r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4168
Expires: Mon, 12 Sep 2022 10:25:22 GMT
Date: Mon, 12 Sep 2022 09:15:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 08:58:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WfWc9fga8gMgCZJQNze_UZcAd_6hmqwVg73k9VYk-EGj86Mx6kc1xw==
Age: 1063
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7-yxD2bUNRwrqS7VX3Hy4HEjOZo_dUBR8LmEYVsEZLqYAoDOb8QnxA==
age: 7122
X-Firefox-Spdy: h2
cbgu.cn/
154.95.207.140301 Moved Permanently 0 B IP 154.95.207.140:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cbgu.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 12 Sep 2022 09:15:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.cbgu.cn/index.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:15:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 08:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 09:45:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IgbOb4WStAlA4XuBemm-k-HH9gWEkR2X0NOCzL2L7XC0VTz1WANz5g==
Age: 1187
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:15:54 GMT
Last-Modified: Mon, 12 Sep 2022 07:44:41 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.cbgu.cn/index.php
154.95.207.140200 OK 539 B IP 154.95.207.140:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (628), with CRLF line terminators
Hash 9d8bce137fbc140d45d79ed0bf1d4d32
7e3c2ff19fff035766931be45e6125da3f2c8637
deac685fc3ad106c907fe0330851b752c0111106f3042b9e4a3612f268e2c4f1
GET /index.php HTTP/1.1
Host: www.cbgu.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0bMaWlY4QBBAPDylY+x7wQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: suBXKUpP4hNcu9IwR4rIjZjDA9g=
www.cbgu.cn/common.js
154.95.207.140200 OK 852 B IP 154.95.207.140:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash d7062acc7b7c5c2843438aefd3757e37
a0a99b1fb307c9cb5777acaa42a6ea2cac21d6cf
2f069baeff46968e1652c2f5526f2910661bc2f095dbf3af9dcb08e93613cabd
GET /common.js HTTP/1.1
Host: www.cbgu.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbgu.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.cbgu.cn/tj.js
154.95.207.140200 OK 258 B IP 154.95.207.140:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash 306b5df9fe6c6049f26901b72c0fe55b
085cfb408615e9b92037843876c1c61786dbf438
51dceb547e7bee0751f20bbe15a33712302dbdcb9dd8c005179bff58f3dcee86
GET /tj.js HTTP/1.1
Host: www.cbgu.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbgu.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:55 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.cbgu.cn/favicon.ico
154.95.207.140200 OK 1.2 kB IP 154.95.207.140:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.cbgu.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbgu.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:55 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 17 Sep 2022 09:15:55 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4050
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 09:15:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4050
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 09:15:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4050
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 09:15:56 GMT
Connection: keep-alive
ruanre.top/
115.126.59.249200 OK 27 kB IP 115.126.59.249:0
ASN #38186 Forewin Telecom Group Limited, ISP at
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1251), with CRLF line terminators
Hash 96cdccf5cbf352a83c78b9082b3c5ee7
bd56658378ea35417694f7da43bc23e297e59f1f
509f65d0bbd6d099ea760454bb19e20edf85532cb1b456a24d10244033140daf
GET / HTTP/1.1
Host: ruanre.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbgu.cn/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4050
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 09:15:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 866ace739b788c7d6e9047d246985a8f
bec098ac12c44fc877555fea7b3ddb8cbef12b2d
1d8599845425acd4bf90d7da05efdd2a9c7e0b5a37efc291cdcf1a2277671429
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8390
x-amzn-requestid: 43e68b0e-80fd-43ed-8f63-86ec0c94c0a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJAPGy8IAMFsdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5534-0d51f22d34cb67eb2319ebf1;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7-heDNZyXWHL3b0QImPg965JLRhfEIVaOKTqnDlkJtz5xby64uPbXQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:44:22 GMT
age: 41494
etag: "bec098ac12c44fc877555fea7b3ddb8cbef12b2d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca76593aa217eb69a58ed89610d9d59d
d09f2d5acd5945620a2a51d72411c3c464a5166e
7b31c12dad70a30defa8924061b635410d8b2a59e90819c8707ee6d0b5acc98e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7029
x-amzn-requestid: 188bfede-89d9-42f9-914b-13a330675370
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxLHkBIAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d4-44c167dd64d1756c0280a759;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbhdBjUA4GNK7U8VQYUPDynJ58slL5aG1bZMDdXc8IKeg0KwZeqn2Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:11 GMT
age: 41265
etag: "d09f2d5acd5945620a2a51d72411c3c464a5166e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 41645
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47ae5cf125ce99bad80c283de8a85cec
0c0c1f84d8693d0c150c97faed21204622d48132
95f5b8cddbfcdb2b6105ed5a0d5ff0dd86390839e5df7416d4f879d69fcf20c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6269
x-amzn-requestid: 8f3cabdd-78c3-47d2-841b-02b674a79123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FSCoAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-4b44c935456026ba700a5759;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cde3-P7vxpXDy-IwW-FDBju-dTmUGqfBlf5mRVDGg3yOCofj-Cxq7A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:54:04 GMT
age: 40912
etag: "0c0c1f84d8693d0c150c97faed21204622d48132"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da890c42b21daa080ec1bdd023800393
02807770b43d375393e1efef0ba432b664a05be0
c0795e0b7535a3f25564b52b2e70a7447baa79378c95153ceb51f8bd3620d89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8658
x-amzn-requestid: 37529bed-8f0c-43dc-926b-32ef4a7adbac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkSfHkDIAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb40f-45988cf4677a87b521ac15b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:45:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8uWWE8aZpq7Fav6RD5pgwfxutdDtXgNdHxo6Jgwe7x3Mkg_DO8twrw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:11:10 GMT
age: 39886
etag: "02807770b43d375393e1efef0ba432b664a05be0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ruanre.top/template/m1938pc/css/ate.css
115.126.59.249200 OK 6.0 kB URL HTTP/1.1 ruanre.top/template/m1938pc/css/ate.css
IP 115.126.59.249:0
ASN #38186 Forewin Telecom Group Limited, ISP at
File type ASCII text, with CRLF line terminators
Hash 775ec9fd65a59632efdf68fc5af2dfad
a51c8530feab204356baa78c94848b688de1caf5
683dab144184920b21b643c2e6de55202e5528633318697e652fec75a8016d93
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: ruanre.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ruanre.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:56 GMT
Content-Type: text/css
Last-Modified: Sat, 22 May 2021 12:07:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60a8f3ee-126e4"
Expires: Mon, 12 Sep 2022 21:15:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6065db8d4276060fbc5f9e0ef04573bc
4077cf9a03f0fa3601bcbea161bfe762feb3a7e0
a14f6e8db246a321dbdcd8672e1914daa53cb9a27a926f63393e5ddc279e58de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9588
x-amzn-requestid: 61cc89f2-7e05-483a-a17b-be3041e0c096
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJK7GvaIAMFoHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5578-068429955950e2374ca0dade;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr40NQEitOGe-Gma7iDmMuWpxpzO-Dlk5UUWH2zCfeY7vTso40XnyQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:11 GMT
age: 41265
etag: "4077cf9a03f0fa3601bcbea161bfe762feb3a7e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ruanre.top/template/m1938pc/css/layui.css
115.126.59.249200 OK 17 kB URL HTTP/1.1 ruanre.top/template/m1938pc/css/layui.css
IP 115.126.59.249:0
ASN #38186 Forewin Telecom Group Limited, ISP at
File type ASCII text, with very long lines (65479)
Hash df82721ff46825a740884aca85bf9149
522903397b3632304d1dab10326c1b750018d984
556465c8eccee13a6a0361d9fe581bb1cac4ad4846609fd2284cf562f7c527f4
GET /template/m1938pc/css/layui.css HTTP/1.1
Host: ruanre.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ruanre.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:56 GMT
Content-Type: text/css
Last-Modified: Sat, 22 May 2021 12:07:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60a8f3ef-12210"
Expires: Mon, 12 Sep 2022 21:15:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ruanre.top/template/m1938pc/js/layui.js
115.126.59.249200 OK 3.3 kB URL HTTP/1.1 ruanre.top/template/m1938pc/js/layui.js
IP 115.126.59.249:0
ASN #38186 Forewin Telecom Group Limited, ISP at
File type Unicode text, UTF-8 text, with very long lines (7324)
Hash 1626692d6c5254c3cbb793b80ef70b05
00fdd403e6233dfadb06e68bf8c6ccc3fe085689
e9f13426f5b705aaeceded2b3ee8952767337cb2591ef4a76d233dd02f40e9c0
GET /template/m1938pc/js/layui.js HTTP/1.1
Host: ruanre.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ruanre.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:56 GMT
Content-Type: application/javascript
Last-Modified: Tue, 19 Jul 2022 07:46:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d6616f-1ce5"
Expires: Mon, 12 Sep 2022 21:15:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ruanre.top/template/m1938pc/css/zui.css
115.126.59.249200 OK 19 kB URL HTTP/1.1 ruanre.top/template/m1938pc/css/zui.css
IP 115.126.59.249:0
ASN #38186 Forewin Telecom Group Limited, ISP at
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash da9fba91b7a287cf9a61e5c44cbaa94e
bf1c11c6853f04561ac7e871b22c2a8febe15c0a
f8d2c763f24226391d3b7896e9a62a361dce857aa2bd5cd3b4e380fbd7f68aa6
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: ruanre.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ruanre.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:56 GMT
Content-Type: text/css
Last-Modified: Sat, 22 May 2021 12:07:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60a8f3ef-14f36"
Expires: Mon, 12 Sep 2022 21:15:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e26bf2e91c0113f5ed555377c733d821
24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8
05799067141ebd2ad8f65f65544018c27dde9a375a3bf1294cc0bbd0afd1cfac
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 16 Sep 2022 06:16:27 GMT
ETag: "24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8"
Last-Modified: Mon, 12 Sep 2022 06:16:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1159
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74978aa449a30b4d-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e26bf2e91c0113f5ed555377c733d821
24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8
05799067141ebd2ad8f65f65544018c27dde9a375a3bf1294cc0bbd0afd1cfac
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 16 Sep 2022 06:16:27 GMT
ETag: "24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8"
Last-Modified: Mon, 12 Sep 2022 06:16:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1159
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74978aa44f44fac4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e26bf2e91c0113f5ed555377c733d821
24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8
05799067141ebd2ad8f65f65544018c27dde9a375a3bf1294cc0bbd0afd1cfac
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 16 Sep 2022 06:16:27 GMT
ETag: "24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8"
Last-Modified: Mon, 12 Sep 2022 06:16:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1159
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74978aa44e5db517-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e26bf2e91c0113f5ed555377c733d821
24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8
05799067141ebd2ad8f65f65544018c27dde9a375a3bf1294cc0bbd0afd1cfac
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 16 Sep 2022 06:16:27 GMT
ETag: "24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8"
Last-Modified: Mon, 12 Sep 2022 06:16:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1159
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74978aa44b36b505-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e26bf2e91c0113f5ed555377c733d821
24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8
05799067141ebd2ad8f65f65544018c27dde9a375a3bf1294cc0bbd0afd1cfac
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 16 Sep 2022 06:16:27 GMT
ETag: "24c0eb9173e6f7e5cc5fce26f9ea0d09bc4237b8"
Last-Modified: Mon, 12 Sep 2022 06:16:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1159
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74978aa44c0ab4fa-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b7993e032c6c569c11d4a7c766d373b
14c9d0bfca23a05ddaa1799193914a0858365386
e30f309ae49faaa446e60ee84d1d4c066fdd8903b2746c491aa992d2b1181417
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E30F309AE49FAAA446E60EE84D1D4C066FDD8903B2746C491AA992D2B1181417"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15107
Expires: Mon, 12 Sep 2022 13:27:44 GMT
Date: Mon, 12 Sep 2022 09:15:57 GMT
Connection: keep-alive
tupku.top/logotp/xfb20.gif
172.67.200.40200 OK 104 kB URL HTTP/2 tupku.top/logotp/xfb20.gif
IP 172.67.200.40:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 104 kB (104154 bytes)
Hash 6553288173706db890b5934ca6e5fa82
309e0cd019f8614179d507151a9d064db1b49803
e156a5a08f34a3969f19c8a8c808b06d1396a496f3678f7c4ff4c5f8b4c2d968
GET /logotp/xfb20.gif HTTP/1.1
Host: tupku.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:57 GMT
content-type: image/gif
content-length: 104154
last-modified: Fri, 15 Apr 2022 17:52:25 GMT
etag: "6259b0d9-196da"
expires: Fri, 23 Sep 2022 18:47:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1607269
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LhiIqO3G1gzIzWgGsHNnTPBBmykq6r2TRp4ICDNw9U6743%2FbtjGE7JtwwFAGObxsAqzvZUP2Nhs0mCVFcsR4w6uIO9pY%2FEb8OqAQ5BjM1O1zIrmePPEPzor3k8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978aa4991cfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:57 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/b79da99d2bf9b374adb19e9382c756b6.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/b79da99d2bf9b374adb19e9382c756b6.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /b79da99d2bf9b374adb19e9382c756b6.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:57 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/b79da99d2bf9b374adb19e9382c756b6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
i.6v6.work/v/?uid=387913
23.225.199.165200 OK 23 B IP 23.225.199.165:0
File type Unicode text, UTF-8 text, with no line terminators
Hash 7ef3933d0347a8eb9b3dbf6f4b035b78
772121927ca42ae6345bcfc9eea8a0a3dcefc369
1645ef4e05613302e213e91b4ef584695a22391778e12d0dff49b0fdbd0208da
GET /v/?uid=387913 HTTP/1.1
Host: i.6v6.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ruanre.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
hm.baidu.com/hm.js?1be30753ebe6996e5f8b341ab01f91f9
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1be30753ebe6996e5f8b341ab01f91f9
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (628)
Hash 8baf61fc8e1603b58e5af8c456096a28
8d6f46fb8ad97ee803b00228a0229eb26e4764c2
c7e7a6c670ada83aa8382bbe4bdb13f6080cfa4baae482c0d5574a1947a40cd9
GET /hm.js?1be30753ebe6996e5f8b341ab01f91f9 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbgu.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:15:57 GMT
Etag: 7ee4c3e57761d52132da22a8635bb383
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2DA5267308FB66C0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b7993e032c6c569c11d4a7c766d373b
14c9d0bfca23a05ddaa1799193914a0858365386
e30f309ae49faaa446e60ee84d1d4c066fdd8903b2746c491aa992d2b1181417
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E30F309AE49FAAA446E60EE84D1D4C066FDD8903B2746C491AA992D2B1181417"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15106
Expires: Mon, 12 Sep 2022 13:27:44 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
tk.learning8808.com/images/xt3.gif
104.21.18.174200 OK 193 kB URL HTTP/2 tk.learning8808.com/images/xt3.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 326 x 217\012- data
Size 193 kB (193237 bytes)
Hash a15551773d50ba1bc1c91f1ac0e7a45f
603c163ea29d202ec5019fecaf202962892d6500
dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e
GET /images/xt3.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: image/gif
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
etag: "626930ff-2f2d5"
expires: Thu, 29 Sep 2022 01:38:42 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1150636
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9908NPLqzIjiXFAeMlZYnXIRQxalEYY8JRr13j1gRAGjiwycWU5OL1WY6Jdy%2FTXCMurj6%2FQ0OH9%2Bw5ib%2FnHIKD03ICHrX3NtUArFR3HrfTC5rBDpuD79KNwjqR5PihNXRDWdkubL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978aaafcc5b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b7993e032c6c569c11d4a7c766d373b
14c9d0bfca23a05ddaa1799193914a0858365386
e30f309ae49faaa446e60ee84d1d4c066fdd8903b2746c491aa992d2b1181417
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E30F309AE49FAAA446E60EE84D1D4C066FDD8903B2746C491AA992D2B1181417"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15106
Expires: Mon, 12 Sep 2022 13:27:44 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
hm.baidu.com/hm.js?bdca6cd0ce243078a710bd99905a8ea4
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?bdca6cd0ce243078a710bd99905a8ea4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash a1e62b9afa414b69cd80b1701f4d6121
b19f3058bf819f478e2e4c50292ab0f53232adc4
7fb9bd3d87fc4c4728deea1e4f67619a50aba3d2d8cf424fa93ff1fd95249f9d
GET /hm.js?bdca6cd0ce243078a710bd99905a8ea4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbgu.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:15:57 GMT
Etag: 2913b5036cbe09c29ae3be70f99aa0e4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2011AA543E4BD5B4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?d6550106d666c0df9b5bd3607380fddc
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d6550106d666c0df9b5bd3607380fddc
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash 75513feee25f1470155e5b7a33df3c6c
75c5fc5bb87acd338651e24ecaf6e0f05c585658
2e94c34dbd31ebe1ab2fca83172ebe28ac266f40492da52744fff9dc5a774229
GET /hm.js?d6550106d666c0df9b5bd3607380fddc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbgu.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:15:57 GMT
Etag: 7a9c599217b85629231e45ba9979285d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EB57FA5899CE3EF5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b7993e032c6c569c11d4a7c766d373b
14c9d0bfca23a05ddaa1799193914a0858365386
e30f309ae49faaa446e60ee84d1d4c066fdd8903b2746c491aa992d2b1181417
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E30F309AE49FAAA446E60EE84D1D4C066FDD8903B2746C491AA992D2B1181417"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15106
Expires: Mon, 12 Sep 2022 13:27:44 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
kvkaa.com/3d4880421423cb46270fedc14e73f807.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3d4880421423cb46270fedc14e73f807.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3d4880421423cb46270fedc14e73f807.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3d4880421423cb46270fedc14e73f807.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.nightbar8.top/upload/vod/20220707-1/936bef0057c41ed054d963b9bf51e3c0.gif
172.67.177.155200 OK 191 kB URL HTTP/2 www.nightbar8.top/upload/vod/20220707-1/936bef0057c41ed054d963b9bf51e3c0.gif
IP 172.67.177.155:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 191 kB (191414 bytes)
Hash fc10bc2943003824980a01151a44ffb7
92f1c6205c78805263736a99a85562bac9df2f4e
38b204b5aa409564ea0d4bd5784bb137948c3e05d614b18238eea794a9ce5541
GET /upload/vod/20220707-1/936bef0057c41ed054d963b9bf51e3c0.gif HTTP/1.1
Host: www.nightbar8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: image/gif
content-length: 191414
last-modified: Thu, 07 Jul 2022 13:07:17 GMT
etag: "62c6da85-2ebb6"
expires: Tue, 11 Oct 2022 09:14:37 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 86481
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFrgE%2F4d5cUWpTxFd78c23X8y%2BCnXQlwQ%2FP%2F14ZTzpLwg9iX278C2J%2BzErje%2B5oVzJZsrsZe0%2FknAZZIlRb%2BTkyUw%2BJ7%2Bo6WbyViFjg0JWfmLMZ2B%2FK1Epcy6ex0rQsdvKEmlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978aab3da2fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nightbar8.top/upload/vod/20220728-1/16c5a8aa6033df49e6e4ffc393530fbc.gif
172.67.177.155200 OK 91 kB URL HTTP/2 www.nightbar8.top/upload/vod/20220728-1/16c5a8aa6033df49e6e4ffc393530fbc.gif
IP 172.67.177.155:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 844ea40aca5805345d12f0829ebe0528
b90d3ce6b07d2359bd51cd83cf5b069bd5bba464
2fb37c4ec7f38f559c85a909a6b1f46ab653902915795f010864adeda3d78325
GET /upload/vod/20220728-1/16c5a8aa6033df49e6e4ffc393530fbc.gif HTTP/1.1
Host: www.nightbar8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: image/gif
content-length: 90932
last-modified: Thu, 28 Jul 2022 07:18:30 GMT
etag: "62e23846-16334"
expires: Tue, 11 Oct 2022 09:14:37 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 86481
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u307llvgH5AIQkeQx%2BChVOn1xPrkAnH64QFIRF0JPRbZD9bcWH0GT%2BBcBJrRBKiIhFHvrlC5oEvFnZ16fINu2pfVKEhKdoeh3BW42r%2F1SuUI%2BdpwKqiqzFsHevcftHQBCl6SCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978aab3da4fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/c40eb5d2869982a34091b21b14a0c4f8.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/c40eb5d2869982a34091b21b14a0c4f8.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c40eb5d2869982a34091b21b14a0c4f8.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/c40eb5d2869982a34091b21b14a0c4f8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.nightbar8.top/upload/vod/20220712-1/40ae135d7f43938a27e7a56821b0ac7b.gif
172.67.177.155200 OK 541 kB URL HTTP/2 www.nightbar8.top/upload/vod/20220712-1/40ae135d7f43938a27e7a56821b0ac7b.gif
IP 172.67.177.155:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 541 kB (541405 bytes)
Hash ed70b1fa4d2e78ce4cd9616a4d9369ce
8b7e5da97bab5b3f78377c080a2cbac8d1cc3868
9aba904173538d49aee04fac309765a7f65160b8a7c6d7689e0a94f81841d0c0
GET /upload/vod/20220712-1/40ae135d7f43938a27e7a56821b0ac7b.gif HTTP/1.1
Host: www.nightbar8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: image/gif
content-length: 541405
last-modified: Tue, 12 Jul 2022 11:28:06 GMT
etag: "62cd5ac6-842dd"
expires: Tue, 11 Oct 2022 09:14:37 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 86481
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ss%2B%2FayWqM%2FO6MsS8bV2a4fNzsUIzSSeR%2BuFk2M9YvKvh7w73TYjB0wXDkqSpcFABZOQVfa6aXmU6agU8whpig26IJ%2F3WLWsRMeIs9GfRdRCXUXt3SW4I4wPLI95FofsKxqCfwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978aab3dabfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 048013b71724132a11cac3462ce89e9d
3b3a28a14179eb42f48e2af757cd42f260a831d6
c523ab6df3cc35082cb6426341929b4673ebcf66a252e47d71d84176e6568419
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C523AB6DF3CC35082CB6426341929B4673EBCF66A252E47D71D84176E6568419"
Last-Modified: Sat, 10 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7949
Expires: Mon, 12 Sep 2022 11:28:27 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4626aca97f190aaa9ffdc07a06807842
e6dc1ac30d4f3f9f15e854acef0088acb59557a9
3f5ceff775cb25bb7b1294e334c0029b1620959f3e05604cf2322081b80df055
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:15:58 GMT
Last-Modified: Mon, 12 Sep 2022 07:46:53 GMT
Server: ECS (amb/6BA8)
X-Cache: HIT
Content-Length: 278
hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (640)
Hash adf9a01bbdc8cff3f3f6d21e3ced8523
933450b2275bf33c510d44aec420df01bc0e6dde
d5c1dd6a0a29dfc53830ff529ffb0614bc9e4ac5aa4be5d733c56e7629010360
GET /hm.js?b514e882bf71128292fc54ff36420746 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbgu.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11353
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:15:57 GMT
Etag: b827ffb9042b100db00771d63c6b36d5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C8E418250E5640DD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 048013b71724132a11cac3462ce89e9d
3b3a28a14179eb42f48e2af757cd42f260a831d6
c523ab6df3cc35082cb6426341929b4673ebcf66a252e47d71d84176e6568419
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C523AB6DF3CC35082CB6426341929B4673EBCF66A252E47D71D84176E6568419"
Last-Modified: Sat, 10 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7949
Expires: Mon, 12 Sep 2022 11:28:27 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
imagedelivery.net/A9OuLaxm6__qJKw8tAadDA/c8ee6338-c86d-4072-9061-f3ab7e57eb00/public
104.18.2.36200 OK 175 kB URL HTTP/2 imagedelivery.net/A9OuLaxm6__qJKw8tAadDA/c8ee6338-c86d-4072-9061-f3ab7e57eb00/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 175 kB (174690 bytes)
Hash c93bda45f687fc41c8cf579732952078
7fa6a622f61224d9fe8a937b13c7d4baefba1a4b
adb96924bf6c786a195f8e1c9c9d09f6a5c314c54266c061b245d60205d1c7eb
GET /A9OuLaxm6__qJKw8tAadDA/c8ee6338-c86d-4072-9061-f3ab7e57eb00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: image/webp
content-length: 174690
cf-ray: 74978aabe819b505-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "cfQVzlN4E4J_dkYov9szlrjA"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=14 c=147 v=2022.9.0 l=174690
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 37be2da7c2159b38e0a31c6c1731089d
754faff88082db29cd7afc052f08ea170a0341a4
46df8d6b142d0ec31a0a1ebb0ec075ed8acd50bf9dc895bd96528ff006b314b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46DF8D6B142D0EC31A0A1EBB0EC075ED8ACD50BF9DC895BD96528FF006B314B0"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2956
Expires: Mon, 12 Sep 2022 10:05:14 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 63326570c468156405473cc078578b07
91a41bd55c584f1fbfa14000482a2f8b53ac4b4d
eb8d38bca0ad48d03ee437e24ca1885289389dc4a332a86c0169e5105595ae89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB8D38BCA0AD48D03EE437E24CA1885289389DC4A332A86C0169E5105595AE89"
Last-Modified: Fri, 09 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2609
Expires: Mon, 12 Sep 2022 09:59:27 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
kvhdd.com/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhdd.com/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03958120009rrl5x8B1D9.gif
23.14.2.52200 OK 341 kB URL HTTP/2 dimg04.c-ctrip.com/images/03958120009rrl5x8B1D9.gif
IP 23.14.2.52:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 341 kB (341373 bytes)
Hash 31cfc227b5dc64e4de1b83d1bbf58246
fa726ea535a7163ed7e2530d5c3e46eb4e73c9db
50e1eb0c48a62bff94a460c9b526c3b696a3a03d05e57946afcb1de2f0bc6164
GET /images/03958120009rrl5x8B1D9.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 341373
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=12461469
expires: Fri, 03 Feb 2023 14:47:07 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0102z120009fpqlyh32E0.gif?proc=autoorient
23.14.2.52200 OK 873 kB URL HTTP/2 dimg04.c-ctrip.com/images/0102z120009fpqlyh32E0.gif?proc=autoorient
IP 23.14.2.52:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 873 kB (873044 bytes)
Hash 4afba97a5491e68fcca4cdee4b87d629
09e1dddabf60e12cbd368c2df9d6474f703d7a2f
23861d601f540f738c33eebd6821fef3a74e1f6d5540d939d8a07c08f40bcd19
GET /images/0102z120009fpqlyh32E0.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 873044
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=3728530
expires: Tue, 25 Oct 2022 12:58:08 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
kvhdd.com/76cbee08e6a1d001d501bebf2aac5719.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhdd.com/76cbee08e6a1d001d501bebf2aac5719.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /76cbee08e6a1d001d501bebf2aac5719.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/76cbee08e6a1d001d501bebf2aac5719.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0392w120009h1dgh76303.gif
23.14.2.52200 OK 170 kB URL HTTP/2 dimg04.c-ctrip.com/images/0392w120009h1dgh76303.gif
IP 23.14.2.52:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 170 kB (170247 bytes)
Hash c01130e14349e47409ee31592f0fd4cb
663b4836f0a7823f056c679c75e31b461156c622
610f20fe264569b21a331ee2020e9d5c13182e91b2d587a246a4e155d06888c6
GET /images/0392w120009h1dgh76303.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 170247
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 182
cache-control: max-age=5544460
expires: Tue, 15 Nov 2022 13:23:38 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0103y120009uunqix2BC2.gif?proc=autoorient
23.14.2.52200 OK 402 kB URL HTTP/2 dimg04.c-ctrip.com/images/0103y120009uunqix2BC2.gif?proc=autoorient
IP 23.14.2.52:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 402 kB (402231 bytes)
Hash 6497ef8f223cd0070b904d48ece475e5
7e6dc0a79d9a1feef08b8cfffffb2fef7bf83fc6
cfe5826da227b26ad6a5dc15aea3ca217a3ff9bab854cc7b72b40468fb9a73bc
GET /images/0103y120009uunqix2BC2.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 402231
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 160
cache-control: max-age=13625045
expires: Fri, 17 Feb 2023 02:00:03 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0106t120009i751ymA6F4.gif
23.14.2.52200 OK 888 kB URL HTTP/2 dimg04.c-ctrip.com/images/0106t120009i751ymA6F4.gif
IP 23.14.2.52:0
File type GIF image data, version 89a, 240 x 240\012- data
Size 888 kB (887927 bytes)
Hash 7eccd9547d689f4c7ead2f749029550e
e76e4336879abc5708682ddb2c31e50fcf3a0033
adfce6eb5ffed013778ec1bff1084dd559a782896af286f974a54a62c9fcf4e9
GET /images/0106t120009i751ymA6F4.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 887927
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 143
cache-control: max-age=6754940
expires: Tue, 29 Nov 2022 13:38:18 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/01034120009we8oyg9C39.gif?proc=autoorient
23.14.2.52200 OK 532 kB URL HTTP/2 dimg04.c-ctrip.com/images/01034120009we8oyg9C39.gif?proc=autoorient
IP 23.14.2.52:0
File type GIF image data, version 89a, 240 x 140\012- data
Size 532 kB (532399 bytes)
Hash 63a3f4743b6b47516b293c1110319d43
a253d2d99c8dc2bd399d7c7f8df918d259b0548a
12d18a7995968ba83d462b20dfe93cb610a697c3da367c4d36cac558cd5a0608
GET /images/01034120009we8oyg9C39.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 532399
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14431786
expires: Sun, 26 Feb 2023 10:05:44 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/01009120009we9b4r7312.gif?proc=autoorient
23.14.2.52200 OK 750 kB URL HTTP/2 dimg04.c-ctrip.com/images/01009120009we9b4r7312.gif?proc=autoorient
IP 23.14.2.52:0
File type GIF image data, version 89a, 240 x 140\012- data
Size 750 kB (749581 bytes)
Hash fca89d9643694abb37e96f163e5fb19b
78f73f238b4cb6d24f3be98f91db79abcf26e14c
f7cf7a071ed4e9fd68176a20f974af514d54912aad1f996a251737e7f2395209
GET /images/01009120009we9b4r7312.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 749581
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14431602
expires: Sun, 26 Feb 2023 10:02:40 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 63326570c468156405473cc078578b07
91a41bd55c584f1fbfa14000482a2f8b53ac4b4d
eb8d38bca0ad48d03ee437e24ca1885289389dc4a332a86c0169e5105595ae89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB8D38BCA0AD48D03EE437E24CA1885289389DC4A332A86C0169E5105595AE89"
Last-Modified: Fri, 09 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2609
Expires: Mon, 12 Sep 2022 09:59:27 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
ruanre.top/template/m1938pc/images/video-play.png
115.126.59.249200 OK 1.6 kB URL HTTP/1.1 ruanre.top/template/m1938pc/images/video-play.png
IP 115.126.59.249:0
ASN #38186 Forewin Telecom Group Limited, ISP at
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: ruanre.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ruanre.top/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 09:15:58 GMT
Content-Type: image/png
Content-Length: 1567
Last-Modified: Sat, 22 May 2021 12:07:20 GMT
Connection: keep-alive
ETag: "60a8f3f8-61f"
Expires: Wed, 12 Oct 2022 09:15:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e6db58eb3afc45dc41da7ab6a3cf34fc
c87a8ca34bc257c98827c830bb21014dd0db1b17
4bcef9ed388ac4e63d4040e163933c1c76a090b13993aebad4c44e7be9ee0c96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BCEF9ED388AC4E63D4040E163933C1C76A090B13993AEBAD4C44E7BE9EE0C96"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Mon, 12 Sep 2022 15:14:59 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b5e5cecbe66bfab6014f22a446cebdc1
903c5507a1a8cb7a1978e1d6a4313ff84954c574
b92869ebd0a1c3f09a6e6a74ab0a0049fe2e98a75e7840ec18568b927315ffaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B92869EBD0A1C3F09A6E6A74AB0A0049FE2E98A75E7840EC18568B927315FFAA"
Last-Modified: Sun, 11 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15640
Expires: Mon, 12 Sep 2022 13:36:38 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/03964120009rs6jjg70FF.gif
23.14.2.52200 OK 1.6 MB URL HTTP/2 dimg04.c-ctrip.com/images/03964120009rs6jjg70FF.gif
IP 23.14.2.52:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.6 MB (1556166 bytes)
Hash 0b17d03531a48d4000db14ced55e5dfd
bdeb80e6d917f836fb4886758896cac9bc78047e
4b74bdadc9f2a4d4cce7d241395dcdd266bcbf5e16d344a7b3cf763ae46fc30b
GET /images/03964120009rs6jjg70FF.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1556166
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 168
cache-control: max-age=13229599
expires: Sun, 12 Feb 2023 12:09:17 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1c28dc9cc0da4badac4481f9409048a1
303c62cfb3d722e18b8ccccf9c24a2c8ac659528
8d0e316ba1d38f6e4109715a8f983f7184c5c16a0e90545c13ff9509b8334f9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8D0E316BA1D38F6E4109715A8F983F7184C5C16A0E90545C13FF9509B8334F9A"
Last-Modified: Sun, 11 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Mon, 12 Sep 2022 15:15:04 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 63326570c468156405473cc078578b07
91a41bd55c584f1fbfa14000482a2f8b53ac4b4d
eb8d38bca0ad48d03ee437e24ca1885289389dc4a332a86c0169e5105595ae89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB8D38BCA0AD48D03EE437E24CA1885289389DC4A332A86C0169E5105595AE89"
Last-Modified: Fri, 09 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2609
Expires: Mon, 12 Sep 2022 09:59:27 GMT
Date: Mon, 12 Sep 2022 09:15:58 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2009614506&si=1be30753ebe6996e5f8b341ab01f91f9&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2009614506&si=1be30753ebe6996e5f8b341ab01f91f9&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2009614506&si=1be30753ebe6996e5f8b341ab01f91f9&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbgu.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 12 Sep 2022 09:15:58 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7F3EA115996B6BC8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a7f637c7743109757222ef8f6071b025
6dae3086a35e8d1ce647ce33da004e3ff06c2492
66a1e7eb16a1397b44b2323581118868ecd46884cd74611c1cbca9bf0298363a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66A1E7EB16A1397B44B2323581118868ECD46884CD74611C1CBCA9BF0298363A"
Last-Modified: Sun, 11 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19902
Expires: Mon, 12 Sep 2022 14:47:41 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/0100l120009uunswn2033.gif?proc=autoorient
23.14.2.52200 OK 865 kB URL HTTP/2 dimg04.c-ctrip.com/images/0100l120009uunswn2033.gif?proc=autoorient
IP 23.14.2.52:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 865 kB (865077 bytes)
Hash ddb78df9c939d196e8ca8cc261b05430
4a778362a55bc48664268b07aa97115b39fe4586
8757bbbff4bfcb7e9203cd8973e5c22c7897c6879b97399939dc84ea34cd05ca
GET /images/0100l120009uunswn2033.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 865077
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 150
cache-control: max-age=13625024
expires: Fri, 17 Feb 2023 01:59:42 GMT
date: Mon, 12 Sep 2022 09:15:58 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
tvax1.sinaimg.cn/large/008tT9E7ly1h4cnzrsxrgg3046046ajt.gif
23.33.119.26301 Moved Permanently 169 B URL HTTP/2 tvax1.sinaimg.cn/large/008tT9E7ly1h4cnzrsxrgg3046046ajt.gif
IP 23.33.119.26:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8c2170ef3ddebf996718575917956e9c
618ab5fab7445b7797272607a22c0d307465857f
31976ec4fe4abdf91d242f8bacfc9f6cf16acc46d13d0de6e32a2da88076cc55
GET /large/008tT9E7ly1h4cnzrsxrgg3046046ajt.gif HTTP/1.1
Host: tvax1.sinaimg.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
content-type: text/html
content-length: 169
x-ban: MISS,17555
pragma: public
x-request-id: g10.63-1662974088.232000-1018260138
location: //tvax1.sinaimg.cn/images/default_d_s_large.gif#101
edge-copy-time: 1662974088242
x-via-cdn: f=Akamai,s=23.33.119.22,c=91.90.42.154;f=edge,s=cmcc.guangzhou.union.93.nb.sinaedge.com,c=23.45.50.68;f=Edge,s=cmcc.guangzhou.union.81,c=172.16.174.77
x-via-edge: 166297413546044322d174dae10ac3bfebc89
access-control-allow-credentials: true
cache-control: max-age=50
date: Mon, 12 Sep 2022 09:15:59 GMT
x-cache: TCP_REFRESH_MISS from a23-33-119-22.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-44045506) (S)
x-cache-remote: TCP_REFRESH_MISS from a184-31-15-29.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-44045506) (S)
network_info: NO_OSLO_50304
served-from: ?:184.31.15.33:e:23.33.119.22
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=798091363&si=bdca6cd0ce243078a710bd99905a8ea4&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=798091363&si=bdca6cd0ce243078a710bd99905a8ea4&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=798091363&si=bdca6cd0ce243078a710bd99905a8ea4&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbgu.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 12 Sep 2022 09:15:58 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DB2D99D669586769; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
tvax1.sinaimg.cn/large/008tT9E7ly1h4co42s65hg302s02s40x.gif
23.33.119.26301 Moved Permanently 169 B URL HTTP/2 tvax1.sinaimg.cn/large/008tT9E7ly1h4co42s65hg302s02s40x.gif
IP 23.33.119.26:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8c2170ef3ddebf996718575917956e9c
618ab5fab7445b7797272607a22c0d307465857f
31976ec4fe4abdf91d242f8bacfc9f6cf16acc46d13d0de6e32a2da88076cc55
GET /large/008tT9E7ly1h4co42s65hg302s02s40x.gif HTTP/1.1
Host: tvax1.sinaimg.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
content-type: text/html
content-length: 169
x-ban: MISS,17555
pragma: public
x-request-id: g26.71-1662974049.004000-714888863
location: //tvax1.sinaimg.cn/images/default_d_s_large.gif#101
edge-copy-time: 1662974049009
x-via-cdn: f=Akamai,s=23.33.119.22,c=91.90.42.154;f=edge,s=cnc.guangzhou.union.58.nb.sinaedge.com,c=23.32.248.101;f=Edge,s=ctc.guangzhou.union.186,c=172.16.116.58
x-via-edge: 166297415110265f820173a7410ac0d7ecc86
access-control-allow-credentials: true
cache-control: max-age=20
date: Mon, 12 Sep 2022 09:15:59 GMT
x-cache: TCP_REFRESH_MISS from a23-33-119-22.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-44045506) (S)
x-cache-remote: TCP_REFRESH_MISS from a184-31-15-125.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-44045506) (S)
network_info: NO_OSLO_50304, NO_OSLO_50304
served-from: e:23.32.248.101:e:23.33.119.22
X-Firefox-Spdy: h2
tvax1.sinaimg.cn/images/default_d_s_large.gif
23.33.119.26200 OK 7.1 kB URL HTTP/2 tvax1.sinaimg.cn/images/default_d_s_large.gif
IP 23.33.119.26:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 360 x 360\012- data
Hash 41e5d4e3002de5cea3c8feae189f0736
4146f3b42f71ab9571a2cf2586cb5fa13bfdcef5
e6e333264f197a7e6bda94c1b4fc00529af89f07af0dbd1e57e7805927910860
GET /images/default_d_s_large.gif HTTP/1.1
Host: tvax1.sinaimg.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 7125
x-ban: MISS,10534
last-modified: Tue, 17 May 2022 07:49:53 GMT
etag: "628353a1-1bd5"
accept-ranges: bytes
edge-copy-time: 1653211584961
x-via-cdn: f=Akamai,s=23.33.119.22,c=91.90.42.154;f=edge,s=ctc.guangzhou.union.52.nb.sinaedge.com,c=23.32.248.84;f=Edge,s=cmcc.guangzhou.union.106,c=10.31.54.52
x-via-edge: 165324123573354f8201734361f0a047f2bfe
access-control-allow-credentials: true
cache-control: max-age=7467323
expires: Wed, 07 Dec 2022 19:31:22 GMT
date: Mon, 12 Sep 2022 09:15:59 GMT
x-cache: TCP_HIT from a23-33-119-22.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-44045506) (-)
network_info: TJ_DUSHANBE_48887, NO_OSLO_50304
served-from: e:23.33.119.22
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8d0003ed2ab90d41ee3f7bb8c3f25279
e5cc7e1e31b2441a4876f1479b46d54fd0c36606
efd78c5905c2850775c591199d55ff205c266d4d1326195588bc02858013fda8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFD78C5905C2850775C591199D55FF205C266D4D1326195588BC02858013FDA8"
Last-Modified: Fri, 09 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15215
Expires: Mon, 12 Sep 2022 13:29:34 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d22d4c2b110752d583b35330d2162948
f2f79fff1224ad598f1d10edaa598bb89ae418c0
44fff55caa98e30cf6ba0d6c5dce08672525df5235534cf608c9000c7df6941b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44FFF55CAA98E30CF6BA0D6C5DCE08672525DF5235534CF608C9000C7DF6941B"
Last-Modified: Sun, 11 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1704
Expires: Mon, 12 Sep 2022 09:44:23 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2117406567&si=d6550106d666c0df9b5bd3607380fddc&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2117406567&si=d6550106d666c0df9b5bd3607380fddc&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2117406567&si=d6550106d666c0df9b5bd3607380fddc&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbgu.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 12 Sep 2022 09:15:58 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9AD6C9466F94BF13; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1734189726&si=b514e882bf71128292fc54ff36420746&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1734189726&si=b514e882bf71128292fc54ff36420746&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1734189726&si=b514e882bf71128292fc54ff36420746&v=1.2.97&lv=1&sn=23522&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbgu.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E4%B9%B1%E5%90%9E%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbgu.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 12 Sep 2022 09:15:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=63A5695C67583194; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c2d61b83b504fca245bf4f5c59f5aac6
63da54791251273147079e2434641e4106366615
8a58db57d55255c5f0eb1da198134c4dcf9200a33a882c4067ec290846c5c09e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8A58DB57D55255C5F0EB1DA198134C4DCF9200A33A882C4067EC290846C5C09E"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18105
Expires: Mon, 12 Sep 2022 14:17:44 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c66f7f219d92fc0640dfe7d0eba121d4
cac5399bf2ed3b355efe0c3e936dcf423270c2ce
18f1b30263c249d9ca19135404c1ad06f9a554d1994bc1b8b4f9c6669d5e615c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "18F1B30263C249D9CA19135404C1AD06F9A554D1994BC1B8B4F9C6669D5E615C"
Last-Modified: Sat, 10 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17175
Expires: Mon, 12 Sep 2022 14:02:14 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
aooacctp.vip/lm/ynv100.gif
104.21.82.179200 OK 89 kB URL HTTP/2 aooacctp.vip/lm/ynv100.gif
IP 104.21.82.179:0
File type GIF image data, version 89a, 267 x 160\012- data
Hash 482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
GET /lm/ynv100.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 89034
last-modified: Sun, 29 May 2022 06:37:35 GMT
etag: "629314af-15bca"
expires: Wed, 05 Oct 2022 09:07:30 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 605242
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAmh0Xo5VWLhYHzjUy8kUs4SJwOVfARs2YyVoGABbkDuqbXDoTzYYXz08DNW3uQnnRu5OEq5HzbCCzI0O48fzmVzz4xd3Tm%2Biw%2BUxJljsw81Jh2Nf6KERbzwW6pvBjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978aaf3f4b0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtbbb.top/b79da99d2bf9b374adb19e9382c756b6.gif
172.67.147.13200 OK 69 kB URL HTTP/2 kvtbbb.top/b79da99d2bf9b374adb19e9382c756b6.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 501a7839a0ccd48d152e3441a6c1d297
dcc20dbe989beb1b1e5c82bc27f39615d0ad7a2d
db63ec8423aa0cc664270b6a331754691eff75ce4497b1456b8eb6d702dce696
GET /b79da99d2bf9b374adb19e9382c756b6.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 68973
last-modified: Sun, 03 Jul 2022 12:57:33 GMT
etag: "62c1923d-10d6d"
expires: Sat, 08 Oct 2022 22:37:59 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 297480
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLmB2gPIhltLmBcMQoJ78whH04UHr2QYk9PiLef%2F4UezEIkVbxEOFNkJ54Tdf15cXS0LdX4ZincacvtiA4tJj7c5Xyu661vTJMCJbwbWOEwfhZrVq%2FplhidvFX%2BZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978aaf397eb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c2d61b83b504fca245bf4f5c59f5aac6
63da54791251273147079e2434641e4106366615
8a58db57d55255c5f0eb1da198134c4dcf9200a33a882c4067ec290846c5c09e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8A58DB57D55255C5F0EB1DA198134C4DCF9200A33A882C4067EC290846C5C09E"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Sep 2022 15:15:59 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
aooacctp.vip/lm/se5.gif
104.21.82.179200 OK 397 kB IP 104.21.82.179:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 397 kB (396964 bytes)
Hash 7b42e791e269b8425a0f380efdd8e5fd
10c09c8f711478c7aeccc988c076d299fafcbbfa
00ef96678470106e95be9f6f4dc07debbbb63a96db839adbf17e5e04e27caf60
GET /lm/se5.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 396964
last-modified: Wed, 25 May 2022 14:04:51 GMT
etag: "628e3783-60ea4"
expires: Sun, 09 Oct 2022 00:00:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 292425
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfRLW35yL3YmuPbaZWVp8tj5VqEKaKIOXD79k1J0XUS8v8xjn%2Bl0t8w7mDO%2ByarkbCtx%2FeDWD5qStqL4EHPkB3gUN6GwcxnGs%2ByMiurvz103RWTXb%2BbxS4vVoM9F88I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978aaf68460b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 47255f6ac216a73aabb32744d9610250
ef056b56bea82dc4aa872627e6b3c1f23edbf8a8
df4f103340e80af5a0cadfda1974820f7317a9f091be243d52ac2a59732215ca
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 13:29:07 GMT
Expires: Thu, 15 Sep 2022 13:29:06 GMT
Etag: "ef056b56bea82dc4aa872627e6b3c1f23edbf8a8"
Cache-Control: max-age=273786,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978aaf3d861bfe-OSL
kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: text/html
content-length: 162
location: https://kvhiii.top/ca302b14c051bf41d75347daaf6e7ab3.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 987bb64cd1606380c65daed3d80cea29
fd3f4a23496cc1e17ca6e370c56933fb70a3ce2c
e37169fcbff4e624649c940ce63b529dbc744baf8441768c5d9c68fdbdea5fba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E37169FCBFF4E624649C940CE63B529DBC744BAF8441768C5D9C68FDBDEA5FBA"
Last-Modified: Sun, 11 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21052
Expires: Mon, 12 Sep 2022 15:06:51 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 47255f6ac216a73aabb32744d9610250
ef056b56bea82dc4aa872627e6b3c1f23edbf8a8
df4f103340e80af5a0cadfda1974820f7317a9f091be243d52ac2a59732215ca
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 13:29:07 GMT
Expires: Thu, 15 Sep 2022 13:29:06 GMT
Etag: "ef056b56bea82dc4aa872627e6b3c1f23edbf8a8"
Cache-Control: max-age=273786,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978aaf6891b4e8-OSL
s2.loli.net/2022/05/04/YHV5w1cvajoF4Ss.gif
104.26.0.190200 OK 18 kB URL HTTP/2 s2.loli.net/2022/05/04/YHV5w1cvajoF4Ss.gif
IP 104.26.0.190:0
File type GIF image data, version 89a, 220 x 145\012- data
Hash fca066c77af654625069c3e05fe7cd38
a42c3e6807b7ca3d194f2a911ee95e1b28d880b8
d0475d47ca223bd2fc3b6364926d6b0a193f560d3c2ec381a431277341cde53a
GET /2022/05/04/YHV5w1cvajoF4Ss.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 18378
last-modified: Wed, 04 May 2022 11:32:19 GMT
etag: "62726443-47ca"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnhtLWqgbw4q0I9xhelX3vHVD3p%2BVBa3gJyRdcRN9i88ib85GuNrqAD9FrnRZ3gkMyrH8vicjOGwfQZbUWhCqR6i%2FosRwx5aZK0R5AwfhW%2BgqPTyqoIkd%2BhIpHKo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74978aab3b2cb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1d4403bd9567a548092a6c383f983fc5
5fe0397e46c5281bef63cca433e2fcb5f121d680
ce8f4e567b35c2bfae23cc65f7b9ab291b496e22457fc987bc1351ac0f13813f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 02:56:38 GMT
Expires: Sat, 17 Sep 2022 02:56:37 GMT
Etag: "5fe0397e46c5281bef63cca433e2fcb5f121d680"
Cache-Control: max-age=408637,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978aae9b08fac0-OSL
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f2397681adbb341fac91212df9be6fc3
04bcdd98e05cc3824b10048053549c38ff317941
ed298371c6b41aa6c4023d18921f83f14198b284cccc1c8c31229640c97144f6
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 12 Sep 2022 09:15:59 GMT
Last-Modified: Sun, 11 Sep 2022 23:18:48 GMT
ETag: "631e6cd8-1d7"
Expires: Tue, 13 Sep 2022 23:18:48 GMT
Cache-Control: max-age=136969
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1662974159
Via: cache9.l2de2[276,275,200-0,M], cache9.l2de2[277,0], cache2.se1[297,297,200-0,M], cache2.se1[299,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 12 Sep 2022 09:15:59 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616629741591031011e
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3f8d30ed8dfa53554c956a402f3c8adc
9e289d44a86ed90977dcae4bf064651860a60b48
316533890df718b0d165133998e828a833feca49f48dd885e2bfb3ef2e016eaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "316533890DF718B0D165133998E828A833FECA49F48DD885E2BFB3EF2E016EAA"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Sep 2022 15:15:59 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3f8d30ed8dfa53554c956a402f3c8adc
9e289d44a86ed90977dcae4bf064651860a60b48
316533890df718b0d165133998e828a833feca49f48dd885e2bfb3ef2e016eaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "316533890DF718B0D165133998E828A833FECA49F48DD885E2BFB3EF2E016EAA"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Sep 2022 15:15:59 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3f8d30ed8dfa53554c956a402f3c8adc
9e289d44a86ed90977dcae4bf064651860a60b48
316533890df718b0d165133998e828a833feca49f48dd885e2bfb3ef2e016eaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "316533890DF718B0D165133998E828A833FECA49F48DD885E2BFB3EF2E016EAA"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Mon, 12 Sep 2022 15:15:40 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (640)
Hash ed9e9facec3a22cae64a54bf790572e3
93ccb14d547113b6530ab84931ed5a65e560347e
0a0e480a8998954992767abc24d91989fc9bb0b1139d2a2b25a7a09b0fe64540
GET /hm.js?b514e882bf71128292fc54ff36420746 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: b827ffb9042b100db00771d63c6b36d5
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11353
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:15:58 GMT
Etag: 8a12cdded9735c041c357498399fa3f8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B3FD2623BEA7D5C8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4d052c8e9ad0fae104b6ba5f4b78102e
77948adfa46462b657943575dd677be6c68cb525
cc8b4b9b9a58f449c11203122bba375e277e0b70980bff0e95ce75cd03c5f475
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 19:46:20 GMT
Expires: Fri, 16 Sep 2022 19:46:19 GMT
Etag: "77948adfa46462b657943575dd677be6c68cb525"
Cache-Control: max-age=382819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978ab08f0b1bfe-OSL
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1c28dc9cc0da4badac4481f9409048a1
303c62cfb3d722e18b8ccccf9c24a2c8ac659528
8d0e316ba1d38f6e4109715a8f983f7184c5c16a0e90545c13ff9509b8334f9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8D0E316BA1D38F6E4109715A8F983F7184C5C16A0E90545C13FF9509B8334F9A"
Last-Modified: Sun, 11 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Mon, 12 Sep 2022 15:15:04 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash cad7f00892ca3be762e48172da6e3570
75bf30318296e60cac751563969524aeda066b49
b0fe319ba796bfb47b86f0edbac7f981f270cdf7cd4e3ad0d78b525052198a6f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 16 Sep 2022 07:59:00 GMT
ETag: "75bf30318296e60cac751563969524aeda066b49"
Last-Modified: Mon, 12 Sep 2022 07:59:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3327
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74978ab0f8fd0b4d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4d052c8e9ad0fae104b6ba5f4b78102e
77948adfa46462b657943575dd677be6c68cb525
cc8b4b9b9a58f449c11203122bba375e277e0b70980bff0e95ce75cd03c5f475
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 19:46:20 GMT
Expires: Fri, 16 Sep 2022 19:46:19 GMT
Etag: "77948adfa46462b657943575dd677be6c68cb525"
Cache-Control: max-age=382819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978ab0ba5bb4e8-OSL
s2.loli.net/2022/05/04/i6DfhLIYjlSB1Q5.gif
104.26.0.190200 OK 48 kB URL HTTP/2 s2.loli.net/2022/05/04/i6DfhLIYjlSB1Q5.gif
IP 104.26.0.190:0
File type GIF image data, version 89a, 960 x 240\012- data
Hash 6bbbfaf051ea53e93172f6f57b2a47b0
75d535d41ce1c36a65334cddcc065d97c6ffc97c
0202443d40dab123ae470ab8e37a7cf347554e642cd60fce022ef0c52867e269
GET /2022/05/04/i6DfhLIYjlSB1Q5.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 48025
last-modified: Wed, 04 May 2022 11:28:39 GMT
etag: "62726367-bb99"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZenPdhPZxfvaQKnYTkVIwunnEDOiqNYaGtodCBq%2BrvZEHhlXA%2Bj2kSCBZzXeFf8NytZTp%2BNbRTUr81u94WvI7%2BOVDeKXkdAz9KCiGDeeX3MJLtnpkbUS7HzuYWQe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74978aab5b44b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtbbb.top/3b519146003914bff4ecede8a7b76f26.gif
172.67.147.13200 OK 45 kB URL HTTP/2 kvtbbb.top/3b519146003914bff4ecede8a7b76f26.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 300 x 250\012- data
Hash 27a2817f52fee59d33a011663237afdc
e7d0b357438c2865cebc6c484e5d59bc1f048593
646c480e9b32d6623a25cb02951e9e2be603ff3926511754c6994f29857626fd
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 44685
last-modified: Wed, 29 Jun 2022 14:36:22 GMT
etag: "62bc6366-ae8d"
expires: Sun, 02 Oct 2022 12:37:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 851924
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzW46g2zMr15fmI%2FC1uyYFTwcYpTajAMGx%2BQT8frcMRlHdlCSKgnvvkHGkiTme0T4rsdP5sYcNzy1bqpGeH%2FZ%2F2yhLz4Xxk1PEf2ZqcZC3bmN4gjG4R68yc3ul62"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab0fbccb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pic6.58cdn.com.cn/nowater/webim/big/n_v2173d0259cccc4c2a8f89829150644354.gif
211.152.136.71403 Forbidden 0 B URL HTTP/2 pic6.58cdn.com.cn/nowater/webim/big/n_v2173d0259cccc4c2a8f89829150644354.gif
IP 211.152.136.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nowater/webim/big/n_v2173d0259cccc4c2a8f89829150644354.gif HTTP/1.1
Host: pic6.58cdn.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-length: 0
x-nws-log-uuid: 18152885092955948386
server: Lego Server
date: Mon, 12 Sep 2022 09:15:59 GMT
x-cache-lookup: Return Directly
X-Firefox-Spdy: h2
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 93959fc8a4eb15f3195851c06c7b1713
c9f25c25e15ca9a5c16518fe6e2b1731246725b6
ccf3dcc75ba06986a590022d1d91bc82a8fde7b854d2d4f713c895b96994d297
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6552
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:15:59 GMT
Last-Modified: Mon, 12 Sep 2022 07:26:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 93959fc8a4eb15f3195851c06c7b1713
c9f25c25e15ca9a5c16518fe6e2b1731246725b6
ccf3dcc75ba06986a590022d1d91bc82a8fde7b854d2d4f713c895b96994d297
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5909
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:15:59 GMT
Last-Modified: Mon, 12 Sep 2022 07:37:30 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash aaa7f6c98ddbabe2d53c63ffdbb91b45
d220e73391083104c927c54734794f2aa0805d7b
59ad03e6fbde8a011f0df6a77caec9469288424b06e5e62af9d0ff9a4a01a202
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3602
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:15:59 GMT
Last-Modified: Mon, 12 Sep 2022 08:15:57 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
si1.go2yd.com/get-image/0xvf544lu4n
163.171.140.79200 OK 707 kB URL HTTP/2 si1.go2yd.com/get-image/0xvf544lu4n
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 120 x 120\012- data
Size 707 kB (706623 bytes)
Hash a1f2f1a79edf6410dba605715ba96938
30801c0aa529955a163e66725dca67f131493ac6
08da3f4f3afe655bad26adfa77187e4169f979b224a76a3e50e797ce0185ce39
GET /get-image/0xvf544lu4n HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 706623
server: Tengine
x-application-context: application
x-kss-request-id: 4b87c30341c94822be8149609e5b07f8
etag: "a1f2f1a79edf6410dba605715ba96938"
content-md5: ofLxp57fZBDbpgVxW6lpOA==
last-modified: Wed, 16 Feb 2022 08:49:47 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjzwdx5aa31:0 (Cdn Cache Server V2.0), 1.1 jszjsx21:10 (Cdn Cache Server V2.0), 1.1 PS-KHH-017Op120:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:21 (Cdn Cache Server V2.0)
x-ws-request-id: 631ef8cf_PShlamstdAMS1se91_38152-34260
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3c6b24874157f05a7f0333b9b5d82f45
a469db0bfe5ec9a32d0607f9783c8a35aeef1eca
2af659be8e272fa7a242de6ea9aecc07e6981e51fbf65a4827c8d3e7d6e77457
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2AF659BE8E272FA7A242DE6EA9AECC07E6981E51FBF65A4827C8D3E7D6E77457"
Last-Modified: Sat, 10 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9491
Expires: Mon, 12 Sep 2022 11:54:10 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.147.13200 OK 196 kB URL HTTP/2 kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 15:18:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1015071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM0GAjEKjRILQypLQmhSGuMYi5PV77MiP8bK3aK3%2BvfDJs5sbvIEslL9b5eICiNazGuNsNKBrRSyaPI1hz%2FhQyAWghyYJMtvpXodQxmJgSP6LKi1zX6Xz%2FOZj80M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab18d42b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhnn.com/33a2534502bc9c2579ad15dd25e2aa9b.gif
45.150.164.88301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/33a2534502bc9c2579ad15dd25e2aa9b.gif
IP 45.150.164.88:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /33a2534502bc9c2579ad15dd25e2aa9b.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/33a2534502bc9c2579ad15dd25e2aa9b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhnn.com/7bd513049aab526523bbee3bfb3eaf7a.gif
45.150.164.88301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/7bd513049aab526523bbee3bfb3eaf7a.gif
IP 45.150.164.88:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7bd513049aab526523bbee3bfb3eaf7a.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/7bd513049aab526523bbee3bfb3eaf7a.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtbbb.top/c40eb5d2869982a34091b21b14a0c4f8.gif
172.67.147.13200 OK 126 kB URL HTTP/2 kvtbbb.top/c40eb5d2869982a34091b21b14a0c4f8.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 320 x 240\012- data
Size 126 kB (126524 bytes)
Hash 66238d3b088915d1eafa003a649d60b7
d1c522159276ffdedff05780e9e5c8a43e4758be
47828389262c7cd40716bd7e002fdf8aa7374e0c1589ed25405d026c7b4d6c02
GET /c40eb5d2869982a34091b21b14a0c4f8.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 126524
last-modified: Thu, 19 May 2022 10:09:41 GMT
etag: "62861765-1ee3c"
expires: Tue, 11 Oct 2022 05:51:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 98682
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qKa2iOYiOEpfWLgVSO3hTKyBzv1v3FrPzjjisVVQLFPwc%2FTu5QYZKuF7KoOevjB21ROSmQo1wEnRog%2FyAWnltueziaIJDgZuwC0DPPoanFlgCmatTQRRY2nj8GE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab1cda0b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhnn.com/d3f69e028d60b13d4c63ad9732199bcb.gif
45.150.164.88301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/d3f69e028d60b13d4c63ad9732199bcb.gif
IP 45.150.164.88:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d3f69e028d60b13d4c63ad9732199bcb.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/d3f69e028d60b13d4c63ad9732199bcb.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a91979258516076ea0da443541fe8abe
cd59e7b7ca47653ad0f1dc365738f537085cacfe
4a2b178bc334928de2e430fb7b33f8220ada475e109957ce772e376731890840
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:15:59 GMT
Server: ECS (amb/6BA8)
Content-Length: 727
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c2d61b83b504fca245bf4f5c59f5aac6
63da54791251273147079e2434641e4106366615
8a58db57d55255c5f0eb1da198134c4dcf9200a33a882c4067ec290846c5c09e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8A58DB57D55255C5F0EB1DA198134C4DCF9200A33A882C4067EC290846C5C09E"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Sep 2022 15:15:59 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c66f7f219d92fc0640dfe7d0eba121d4
cac5399bf2ed3b355efe0c3e936dcf423270c2ce
18f1b30263c249d9ca19135404c1ad06f9a554d1994bc1b8b4f9c6669d5e615c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "18F1B30263C249D9CA19135404C1AD06F9A554D1994BC1B8B4F9C6669D5E615C"
Last-Modified: Sat, 10 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17175
Expires: Mon, 12 Sep 2022 14:02:14 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4626aca97f190aaa9ffdc07a06807842
e6dc1ac30d4f3f9f15e854acef0088acb59557a9
3f5ceff775cb25bb7b1294e334c0029b1620959f3e05604cf2322081b80df055
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 661
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:15:59 GMT
Last-Modified: Mon, 12 Sep 2022 09:04:58 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
kvtbbb.top/3d4880421423cb46270fedc14e73f807.gif
172.67.147.13200 OK 89 kB URL HTTP/2 kvtbbb.top/3d4880421423cb46270fedc14e73f807.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 120\012- data
Hash 84b294fbbafc47dd77fca5a388711635
38ade9b187ccc57b801f9c5258f2b1e596475b00
f44bb8d8ece53e80485b814e46cc6c436f3e35b778544b85f25e96dbc17fe734
GET /3d4880421423cb46270fedc14e73f807.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 89421
last-modified: Mon, 13 Jun 2022 10:13:33 GMT
etag: "62a70dcd-15d4d"
expires: Mon, 03 Oct 2022 07:25:06 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 784253
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASjRlR8DXJDUBwR7LCSAACDzAVAoJkJvxv5YuL27iANI02Qoy9PgODPSqJ0rBEqlIkDS6zt7hbNnWXnshEc%2FdsIPcHQ%2FEIFZ8%2B%2B0xUh4ulWBTu6G%2FrfTlSj3yIM0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab1fdd7b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/4e5f6704aa9254ae3848c318900abd22.gif
185.10.104.115200 OK 151 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/4e5f6704aa9254ae3848c318900abd22.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 151 kB (150652 bytes)
Hash 4e5f6704aa9254ae3848c318900abd22
7b8127744158301f0813e22253d39a677ed0ec88
60e72c9efdd5f8e51204382b35f15cb5f0e7f62ff3fe0f492a67cc78fa1037f1
GET /bjh/4e5f6704aa9254ae3848c318900abd22.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 150652
expires: Mon, 12 Sep 2022 13:25:27 GMT
last-modified: Tue, 16 Aug 2022 15:15:01 GMT
etag: "4e5f6704aa9254ae3848c318900abd22"
age: 244232
accept-ranges: bytes
content-md5: Tl9nBKqSVK44SMMYkAq9Ig==
x-bce-content-crc32: 1388137983
x-bce-debug-id: ihOrfjQOrbAhWb8qrm75ZeBkyhseY/gU5wcpIYhrJBAgx4F2BsERsWbRcCNwbf1mh2uByAKBdzMOGB4j5bqg0Q==
x-bce-request-id: adbaf64f-b1f3-4b99-adaf-625e08828b77
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2]
ohc-file-size: 150652
x-cache-status: HIT
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 158841
expires: Fri, 19 Aug 2022 15:15:04 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 1001940
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
kvtlll.top/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
172.67.185.29200 OK 729 kB URL HTTP/2 kvtlll.top/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
IP 172.67.185.29:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 729 kB (729369 bytes)
Hash 53d9d1d54befa25cdc0fffcae0123c91
50faead5d2778663e39eb8f7c99f0d6e0b9b7d54
db9f74a15518df5af75769bd98d3d72eb69641c257ea220e9b52cd4cc98cd112
GET /b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 729369
last-modified: Sun, 07 Aug 2022 13:16:57 GMT
etag: "62efbb49-b2119"
expires: Sat, 08 Oct 2022 09:18:56 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 345423
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEcJM%2BasB%2FReH1abPYy7ml3gKtt%2F65AlOv3hUZ8P67H1L11gzAO2lR0WvToyJx5BocPmzK35wGtDBpIQhKTyoE%2BHi8E5PCl1rQ%2FpWGP9QXfSOpOE9rPzTGsrP%2BFU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab1fca1b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/17244f3a8b60a0f7b291f5621c873713.gif
185.10.104.115200 OK 1.6 MB URL HTTP/2 pic.rmb.bdstatic.com/bjh/17244f3a8b60a0f7b291f5621c873713.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 281\012- data
Size 1.6 MB (1626999 bytes)
Hash 17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
GET /bjh/17244f3a8b60a0f7b291f5621c873713.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 1626999
expires: Tue, 06 Sep 2022 02:14:33 GMT
last-modified: Fri, 05 Aug 2022 12:05:01 GMT
etag: "17244f3a8b60a0f7b291f5621c873713"
age: 680865
accept-ranges: bytes
content-md5: FyRPOotgoPeykfViHIc3Ew==
x-bce-content-crc32: 2236402188
x-bce-debug-id: To5Ii6e5ruq3XhnFvxFfNKk+aTuEv1Rs9BFz/CFUbJxN1IWDo5QCbV+8zPWS73WsgW1/9vgMJSUBunO3575huA==
x-bce-request-id: 8b1d7270-ba6a-4bb6-adc0-e264be29d524
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-cache-hit: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache107 [2], czix231 [1]
ohc-file-size: 1626999
x-cache-status: HIT
X-Firefox-Spdy: h2
kvtlll.top/76cbee08e6a1d001d501bebf2aac5719.gif
172.67.185.29200 OK 1.6 MB URL HTTP/2 kvtlll.top/76cbee08e6a1d001d501bebf2aac5719.gif
IP 172.67.185.29:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.6 MB (1628452 bytes)
Hash 19380ffda62075f4a404f044dbdd7319
00323449358cdfc5704ae57e68c54710f7898432
717273b491223a5a500440b6583bc73f2e8c475e20508465cadb8a445cecc43e
GET /76cbee08e6a1d001d501bebf2aac5719.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 1628452
last-modified: Mon, 08 Aug 2022 10:08:28 GMT
etag: "62f0e09c-18d924"
expires: Sat, 08 Oct 2022 12:56:55 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 332344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxCtnTMBYk6%2BksFJp4rWaqiPmMOHveddHEbGOGJ8Om5fxLduS%2F5B8fiFCGkAznPES1y1M1t9a2n8jLH8yRa3EygoIxnf3IEhRSxDWSNSqHhCVaAFrrQLF%2Fm58Xyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab1fca0b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.shifangshike.com/gif01.gif
154.84.8.2200 OK 78 kB URL HTTP/1.1 img.shifangshike.com/gif01.gif
IP 154.84.8.2:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 7c25e496c11f12a49f7a5d373264575a
6117db0da31d8fd961f07d3598dde38cb9d2c783
1d79dd53c781705c7f3022f6fcb1405c4aa8c7fb15b40dcdfad1bb4a3cb91cd0
GET /gif01.gif HTTP/1.1
Host: img.shifangshike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: image/gif
Content-Length: 78256
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 14:18:54 GMT
ETag: "630784ce-131b0"
Expires: Wed, 28 Sep 2022 02:59:45 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
n5371.com/cbfbb1eef66742a1b59cee8c4697b2e5.gif
45.61.212.226200 OK 112 kB URL HTTP/1.1 n5371.com/cbfbb1eef66742a1b59cee8c4697b2e5.gif
IP 45.61.212.226:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 112 kB (112447 bytes)
Hash 41a695940d0c5bd9d1f0ad33ab681ccf
f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6
GET /cbfbb1eef66742a1b59cee8c4697b2e5.gif HTTP/1.1
Host: n5371.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630b7d57-1b73f"
Date: Tue, 30 Aug 2022 02:39:13 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 28 Aug 2022 14:36:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-26
Content-Length: 112447
fbg.ytbgjr.cn/j/154626
203.107.60.95200 OK 6.1 kB IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (1107)
Hash 9c8a696f50fb0c94c6e8ee79cee425b1
0ef64e37c16398040790cf3f3023928687b2eca0
b539dec90760c5d7daf186243458e09d69f6c389d08c02c68077b9d6282ca38f
GET /j/154626 HTTP/1.1
Host: fbg.ytbgjr.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=ae1a132044ecd8a67d0b1ed9bfc3ccc701af790117eda71d5916a8feca2ffd1d; Path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
Vary: Accept-Encoding
fbg.ytbgjr.cn/j/154627
203.107.60.95200 OK 6.1 kB IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (1107)
Hash 4e1a0e55997f463bce67a7dc17ab0263
282674dce23799dcd3be588f283e4010ca0da5c5
7e2a2c817d97b774c7d613af3ed5970db6807076facde541c4472412a75f41d6
GET /j/154627 HTTP/1.1
Host: fbg.ytbgjr.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=f53669e330754b3d494d04f082e6198c4e69d37d9da02733709a26b68907a1dd; Path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
Vary: Accept-Encoding
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1358261501&si=b514e882bf71128292fc54ff36420746&su=http%3A%2F%2Fwww.cbgu.cn%2F&v=1.2.97&lv=1&sn=23523&r=0&ww=1268&ct=!!&u=http%3A%2F%2Fruanre.top%2F&tt=%E9%9D%92%E8%8D%89%E5%BD%B1%E8%A7%86%20QingCaoYingShi.xyz
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1358261501&si=b514e882bf71128292fc54ff36420746&su=http%3A%2F%2Fwww.cbgu.cn%2F&v=1.2.97&lv=1&sn=23523&r=0&ww=1268&ct=!!&u=http%3A%2F%2Fruanre.top%2F&tt=%E9%9D%92%E8%8D%89%E5%BD%B1%E8%A7%86%20QingCaoYingShi.xyz
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1358261501&si=b514e882bf71128292fc54ff36420746&su=http%3A%2F%2Fwww.cbgu.cn%2F&v=1.2.97&lv=1&sn=23523&r=0&ww=1268&ct=!!&u=http%3A%2F%2Fruanre.top%2F&tt=%E9%9D%92%E8%8D%89%E5%BD%B1%E8%A7%86%20QingCaoYingShi.xyz HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 12 Sep 2022 09:15:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B476ACEC2C1F4FD4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kvhiii.top/ca302b14c051bf41d75347daaf6e7ab3.gif
104.21.234.203200 OK 199 kB URL HTTP/2 kvhiii.top/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 104.21.234.203:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 199 kB (198998 bytes)
Hash 9055b16bfddceb4d71a64601d99cc1fe
08f43efa14ead275ed58613dfe4715982679fe30
9f39213220495f96b8fbef7974ce8cef0eeaffeb6416328de8f7469254aab886
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 198998
last-modified: Sat, 16 Apr 2022 08:19:50 GMT
etag: "625a7c26-30956"
expires: Sat, 01 Oct 2022 04:06:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 968982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brXwUZeMxXK%2BoG1e2aTVjIi1aLxX9p711pJ0kkgozGgSysNIJLkbGF6r1V10RxRP0PL9RnElTrKo51PhPev5pvp4oUngWtYX0HQL2QkY2gbG0ePBWnPIR64MkXKh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab36c2adca7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zuoai99hair.com/960X240.gif
23.225.156.173200 OK 211 kB URL HTTP/2 zuoai99hair.com/960X240.gif
IP 23.225.156.173:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 211 kB (210723 bytes)
Hash 48a9b9d1fbbeb987ee2350a29ab183ed
dc86c0b8b83bf09cccc6ebf7fca701ba6c7ff86a
be98251de333d8fc5b88807b8fde862d8017e7694719e9f94767da8bfd781117
GET /960X240.gif HTTP/1.1
Host: zuoai99hair.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 01:09:49 GMT
content-type: image/gif
content-length: 210723
last-modified: Fri, 22 Apr 2022 08:01:42 GMT
etag: "626260e6-33723"
expires: Wed, 12 Oct 2022 01:09:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3c6b24874157f05a7f0333b9b5d82f45
a469db0bfe5ec9a32d0607f9783c8a35aeef1eca
2af659be8e272fa7a242de6ea9aecc07e6981e51fbf65a4827c8d3e7d6e77457
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2AF659BE8E272FA7A242DE6EA9AECC07E6981E51FBF65A4827C8D3E7D6E77457"
Last-Modified: Sat, 10 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9491
Expires: Mon, 12 Sep 2022 11:54:10 GMT
Date: Mon, 12 Sep 2022 09:15:59 GMT
Connection: keep-alive
kvtggg.top/7bd513049aab526523bbee3bfb3eaf7a.gif
104.21.11.149200 OK 132 kB URL HTTP/2 kvtggg.top/7bd513049aab526523bbee3bfb3eaf7a.gif
IP 104.21.11.149:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 132 kB (132369 bytes)
Hash d25943b4cc9cb91c4db8964cfc917535
da7d8c2187416e84899e1e3634e8fc2b029b8d87
b8d4dcbea367275716fb0c6a33ec0268356556b41a6ab8ba04175647f6fb0242
GET /7bd513049aab526523bbee3bfb3eaf7a.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:16:00 GMT
content-type: image/gif
content-length: 132369
last-modified: Tue, 23 Aug 2022 07:51:31 GMT
etag: "63048703-20511"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 314667
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRwMAIBr%2ByU5Eg6EgIqke%2BMPTdmkT%2BcvDprbZc4WOGDrcUmKucZYgLggrtHoAzVNPUTEPErFfW%2Bp3LDnJtZuXuskylOxPNd6FVBPCH129qYLhIlwn0eBlsPZsrx0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab44fd01c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtggg.top/d3f69e028d60b13d4c63ad9732199bcb.gif
104.21.11.149200 OK 430 kB URL HTTP/2 kvtggg.top/d3f69e028d60b13d4c63ad9732199bcb.gif
IP 104.21.11.149:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 430 kB (429783 bytes)
Hash 7fdd303a348637ea3ac5af8617b4dc1a
3d72473e1edfb3b7c8a2c97503ae20e5a3be2aaa
3f23ef84540fac3252bd757b9cd6be4503ab17da668d7526a38b0a73992131b3
GET /d3f69e028d60b13d4c63ad9732199bcb.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:16:00 GMT
content-type: image/gif
content-length: 429783
last-modified: Tue, 23 Aug 2022 09:47:29 GMT
etag: "6304a231-68ed7"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 98683
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjOotkOsEMVUKhfKH40L777MYi6Hv3GXKnC6njL91XPxIX059eMU3dvpSFVdNXCDrIUREYo5KQ6DOr%2F9kkHjgqeNZx8OvVbn0Qv1g6hEMe4TwILhAKq6HrWSAw2L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab42fa31c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0663825ed25f4810a275d15954103dbe~noop.image
4.34.42.104200 OK 118 kB URL HTTP/2 p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0663825ed25f4810a275d15954103dbe~noop.image
IP 4.34.42.104:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 118 kB (118320 bytes)
Hash fbdc1d87d74d8fb03027d27d3f875314
f88b199674d674c455e65b1bf4b4b62e82871d4e
9a4e8004131968bc7716ca547cd59fd8380078c2f1edfa352d09e4e3031c1c86
GET /img/tos-cn-i-siecs4i2o7/0663825ed25f4810a275d15954103dbe~noop.image HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 118320
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 20 Jul 2022 10:00:59 GMT
nw-session-id: 20220720180059010158029097191E0A095lwgb02tt
nw-session-trace: 2022-07-20T18:00:59.803929552+08:00 606
x-bdcdn-cache-status: TCP_HIT
x-length: 118320
x-powered-by: ImageX
x-response-date: Wed, 20 Jul 2022 18:00:59 GMT
x-tt-logid: 20220720180059010158029097191E0A09
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-lb: image
x-ser: BC117_dx-lt-yd-zhejiang-jinhua-5-cache-13, BC117_dx-lt-yd-zhejiang-jinhua-5-cache-13, BC6_US-Georgia-atlanta-1-cache-2, BC6_US-Georgia-atlanta-1-cache-2, BC102_US-Colorado-Denver-1-cache-1, BC102_US-Colorado-Denver-1-cache-1
x-cache: HIT from BC102_US-Colorado-Denver-1-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=1
access-control-allow-origin: *
timing-allow-origin: *
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
X-Firefox-Spdy: h2
taiwtp1.com/img/650350.gif
220.128.218.220200 OK 169 kB URL HTTP/2 taiwtp1.com/img/650350.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 650 x 350\012- data
Size 169 kB (169178 bytes)
Hash 20a048c99c1a32ba83c939de0f7d1057
f926bd189cd0f9d98bf07c901d31d17af79cd593
51a74f368b0172eb5183be3586ccf49bd245c2aea83a136145c7c2d4226f27a0
GET /img/650350.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:14:22 GMT
content-type: image/gif
content-length: 169178
last-modified: Sun, 06 Mar 2022 11:36:46 GMT
etag: "62249cce-294da"
expires: Wed, 12 Oct 2022 09:14:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
89958716765.com/ef7409c2811645f3b97c94433d5afe69.gif
103.170.15.72200 OK 366 kB URL HTTP/1.1 89958716765.com/ef7409c2811645f3b97c94433d5afe69.gif
IP 103.170.15.72:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (365950 bytes)
Hash 07eff4873ffb0bbd8a991a91b39d2a47
1dc4444aaed40a7ba4a56d341be2c13073d8b818
7a31ab72c03a1ced3856b5af4567ad3a336dbc88a8094a689d361c253a1e8afc
Analyzer Verdict Alert quad9 Sinkholed
GET /ef7409c2811645f3b97c94433d5afe69.gif HTTP/1.1
Host: 89958716765.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630b7d24-5957e"
Date: Sun, 28 Aug 2022 14:38:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 28 Aug 2022 14:35:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 365950
kvtggg.top/33a2534502bc9c2579ad15dd25e2aa9b.gif
104.21.11.149200 OK 131 kB URL HTTP/2 kvtggg.top/33a2534502bc9c2579ad15dd25e2aa9b.gif
IP 104.21.11.149:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 131 kB (130646 bytes)
Hash b06df0296c314214f66b7394b816e857
42b3b58a9ce76640ed1d1818d86eacdf8f198ea6
cd5ec9e81351ee13d4dcdaaf10aa9153ee8b76d1ad0cbb4b8b77f825dc84b39b
GET /33a2534502bc9c2579ad15dd25e2aa9b.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ruanre.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:16:00 GMT
content-type: image/gif
content-length: 130646
last-modified: Tue, 23 Aug 2022 07:51:10 GMT
etag: "630486ee-1fe56"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 98683
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olcS12FfsrnjE30f1jKOzionY8ba1yUDQH%2BCVmYvFcSfaNhq6tPrXQnoyumr7hf3N5ARaCG7HBhpErSyLZU41KJBqxK%2F%2FC1sHSlGdTo15PRy9YkavW399XlM4KJ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74978ab44fd81c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:14:22 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Wed, 12 Oct 2022 09:14:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/960120.gif
220.128.218.220200 OK 121 kB URL HTTP/2 taiwtp1.com/img/960120.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 120\012- data
Size 121 kB (120952 bytes)
Hash 8b1ce22d19b73e71ec05f04491df7cae
101ed504920b13424231d6fb3540fb7dfdba69e3
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
GET /img/960120.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:14:22 GMT
content-type: image/gif
content-length: 120952
last-modified: Thu, 10 Mar 2022 10:55:56 GMT
etag: "6229d93c-1d878"
expires: Wed, 12 Oct 2022 09:14:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dl66d.com/650x350.gif
104.233.158.19200 OK 845 kB IP 104.233.158.19:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 845 kB (845371 bytes)
Hash 46be6d9b16aa6f4fc26bcfd4f6ca469c
9566411fb76837f315c853671126713b19fba825
38645ca5f943cc63f2d396871474f805e0febb1871447a0a4a9db62322d85060
GET /650x350.gif HTTP/1.1
Host: dl66d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: image/gif
Content-Length: 845371
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 08:03:24 GMT
ETag: "6319a1cc-ce63b"
Expires: Sat, 08 Oct 2022 08:53:54 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (640)
Hash eb61cadea2d18a43687546fd1998901c
fb2cc4365aa8a9be4280aa7bc6245ab2fdfd5a78
f2a39c0cdc03200b143f4ab7e0ffeffb68a62a993bc626c51e90744c149a5b39
GET /hm.js?b514e882bf71128292fc54ff36420746 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 8a12cdded9735c041c357498399fa3f8
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11353
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:15:59 GMT
Etag: 2037377e81406165a30e0e37cba12e7c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7AF9094BAFAFD3EA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
998k.at/650x350.gif
104.233.158.19200 OK 845 kB IP 104.233.158.19:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 845 kB (845371 bytes)
Hash 46be6d9b16aa6f4fc26bcfd4f6ca469c
9566411fb76837f315c853671126713b19fba825
38645ca5f943cc63f2d396871474f805e0febb1871447a0a4a9db62322d85060
GET /650x350.gif HTTP/1.1
Host: 998k.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:15:59 GMT
Content-Type: image/gif
Content-Length: 845371
Connection: keep-alive
Last-Modified: Mon, 20 Jun 2022 13:32:08 GMT
ETag: "62b076d8-ce63b"
Expires: Sun, 18 Sep 2022 15:24:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (640)
Hash 3e2094be6560ff9070697729504e5377
83c8ed87789d2fb6c7c3e6e6adb0903293c99223
91cfab0bddcd2c226d6ae9aa9249cb68bcbe8e7c4ef5f9efe1d1f685da8a4ca7
GET /hm.js?b514e882bf71128292fc54ff36420746 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 8a12cdded9735c041c357498399fa3f8
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11353
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:15:59 GMT
Etag: bdeb7872005aff148a20d730063fe217
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D4F768049D2F364B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fsadcx1.com/tututu/yue.gif
23.225.3.254200 OK 4.0 MB URL HTTP/2 fsadcx1.com/tututu/yue.gif
IP 23.225.3.254:0
File type GIF image data, version 89a, 540 x 260\012- data
Size 4.0 MB (3960978 bytes)
Hash d8cb43dc553102ce0f6f051f33c1e801
2129e8cc2a17aed95bf77d70074cd779125f88ae
21e3ff28623e466cb2d36e805b1f47a83292022a9e98266a05960b62e95b67e0
GET /tututu/yue.gif HTTP/1.1
Host: fsadcx1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:15:58 GMT
content-type: image/gif
content-length: 3960978
last-modified: Thu, 29 Jul 2021 12:00:20 GMT
etag: "61029854-3c7092"
expires: Wed, 12 Oct 2022 09:15:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
pochuwen.com/960240.gif
23.224.51.163200 OK 224 kB IP 23.224.51.163:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 224 kB (223879 bytes)
Hash a39bb27f09ccd6961fe1c0f3074a8b97
0e914bc58abc78e7275d3c639e2aeb548313d627
269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020
GET /960240.gif HTTP/1.1
Host: pochuwen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:15:59 GMT
content-type: image/gif
content-length: 223879
last-modified: Thu, 07 Apr 2022 11:25:02 GMT
etag: "624eca0e-36a87"
expires: Wed, 12 Oct 2022 09:15:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cnbj1.fds.api.mi-img.com/middle.community.vip.bkt/aa3512ef5f9c369cce123e3abdd8e822
47.246.44.226200 OK 181 kB URL HTTP/2 cdn.cnbj1.fds.api.mi-img.com/middle.community.vip.bkt/aa3512ef5f9c369cce123e3abdd8e822
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 715 x 287, 8-bit/color RGB, non-interlaced\012- data
Size 181 kB (180958 bytes)
Hash 8284162ac0fd15c69ebac779d3ea7d7d
e59cff02f61491e9abeddae98b25c71f94ad4b3e
5aedc3fee57b561fd934d694eee9a07cbc6a769e6c7bb9965cdfeff1c44ee61c
GET /middle.community.vip.bkt/aa3512ef5f9c369cce123e3abdd8e822 HTTP/1.1
Host: cdn.cnbj1.fds.api.mi-img.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/webp
content-length: 180958
date: Sun, 21 Aug 2022 22:48:12 GMT
cache-control: max-age=86400
last-modified: Tue, 14 Dec 2021 14:40:14 GMT
x-xiaomi-meta-content-length: 180958
etag: "8284162ac0fd15c69ebac779d3ea7d7d"
content-md5: 8284162ac0fd15c69ebac779d3ea7d7d
x-xiaomi-hash-crc64ecma: -369969862630086376
x-xiaomi-request-id: 1d6db894-00f0-4bba-0000-0182c2979f63
access-control-allow-credentials: true
access-control-expose-headers: content-md5, upload-time, x-xiaomi-meta-content-length
ali-swift-global-savetime: 1661122092
via: cache26.l2de2[0,0,200-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[2,0]
age: 1852068
x-cache: HIT TCP_MEM_HIT dirn:5:23177162
x-swift-savetime: Wed, 31 Aug 2022 14:43:19 GMT
x-swift-cachetime: 1757093
xm-cache-status: hit
xm-cdn-prov: 1
xm-remote-address: 47.246.44.226
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9b16629741603963507e
X-Firefox-Spdy: h2
89958716765.com/431be6a9bcba4016a2cad3e45223a257.gif
103.170.15.72200 OK 738 kB URL HTTP/1.1 89958716765.com/431be6a9bcba4016a2cad3e45223a257.gif
IP 103.170.15.72:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 70\012- data
Size 738 kB (738093 bytes)
Hash 815aa9168c0fd6457bb1e9ad28facade
49d4732b828ede8a6b9cd54fbe68d8e93c32978d
f60cde1fae6462e33e470d8e7f56cac5e0840a1968915414c5a3cd384e3fa087
Analyzer Verdict Alert quad9 Sinkholed
GET /431be6a9bcba4016a2cad3e45223a257.gif HTTP/1.1
Host: 89958716765.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63186a49-b432d"
Date: Wed, 07 Sep 2022 15:18:46 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 07 Sep 2022 09:54:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 738093
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 82599157f945f516a5a52273ceb1abad
9ff1eaad2ccdd0124793b3dfb414a904aac49b31
d00a35fefe339167177e1a09828914a18520a91de62e227a06ef5727f87ed0ac
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 01:47:55 GMT
Expires: Sat, 17 Sep 2022 01:47:54 GMT
Etag: "9ff1eaad2ccdd0124793b3dfb414a904aac49b31"
Cache-Control: max-age=404513,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978ab69e8e1bfe-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 586afa991d22adf8d9e88a307acca925
53ad243dec6f0645610e9cafa8df4ed97af28723
d4adbf45a5d3036822bcd4ed2736e1b5f26e33371d0a20a54b59c97ed9ef27b3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 07:57:00 GMT
Expires: Fri, 16 Sep 2022 07:56:59 GMT
Etag: "53ad243dec6f0645610e9cafa8df4ed97af28723"
Cache-Control: max-age=340258,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978ab6ac36b4e8-OSL
hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (640)
Hash 9cf0cd97a39ee03e59414ec8bd986350
132cde7895302a5afbe36ab0127d4d546eaf9e24
79efa334c90d6419690bd771d798c40c4e70121bf2b06c3207bc4534922c7586
GET /hm.js?b514e882bf71128292fc54ff36420746 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11353
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:16:00 GMT
Etag: 678ac0d4f7fff3b590c60129dd06bdfa
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A81B9308FB75423D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b514e882bf71128292fc54ff36420746
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (640)
Hash 11e2a6c3df2de4d54bfa5a530942fdcc
4ceb12f11ef945ff1468f377a55e56ab8d979e43
82525d154015fad92a48960e42798c370b6a138bdbd7df3c52b8d6319b3842d2
GET /hm.js?b514e882bf71128292fc54ff36420746 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11353
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 09:16:00 GMT
Etag: df833109c167fac0b922897cd132d5f4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F75EB55E0C434C58; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 82599157f945f516a5a52273ceb1abad
9ff1eaad2ccdd0124793b3dfb414a904aac49b31
d00a35fefe339167177e1a09828914a18520a91de62e227a06ef5727f87ed0ac
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 01:47:55 GMT
Expires: Sat, 17 Sep 2022 01:47:54 GMT
Etag: "9ff1eaad2ccdd0124793b3dfb414a904aac49b31"
Cache-Control: max-age=404513,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978ab708fbfac0-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 758ba3a1e970f513f7bbd69e22162e01
fb877b433b088fdf7b3fcf9d09ebd5dd4da64973
5ec8fa60c67002cb6b6a5db43a86c4b2cb2fb9dd0502146e07e6281e205b0fce
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 20:02:02 GMT
Expires: Fri, 16 Sep 2022 20:02:01 GMT
Etag: "fb877b433b088fdf7b3fcf9d09ebd5dd4da64973"
Cache-Control: max-age=383759,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978aba1af91bfe-OSL
mtur.xkmnbt.xyz/mnrt/kmrr.png
23.225.233.4200 OK 85 kB URL HTTP/1.1 mtur.xkmnbt.xyz/mnrt/kmrr.png
IP 23.225.233.4:0
File type PNG image data, 2084 x 2084, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c80359bedd35432aea1539a1edcd122
62b0eb9a7eef9b048ab55e3e8d8486a43d5ef8db
74df8ccb6d42d5ee40aaffccd0246978eca881c260c8505afb9f71f85fe17ee2
GET /mnrt/kmrr.png HTTP/1.1
Host: mtur.xkmnbt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 12 Sep 2022 09:16:00 GMT
Content-Type: image/png
Content-Length: 84560
Last-Modified: Wed, 24 Aug 2022 10:10:40 GMT
Connection: keep-alive
ETag: "6305f920-14a50"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 5 B IP 172.64.155.188:0
Hash 5bfa51f3a417b98e7443eca90fc94703
8c015d80b8a23f780bdd215dc842b0f5551f63bd
bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 5
Connection: keep-alive
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74978aba39a7b4e8-OSL
hnr.wwxhba.xyz/kmnbhevhfjrtetd/a.gif
23.224.92.244200 OK 74 kB URL HTTP/1.1 hnr.wwxhba.xyz/kmnbhevhfjrtetd/a.gif
IP 23.224.92.244:0
File type GIF image data, version 89a, 600 x 200\012- data
Hash a26c729e9e6de0a56723a3f2274b9568
f216ff16f6ffc84ed9bd2a7c21d76c5f78fa50e2
1ccb894f25adb615d76e26f2e9d3e546a36dfa1b455220293c5429914893bcca
GET /kmnbhevhfjrtetd/a.gif HTTP/1.1
Host: hnr.wwxhba.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 12 Sep 2022 09:16:00 GMT
Content-Type: image/gif
Content-Length: 73821
Last-Modified: Mon, 12 Sep 2022 06:43:05 GMT
Connection: keep-alive
ETag: "631ed4f9-1205d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hnr.wwxhba.xyz/mnjberg-or/ee.gif
23.224.92.244200 OK 249 kB URL HTTP/1.1 hnr.wwxhba.xyz/mnjberg-or/ee.gif
IP 23.224.92.244:0
File type GIF image data, version 89a, 600 x 200\012- data
Size 249 kB (248624 bytes)
Hash eadad8bd358430baa34de990f8974f94
eba32fa590f365d5e7830bf23597b8d44b877802
cbaa6fa0559f9fae3a2611faa60587e1b47a72026311e5520b381f6d726dfbc6
GET /mnjberg-or/ee.gif HTTP/1.1
Host: hnr.wwxhba.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 12 Sep 2022 09:16:00 GMT
Content-Type: image/gif
Content-Length: 248624
Last-Modified: Wed, 07 Sep 2022 07:07:53 GMT
Connection: keep-alive
ETag: "63184349-3cb30"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 99b5f02a6b40615230fc68e80fea47ba
501db0b166d6e375d9ee8ccfaef1463264602a71
de903d3935caf57826354221a7f83811b68711b797758efc86b505cb79f728d7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 09:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 11 Sep 2022 20:57:07 GMT
Expires: Mon, 12 Sep 2022 20:57:07 GMT
ETag: "501db0b166d6e375d9ee8ccfaef1463264602a71"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tgu.hpiekt.cn/tj.html?type=cnzz&id=1279999172
203.107.60.95200 OK 727 B URL HTTP/1.1 tgu.hpiekt.cn/tj.html?type=cnzz&id=1279999172
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 783cc119a0f7a9011e903e7fe6832f22
2d7ec6bd4a5d9dc19a935048a5624a6357df5842
39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505
GET /tj.html?type=cnzz&id=1279999172 HTTP/1.1
Host: tgu.hpiekt.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=1a30c2da3f535462cc91c3011c830b8901052a6b56a1e8cc4b03bcad605c261a; Path=/; HttpOnly
Last-Modified: Wed, 25 Nov 2020 10:32:42 GMT
Vary: Accept-Encoding
ETag: W/"5fbe32ca-694"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip
erg.ihclam.cn/c.php?s=JnpvbmVpZD0xNTQ2MjYmc2l0ZWlkPSZ1aWQ9MTExMTEmYWRzaWQ9NTk1NjE2MyZwbGFuaWQ9Mjk0MzQmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnlzZDEwMS5jbiUyRjg4JTJGJnZ0aW1lPTIwMjItMDktMTIgMTc6MTU6NTkmaXA9OTEuOTAuNDIuMTU0;dd102ec4f343a8b076ea78d78d4b7684;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNiZ3UuY24lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGcnVhbnJlLnRvcCUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU5JTlEJTkyJUU4JThEJTg5JUU1JUJEJUIxJUU4JUE3JTg2JTIwUWluZ0Nhb1lpbmdTaGkueHl6Jmw9ZW4tVVMmYz0wJmg9OTI3
203.107.60.95200 OK 20 B URL HTTP/1.1 erg.ihclam.cn/c.php?s=JnpvbmVpZD0xNTQ2MjYmc2l0ZWlkPSZ1aWQ9MTExMTEmYWRzaWQ9NTk1NjE2MyZwbGFuaWQ9Mjk0MzQmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnlzZDEwMS5jbiUyRjg4JTJGJnZ0aW1lPTIwMjItMDktMTIgMTc6MTU6NTkmaXA9OTEuOTAuNDIuMTU0;dd102ec4f343a8b076ea78d78d4b7684;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNiZ3UuY24lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGcnVhbnJlLnRvcCUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU5JTlEJTkyJUU4JThEJTg5JUU1JUJEJUIxJUU4JUE3JTg2JTIwUWluZ0Nhb1lpbmdTaGkueHl6Jmw9ZW4tVVMmYz0wJmg9OTI3
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /c.php?s=JnpvbmVpZD0xNTQ2MjYmc2l0ZWlkPSZ1aWQ9MTExMTEmYWRzaWQ9NTk1NjE2MyZwbGFuaWQ9Mjk0MzQmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnlzZDEwMS5jbiUyRjg4JTJGJnZ0aW1lPTIwMjItMDktMTIgMTc6MTU6NTkmaXA9OTEuOTAuNDIuMTU0;dd102ec4f343a8b076ea78d78d4b7684;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNiZ3UuY24lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGcnVhbnJlLnRvcCUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU5JTlEJTkyJUU4JThEJTg5JUU1JUJEJUIxJUU4JUE3JTg2JTIwUWluZ0Nhb1lpbmdTaGkueHl6Jmw9ZW4tVVMmYz0wJmg9OTI3 HTTP/1.1
Host: erg.ihclam.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Sat, 11-Mar-2023 09:16:01 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Mon, 19-Sep-2022 09:16:01 GMT; Max-Age=604800; path=/
11111_29434=re; expires=Mon, 12-Sep-2022 14:16:01 GMT; Max-Age=18000; path=/
do2click_29434=5956163%7C29434%7C11111%7C154626%7C; expires=Mon, 12-Sep-2022 12:16:01 GMT; Max-Age=10800; path=/
doEffect_29434=5956163%7C29434%7C11111%7C154626%7C; expires=Mon, 19-Sep-2022 09:16:01 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
tgu.hpiekt.cn/tj.html?type=cnzz&id=1279999172
203.107.60.95200 OK 727 B URL HTTP/1.1 tgu.hpiekt.cn/tj.html?type=cnzz&id=1279999172
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 783cc119a0f7a9011e903e7fe6832f22
2d7ec6bd4a5d9dc19a935048a5624a6357df5842
39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505
GET /tj.html?type=cnzz&id=1279999172 HTTP/1.1
Host: tgu.hpiekt.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ruanre.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=ef3e51728458441fd87eb243d343446a9d75550d00ab823f26f7ac4e27cd9e79; Path=/; HttpOnly
Last-Modified: Wed, 25 Nov 2020 10:32:42 GMT
Vary: Accept-Encoding
ETag: W/"5fbe32ca-694"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 36791a13263d1fde6e771946c1f92210
a63efefab74af9ef028f9bbc89dcc5525193d9df
24597e674200a667048bd517d530e640f5ef8c9e51ac226256c7967a386cd882
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:16:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 16 Sep 2022 06:49:12 GMT
ETag: "a63efefab74af9ef028f9bbc89dcc5525193d9df"
Last-Modified: Mon, 12 Sep 2022 06:49:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 153
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74978ac5cec00b06-OSL