0cc6f25cbfb54125348bf6dda97
79a2ddaa98a1421d78798163acdce3928ac97d2f63e5a7a64ff011180661a2b3

HTTP Headers

GET /origin/pgc-image/440e4613c87e49aaa978851137a2e2cb HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 86697
date: Sat, 01 Oct 2022 07:09:17 GMT
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 01 Oct 2021 06:59:21 GMT
nw-session-id: 202110011459210101940982193F1AF1C7sjvgq03tt
nw-session-trace: 2021-10-01T14:59:21.256856375+08:00 43
x-bdcdn-cache-status: TCP_MISS
x-length: 86697
x-powered-by: ImageX
x-response-date: Fri, 01 Oct 2021 14:59:21 GMT
x-tt-logid: 202110011459210101940982193F1AF1C7
x-tt-trace-host: 01007de0759bedd164cef8c7ee3bed522ee82528cdf35d20ca9e7c1d86094cf8ffad7f68acafca8aea0051d6ead0ed8e33ef2b558f3d1ebc3189b63748e03187964ec1a388482de80a872045f4071810de2ede20a8f16c213cf5c5d158b486d275
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-lb: image
x-ser: BC199_dx-lt-yd-jiangsu-huaian-8-cache-10, BC199_dx-lt-yd-jiangsu-huaian-8-cache-10, BC108_US-Colorado-Denver-1-cache-2, BC108_US-Colorado-Denver-1-cache-2, BC103_US-Washington-seattle-1-cache-1, BC103_US-Washington-seattle-1-cache-1
x-cache: HIT from BC103_US-Washington-seattle-1-cache-1(baishan)
access-control-allow-origin: *
timing-allow-origin: *
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: inner; dur=50, cdn-cache;desc=HIT,edge;dur=1
X-Firefox-Spdy: h2

nvhaaa.top/f0e76a5c8312a00241ad726bac0f2d0f.gif

104.21.234.40

200 OK

159 kB

URL HTTP/2
nvhaaa.top/f0e76a5c8312a00241ad726bac0f2d0f.gif
IP
104.21.234.40:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 80\012- data
Size
159 kB (158847 bytes)
Hash
a497c1ae73df54fe08463b3342b8d1d0
73ce4da38e2826e033444992cff2a827eb474c97
e9f7f7dc820dc334c1cf0e7ccb151c7483c7a64cc7c28f50de03fa2f65c34957

HTTP Headers

GET /f0e76a5c8312a00241ad726bac0f2d0f.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.henniu455.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 158847
last-modified: Wed, 10 Aug 2022 09:44:15 GMT
etag: "62f37def-26c7f"
expires: Mon, 26 Dec 2022 15:44:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 150114
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMHDoGCyzJnmy3lW8aL5rQY2pGnL74SUP2tgLLISgaUx5zb77Auaep70sv9Q8C%2FvZs733SzRY9hYMmrjvvvjoB8%2F0hToxJfSGQ77TZtwHEXa6VHG577fsa%2BiREzb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7712107ead3688b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

8499483.com/8499/960x60.gif

162.209.128.164

200 OK

331 kB

URL HTTP/2
8499483.com/8499/960x60.gif
IP
162.209.128.164:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

n0622.com/1b350a16bb764a9e88c046c9d14cabfa.gif

20.78.78.186

200 OK

142 kB

URL HTTP/1.1
n0622.com/1b350a16bb764a9e88c046c9d14cabfa.gif
IP
20.78.78.186:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
142 kB (141802 bytes)
Hash
d266492116a9903619eeb035b0f4cdd9
4444e9192f207b2b946d71bc38fdf7e23fe8912c
829c5302dd74ad53f4d8adf3de284908c5d6a1662b28b395fea1b4d3d9e78eed

HTTP Headers

GET /1b350a16bb764a9e88c046c9d14cabfa.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 03 Nov 2022 13:58:40 GMT
ETag: W/"6363c910-4002e"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

u1022.com/e8f25c9642e34d42959c3389f35c045e.gif

103.170.15.52

200 OK

358 kB

URL HTTP/2
u1022.com/e8f25c9642e34d42959c3389f35c045e.gif
IP
103.170.15.52:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 120\012- data
Size
358 kB (358522 bytes)
Hash
677dab97fd11d2343aed327e66c5a29e
72835b9544fb5562003588064f415bb9362b7cb6
feb70e6f842abc981c0d7bac60bb6fac4e602065bfecf386adcafa5d2e303d48

HTTP Headers

GET /e8f25c9642e34d42959c3389f35c045e.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "63791001-5787a"
server: nginx
date: Fri, 25 Nov 2022 14:11:46 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 17:18:57 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-42
content-length: 358522
X-Firefox-Spdy: h2

zhibo128x.xyz/128/960x120.gif

154.83.25.141

200 OK

647 kB

URL HTTP/1.1
zhibo128x.xyz/128/960x120.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 120\012- data
Size
647 kB (647290 bytes)
Hash
4fd1179d632274467f2d161456d79264
7e14d27cde6b11c437d17d7abf8ea273a5e63798
4a24512ccf73527d8996dc5a02acc63fe7fcb7c9f9ae22cac178345c6d46361c

HTTP Headers

GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 28 Nov 2022 09:26:15 GMT
Content-Type: image/gif
Content-Length: 647290
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:08:16 GMT
ETag: "634113d0-9e07a"
Expires: Wed, 30 Nov 2022 00:43:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg

45.89.209.74

200 OK

465 kB

URL HTTP/1.1
ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg
IP
45.89.209.74:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=120, yresolution=120], baseline, precision 8, 1280x720, components 3\012- data
Size
465 kB (464670 bytes)
Hash
ba0bc684cabb92a694d67237b2637887
cf57fb92bcca91174e038eb25b9fcd4c36af9a49
07de171b4735f70b00021bf230231faf69573e9e90e60b3974aeae196375a27d

HTTP Headers

GET /upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 17:26:45 GMT
Content-Type: image/jpeg
Content-Length: 464670
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 16:45:06 GMT
ETag: "620d2a12-7171e"
Expires: Wed, 28 Dec 2022 09:26:51 GMT
Cache-Control: max-age=2592000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

jackie4fun.cc/4/960X120.gif

58.218.208.85

200 OK

114 kB

URL HTTP/1.1
jackie4fun.cc/4/960X120.gif
IP
58.218.208.85:0
ASN
#4134 Chinanet

File type
GIF image data, version 89a, 960 x 120\012- data
Size
114 kB (113720 bytes)
Hash
48bd39bd9b0a2c36655f4202daea1314
8aba4108ee8c1e5128b5d52310064192c2766620
e01821b5e8f776bc45dd2fe19116816697d45a74fc96babb67a6a63844f992ae

HTTP Headers

GET /4/960X120.gif HTTP/1.1
Host: jackie4fun.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 113720
Connection: keep-alive
Date: Mon, 28 Nov 2022 08:31:06 GMT
Last-Modified: Tue, 15 Nov 2022 13:01:26 GMT
ETag: "63738da6-1bc38"
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669624266
Via: cache72.l2cn2647[341,341,304-0,M], cache28.l2cn2647[343,0], kunlun6.cn192[0,0,200-0,H], kunlun8.cn192[1,0]
Age: 3345
X-Cache: HIT TCP_MEM_HIT dirn:11:1172472169
X-Swift-SaveTime: Mon, 28 Nov 2022 08:31:06 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3adad01c16696276112831905e

8499583.com/8499/150x150.gif

162.209.128.164

200 OK

135 kB

URL HTTP/2
8499583.com/8499/150x150.gif
IP
162.209.128.164:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 150 x 150\012- data
Size
135 kB (134747 bytes)
Hash
48c8ab8ae6b52201e71decda0b783d26
5817a61ac305b0b96542b5aced965e79cf67d010
011e88ae2efb7e2c7a98115adcc443c2b965206d34a45c98f7012d476de9aeb8

HTTP Headers

GET /8499/150x150.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 134747
last-modified: Sun, 13 Nov 2022 10:03:32 GMT
etag: "20e5b-5ed573c48c405"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

365tupian.oss-cn-shenzhen.aliyuncs.com/36580.gif

120.77.166.102

200 OK

340 kB

URL HTTP/1.1
365tupian.oss-cn-shenzhen.aliyuncs.com/36580.gif
IP
120.77.166.102:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
340 kB (340103 bytes)
Hash
de35abdfd47d687767c6cbcf00ecc4ef
567b54f4af028ccfe624b1ae2b00528465ed55d3
e2b981314879e8bf01da60ce70dc097c394629ca150f93b0920b00eb99719fe2

HTTP Headers

GET /36580.gif HTTP/1.1
Host: 365tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: image/gif
Content-Length: 340103
Connection: keep-alive
x-oss-request-id: 63847EDB703D5E323419FE04
Accept-Ranges: bytes
ETag: "DE35ABDFD47D687767C6CBCF00ECC4EF"
Last-Modified: Fri, 18 Nov 2022 08:51:06 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10759737833161401007
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 3jWr39R9aHdnxsvPAOzE7w==
x-oss-server-time: 2

p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image

4.79.109.102

200 OK

807 kB

URL HTTP/2
p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image
IP
4.79.109.102:0
ASN
#3356 LEVEL3

File type
GIF image data, version 89a, 400 x 420\012- data
Size
807 kB (806826 bytes)
Hash
ce6a32bc15190689f6891ff7973e913f
99a64f0bdb4351f86032d9b1c9d9079ea6667cc8
18cdc10ae1ad7de191dd2adc346add24ded8e35c69f25a63bb91c928fe837331

HTTP Headers

GET /img/tos-cn-i-siecs4i2o7/dcadd199aa5e4cb291ed40729e0fa5a9~noop.image HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 806826
date: Tue, 08 Nov 2022 15:56:15 GMT
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 31 Mar 2022 10:03:03 GMT
nw-session-id: 2022033118030201019409901840A77C0Endgts03la
nw-session-trace: 2022-03-31T18:03:03.257713369+08:00 344
x-bdcdn-cache-status: TCP_HIT
x-length: 806826
x-powered-by: ImageX
x-response-date: Thu, 31 Mar 2022 18:03:03 GMT
x-tt-logid: 2022033118030201019409901840A77C0E
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-lb: image
x-ser: BC177_dx-lt-yd-zhejiang-jinhua-12-cache-13, BC177_dx-lt-yd-zhejiang-jinhua-12-cache-13, BC33_US-Michigan-chieago-1-cache-1, BC103_US-Washington-seattle-1-cache-1
x-cache: HIT from BC103_US-Washington-seattle-1-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=1
access-control-allow-origin: *
timing-allow-origin: *
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
X-Firefox-Spdy: h2

398375178.com/b9f56fb3d2e6405b8b756e0ff7c42ac6.gif

47.75.19.145

200 OK

141 kB

URL HTTP/1.1
398375178.com/b9f56fb3d2e6405b8b756e0ff7c42ac6.gif
IP
47.75.19.145:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 750 x 240\012- data
Size
141 kB (140712 bytes)
Hash
62aca5f86547ebf8aba956425356874b
d9ecdbe6202ddee69d57658be2d54a0312c1cb55
3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8

HTTP Headers

GET /b9f56fb3d2e6405b8b756e0ff7c42ac6.gif HTTP/1.1
Host: 398375178.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: image/gif
Content-Length: 140712
Connection: keep-alive
x-oss-request-id: 63847EDB0E14E439373E461D
Accept-Ranges: bytes
ETag: "62ACA5F86547EBF8ABA956425356874B"
Last-Modified: Thu, 17 Nov 2022 13:15:31 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2922816915217488187
x-oss-storage-class: Standard
Content-MD5: Yqyl+GVH6/irqVZCU1aHSw==
x-oss-server-time: 2

ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96060a.gif

47.110.23.69

200 OK

345 kB

URL HTTP/1.1
ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96060a.gif
IP
47.110.23.69:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
345 kB (345138 bytes)
Hash
f05834994a4e3b5795fe3f457e8d7dc0
841957f7408ebdac8fa20a77c906fdb18570f639
1dddb11b151830b32f8b9750d07e00ae6f81f3ed3aff1fa8e5636e890f9d5671

HTTP Headers

GET /xpj/xpj96060a.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 28 Nov 2022 09:26:51 GMT
Content-Type: image/gif
Content-Length: 345138
Connection: keep-alive
x-oss-request-id: 63847EDB29A53C3430836851
Accept-Ranges: bytes
ETag: "F05834994A4E3B5795FE3F457E8D7DC0"
Last-Modified: Sat, 12 Nov 2022 05:03:57 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 696102764230784626
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 8Fg0mUpOO1eV/j9Ffo19wA==
x-oss-server-time: 3

223969ufy.com/b205223651a64b9cb579ec80e7d56282.gif

45.61.212.223

200 OK

636 kB

URL HTTP/1.1
223969ufy.com/b205223651a64b9cb579ec80e7d56282.gif
IP
45.61.212.223:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 120\012- data
Size
636 kB (635680 bytes)
Hash
1cb325d5859a93c29e41953b1089d4ef
ba867d7f6fd51ccf98e3e62b3786b109198ed236
903053e8dc64064819c2c30f1672015877d8cf7f5f2e7ca70ba8060ddda4b8fb

HTTP Headers

GET /b205223651a64b9cb579ec80e7d56282.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63692693-9b320"
Date: Fri, 25 Nov 2022 13:13:06 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 07 Nov 2022 15:38:59 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-23
Content-Length: 635680

dl66d.com/200x200.gif

185.135.77.192

200 OK

470 kB

URL HTTP/2
dl66d.com/200x200.gif
IP
185.135.77.192:0
ASN
#142591 MYTEK TRADING PTY LTD ta velolelo

File type
GIF image data, version 89a, 200 x 200\012- data
Size
470 kB (469594 bytes)
Hash
edbab5fd16a19f4165fdb9a2754055e8
89d14608bdb7e494e7c4c23eb9e032b86246c39e
36911d69e52b439f41f2536e79b7548e67a9a71a98454f3f4bcad26aa26d12c4

HTTP Headers

GET /200x200.gif HTTP/1.1
Host: dl66d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 469594
last-modified: Tue, 01 Nov 2022 09:16:18 GMT
etag: "6360e3e2-72a5a"
expires: Wed, 28 Dec 2022 09:26:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
57ee7ecf634afb39f3e66c47bb82cf00
c769874c405f7d82e181713efb6cd701fed9c588
86af8d909b8e0b7b06271678fa5bb13bf27c074e76b53858a662382a14a6e5b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5919
Cache-Control: max-age=105521
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:53 GMT
Etag: "638360ef-2d7"
Expires: Tue, 29 Nov 2022 14:45:34 GMT
Last-Modified: Sun, 27 Nov 2022 13:06:55 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 727

sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif

120.77.166.72

200 OK

479 kB

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 960 x 120\012- data
Size
479 kB (478685 bytes)
Hash
5bf732e915baf1d960c69a7dfeb3ef7c
dab765903785eb638106a06c2dc636daa1842a01
e986d2a1b3591d88a0f5ca8c1f5192b77f130f495dfe7af3a73ab51ae8ca17c7

HTTP Headers

GET /af/q960x120-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 28 Nov 2022 09:26:52 GMT
Content-Type: image/gif
Content-Length: 478685
Connection: keep-alive
x-oss-request-id: 63847EDC4EAD113637988D99
Accept-Ranges: bytes
ETag: "5BF732E915BAF1D960C69A7DFEB3EF7C"
Last-Modified: Tue, 27 Sep 2022 07:43:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8402549840524505905
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: W/cy6RW68dlgxpp9/rPvfA==
x-oss-server-time: 1

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
fcde31d33aa3ef8c0fcae657bc544712
21bb570776956f36c9f3ed7bc95e0f9dea0c486f
2bf2bb959ce895b9c6b9a6b12d4f944b44f2a8c71100e340ad9ed561d7ccd021

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:26:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 05:47:31 GMT
ETag: "21bb570776956f36c9f3ed7bc95e0f9dea0c486f"
Last-Modified: Mon, 28 Nov 2022 05:47:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 815
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77121089cae01c16-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
57ee7ecf634afb39f3e66c47bb82cf00
c769874c405f7d82e181713efb6cd701fed9c588
86af8d909b8e0b7b06271678fa5bb13bf27c074e76b53858a662382a14a6e5b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99602
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:26:53 GMT
Etag: "638360ef-2d7"
Expires: Tue, 29 Nov 2022 13:06:55 GMT
Last-Modified: Sun, 27 Nov 2022 13:06:55 GMT
Server: nginx
Content-Length: 727

p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0

43.154.254.32

200 OK

62 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
62 kB (62229 bytes)
Hash
ee52eff8577d4346eca344892bd41406
5e2ad497a1866f71f088860d05f2b962e82a16e1
b1d685515a8e1186c3f5d4844256b95fcc83121fa45f29a2e58e852537332267

HTTP Headers

GET /qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/png
content-length: 62229
vary: Accept,Origin
last-modified: Tue, 19 Oct 2021 21:03:59 GMT
cache-control: max-age=2592000
x-delay: 13878 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 62229
chid: 0
fid: 0
x-nws-log-uuid: 67641498-46b2-4349-8780-abb69850d5ac
X-Firefox-Spdy: h2

p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0

43.154.254.32

200 OK

331 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Sat, 12 Nov 2022 13:28:23 GMT
cache-control: max-age=2592000
x-delay: 174 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 43b14c15-5d31-4a4a-91db-4cadf2d1abe2
X-Firefox-Spdy: h2

p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0

43.154.254.32

200 OK

1.6 MB

URL HTTP/2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 640 x 200\012- data
Size
1.6 MB (1607696 bytes)
Hash
9c26f4dcfdfa72ecdcbe3ea854547b4c
fed85b90734400d6810be2b07403f5c8a194a507
ebd842d015d6684a6995a73f1e81f0dea219815318f8993501da9ca79cca74d2

HTTP Headers

GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 1607696
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:45 GMT
cache-control: max-age=2592000
x-delay: 736 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1607696
chid: 0
fid: 0
x-nws-log-uuid: 99be87cb-6852-41df-91e0-079a52e5fc7f
X-Firefox-Spdy: h2

p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image

120.52.95.234

200 OK

678 kB

URL HTTP/2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
IP
120.52.95.234:0
ASN
#133119 China Unicom IP network

File type
GIF image data, version 89a, 270 x 160\012- data
Size
678 kB (677521 bytes)
Hash
94051cb1d1b77200b4462281a864b96e
e5b468a1b2f4bbdda1b6a3a0df2dcce6b3de7e06
d44d0d2dd188024b60ec38cb3f3ea10c080690175e923f90c9c2a2e862670c84

HTTP Headers

GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:53 GMT
content-type: image/gif
content-length: 677521
set-cookie: hccesp_lttk=AAAAAgAAAAAAAAAFAAAAAQAAAAeBwwi0wpEfjP7O+Tm16SDgpQE1Sqtouq3SRN7JzynFUgAAAAAAAAAAAAAAQN8evMDbeqneSpXQaERowYJVdntsADvFvTR1dLvWZHytVkNV9MZUv0VjrB1Gxnd7jghq7DO2YJqAMP30c5WoOdI=; Expires=Tue, 28 Nov 2023 09:26:53 GMT; path=/;
server: openresty
age: 13499268
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-ccdn-cachettl: 31536000
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-response-lb: image
x-tt-logid: 2021123008073501015013614530ADE9B0
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=3
via: CHN-HElangfang-AREACUCC1-CACHE22[3],CHN-HElangfang-AREACUCC1-CACHE35[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE60[39],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,36]
x-hcs-proxy-type: 1
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2

p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image

120.52.95.234

200 OK

301 kB

URL HTTP/2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image
IP
120.52.95.234:0
ASN
#133119 China Unicom IP network

File type
GIF image data, version 89a, 120 x 120\012- data
Size
301 kB (301024 bytes)
Hash
924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf

HTTP Headers

GET /img/tos-cn-i-siecs4i2o7/0226fc4667f041eebafb92c08aba742c~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:26:53 GMT
content-type: image/gif
content-length: 301024
set-cookie: hccesp_lttk=AAAAAgAAAAAAAAAFAAAAAQAAAAeBwwi0wpEfjO7SWvyLs8mw/7QB34kfHY+gLXpPgS4VhQAAAAAAAAAAAAAAQCt+FU7aYW5djhkk/iM/zSbSBhNsy/gdLNilz02sO2kxTC+mB8QBC+94Cwk09I6CyoA05x14t7LdlOTptsGuEGM=; Expires=Tue, 28 Nov 2023 09:26:53 GMT; path=/;
server: openresty
age: 9824887
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 06 Nov 2021 17:01:43 GMT
nw-session-id: 2021110701014301015108502152A73235rcjk803tt
nw-session-trace: 2021-11-07T01:01:43.669209445+08:00 34
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 301024
x-powered-by: ImageX
x-response-date: Sun, 07 Nov 2021 01:01:43 GMT
x-response-lb: image
x-tt-logid: 2021110701014301015108502152A73235
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=8
via: CHN-HElangfang-AREACUCC1-CACHE22[8],CHN-HElangfang-AREACUCC1-CACHE15[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE90[6],CHN-TJ-GLOBAL1-CACHE72[0,TCP_HIT,4]
x-hcs-proxy-type: 1
x-tt-trace-host: 016e0001876583f0a366970da60fe77c66f56a5eb79688f9c4e7e6c49708d552a39ce55d97749c3e8510d737d6bed077b75390b82e45430b80f2266ba222fbd73cd89bceef56b5d71b00add0867f5f44d259170ca6c80d220231d003018378230b0a9b18efbe7abad09aa9b368178b8893f8ed65931abed8e45506dc8686afd64a2dd156f524477f07b8b7fcfe9e7fdb2c
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2

cdn.u1.huluxia.com/g4/M01/A8/BC/rBAAdmMm1vmAR9JIAAdIafyG5QY340.gif

104.250.44.2

200 OK

477 kB

URL HTTP/1.1
cdn.u1.huluxia.com/g4/M01/A8/BC/rBAAdmMm1vmAR9JIAAdIafyG5QY340.gif
IP
104.250.44.2:0
ASN
#137280 Kingsoft cloud corporation limited

File type
GIF image data, version 89a, 960 x 60\012- data
Size
477 kB (477289 bytes)
Hash
760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd

HTTP Headers

GET /g4/M01/A8/BC/rBAAdmMm1vmAR9JIAAdIafyG5QY340.gif HTTP/1.1
Host: cdn.u1.huluxia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 477289
Connection: keep-alive
Server: KS3
ETag: "760cc21f91ee02e848650627ffa47ae2"
Date: Mon, 28 Nov 2022 09:26:53 GMT
Last-Modified: Sun, 18 Sep 2022 08:29:45 GMT
Cache-Control: no-cache
Accept-Ranges: bytes
X-Application-Context: application
x-kss-request-id: f9ah8t80h92obs6l7hib1norlkcr0vc6
X-Info-StorageClass: -
Content-MD5: dgzCH5HuAuhIZQYn/6R64g==
x-kss-meta-huluxia_upload: huluxia_upload
x-link-via: lsj11:80;lsj12:80;
x-b2f-cs-cache: no-cache
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, MISS from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: e0017c8634f88ff1f5a662492f0f8980

p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0

43.154.254.32

200 OK

1.4 MB

URL HTTP/2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 640 x 200\012- data
Size
1.4 MB (1362871 bytes)
Hash
b43c54ced7fcd33ebd9405eb26d533b7
05e5eb23ef5a79364bc8f8fd778d54a9fa335174
7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2

HTTP Headers

GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 28 Nov 2022 09:26:51 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 100061 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 4186478e-d98b-49d3-b0d5-39dd5d910544
X-Firefox-Spdy: h2

kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif

182.140.218.3

200 OK

1.4 MB

URL HTTP/2
kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
IP
182.140.218.3:0
ASN
#38283 CHINANET SiChuan Telecom Internet Data Center

File type
GIF image data, version 89a, 960 x 240\012- data
Size
1.4 MB (1368366 bytes)
Hash
e2d39c8f7400e280a030d2973e264a40
aaae77607041010aaee190544bdbe9591a87d1f8
8c03d26da39edc9f28d4af8e91b1adefe9fdccff142178da3110a15bacf08134

HTTP Headers

GET /ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:53 GMT
content-type: image/gif
content-length: 1368366
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:53:07 GMT
last-modified: Fri, 25 Nov 2022 14:35:51 GMT
age: 239626
via: http/1.1 ORI-CLOUD-HUN-MIX-37 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-30 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387987433-0-0-15-60-60;200;200-1669438776196-0-0-0-1-1;200-1669627613825-0-0-0-1-1
X-Firefox-Spdy: h2

png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg

104.18.2.157

403 Forbidden

0 B

URL HTTP/2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP
104.18.2.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Mon, 28 Nov 2022 09:26:52 GMT
content-type: application/xml
x-amz-request-id: BZCRB0MZC8W67FC9
x-amz-id-2: Q2uNQ/yrsw+4yPI49JDsblaIlWQh0UUDSd6bgxt/W5BS5BtM1xcTBcJW/XCeoKDAPqt24s5PW/E=
cf-cache-status: MISS
set-cookie: __cf_bm=2l.IGo79iQPjyVARpPLrTtLbBX3XwqP3OB8LmvKMW.w-1669627612-0-AcZDQ7vcDsBYdXa7rVAIEQozdEZa/0+UC2jeRg/zjxx+Ic01O12OjFd7sBYoi9I67oZvIzzDd02VkVCiZsq6gDw=; path=/; expires=Mon, 28-Nov-22 09:56:52 GMT; domain=.pngtree.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7712107bd8aa0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

img.9376x.com/images/63664dfd09d6345f4f98bebe.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.9376x.com/images/63664dfd09d6345f4f98bebe.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/63664dfd09d6345f4f98bebe.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b75457ba961c4fbb9e3770eab50c6481
X-Firefox-Spdy: h2

www.henniu455.site/template/dfcc/static/js/jquery.min.js

173.231.12.252

200 OK

0 B

URL HTTP/2
www.henniu455.site/template/dfcc/static/js/jquery.min.js
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/dfcc/static/js/jquery.min.js HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:49 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:32 GMT
vary: Accept-Encoding
etag: W/"61d99aa4-17b8b"
expires: Mon, 28 Nov 2022 21:26:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.henniu455.site/

173.231.12.252

200 OK

0 B

URL HTTP/2
www.henniu455.site/
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://baidu.hnmaccms.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:49 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.1153555.com/images/6376562fbd62f41a6d66b785.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.1153555.com/images/6376562fbd62f41a6d66b785.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6376562fbd62f41a6d66b785.gif HTTP/1.1
Host: img.1153555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/089f3a1286414d82ae6996008b165e45
X-Firefox-Spdy: h2

www.henniu455.site/template/dfcc/css/ate.css

173.231.12.252

200 OK

0 B

URL HTTP/2
www.henniu455.site/template/dfcc/css/ate.css
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/dfcc/css/ate.css HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:49 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:24 GMT
vary: Accept-Encoding
etag: W/"61d46414-126e4"
expires: Mon, 28 Nov 2022 21:26:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.henniu455.site/template/dfcc/css/zui.css

173.231.12.252

200 OK

0 B

URL HTTP/2
www.henniu455.site/template/dfcc/css/zui.css
IP
173.231.12.252:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/dfcc/css/zui.css HTTP/1.1
Host: www.henniu455.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:26:49 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 10:41:58 GMT
vary: Accept-Encoding
etag: W/"62861ef6-164b3"
expires: Mon, 28 Nov 2022 21:26:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.2633u.com/images/63664dc509d6345f4f98bebd.gif

185.239.226.23

302 Found

0 B

URL HTTP/2
img.2633u.com/images/63664dc509d6345f4f98bebd.gif
IP
185.239.226.23:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/63664dc509d6345f4f98bebd.gif HTTP/1.1
Host: img.2633u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.henniu455.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4bd29c7e9a5b4161ad0f05921c40288e
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations