r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10783
Expires: Sun, 23 Oct 2022 07:32:54 GMT
Date: Sun, 23 Oct 2022 04:33:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 03:52:49 GMT
Expires: Sun, 23 Oct 2022 04:06:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fp5tyZ6TRFpuQq4rZ5NLmzSszxhn0asKfRzpJ4qIhkhafeoXs9QnmA==
Age: 2422
flair2share.com/
23.81.162.71301 Moved Permanently 0 B IP 23.81.162.71:0
ASN #7203 LEASEWEB-USA-SFO-12
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: flair2share.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 23 Oct 2022 04:32:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.flair2share.com/index.php
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cecd3b2e0cd07173ee1fb63b0a744119
774e0935fffd5bb39799c040098e32c3dc88702f
78c2c60f2d752f572f1711e23aa3f82d5e5bce1940064405f6f989886f6315df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C2C60F2D752F572F1711E23AA3F82D5E5BCE1940064405F6F989886F6315DF"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11865
Expires: Sun, 23 Oct 2022 07:50:56 GMT
Date: Sun, 23 Oct 2022 04:33:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DlR3MK9Z7nZqjkkVfSQR9NdZg/gAxptv/WmW4Eg+7QfbBWf7DYPr3FQtssvz7mMgfKjSnpzuTLs=
x-amz-request-id: ZDV5JEP4HP8V9K66
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 03:37:49 GMT
age: 3322
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 03:43:40 GMT
Expires: Sun, 23 Oct 2022 04:14:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mMXnCXtNfbfptlE7wa1UJbydsRrvX5eN0_3Qo-DbXCsZ2c3SER-M5g==
Age: 2972
www.flair2share.com/index.php
23.81.162.71200 OK 785 B URL HTTP/1.1 www.flair2share.com/index.php
IP 23.81.162.71:0
ASN #7203 LEASEWEB-USA-SFO-12
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash fcc0dfb9c8b8b847c7bd76bd1ccf55a6
dfb234f4418ee7ffa8be7306bbe1156fd5db32f2
821d95adfccbd6c0e829ecc6914ed555b41c0da1c39e7b47bfec44d673d16cd1
GET /index.php HTTP/1.1
Host: www.flair2share.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 04:32:58 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 724
Cache-Control: max-age=99937
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:12 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 08:18:49 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.flair2share.com/tj.js
23.81.162.71200 OK 520 B URL HTTP/1.1 www.flair2share.com/tj.js
IP 23.81.162.71:0
ASN #7203 LEASEWEB-USA-SFO-12
File type ASCII text, with CRLF line terminators
Hash d251afdf67cad8d670b3b27263c761ae
f94dd6cca51247e052f8fb972f3d4b26a52d315d
9d09fa601221b8a8d123a70233abdefb7b398c154803635f173620777246ba33
GET /tj.js HTTP/1.1
Host: www.flair2share.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.flair2share.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 04:32:58 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RpAoyipPaZPIoAR82U2/1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GwAS/F7lGr4lLQGs1vluPDL12WM=
www.flair2share.com/common.js
23.81.162.71200 OK 1.1 kB URL HTTP/1.1 www.flair2share.com/common.js
IP 23.81.162.71:0
ASN #7203 LEASEWEB-USA-SFO-12
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e
GET /common.js HTTP/1.1
Host: www.flair2share.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.flair2share.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 04:32:58 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
180.101.212.103200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.flair2share.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 23 Oct 2022 04:33:13 GMT
Etag: "4078521116"
Expires: Mon, 23 Oct 2023 04:33:13 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=66AA3EE9885A417C4EA91C35F7F25EB6:FG=1; max-age=31536000; expires=Mon, 23-Oct-23 04:33:13 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
www.flair2share.com/favicon.ico
23.81.162.71200 OK 785 B URL HTTP/1.1 www.flair2share.com/favicon.ico
IP 23.81.162.71:0
ASN #7203 LEASEWEB-USA-SFO-12
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash fcc0dfb9c8b8b847c7bd76bd1ccf55a6
dfb234f4418ee7ffa8be7306bbe1156fd5db32f2
821d95adfccbd6c0e829ecc6914ed555b41c0da1c39e7b47bfec44d673d16cd1
GET /favicon.ico HTTP/1.1
Host: www.flair2share.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.flair2share.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 04:32:59 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 77c9125b7ec8f0b59874f52496786867
aa423d0ab692e5d211351e09d406c811e56f7ce0
c27c57df120776ad92ece250dfe487d2278435552593b51d264957d42fc6c81b
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:13 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 03:46:19 GMT
Expires: Thu, 27 Oct 2022 03:46:18 GMT
Etag: "aa423d0ab692e5d211351e09d406c811e56f7ce0"
Cache-Control: max-age=342184,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e7c0da4d810b31-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 04:33:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 04:33:13 GMT
Connection: keep-alive
api.share.baidu.com/s.gif?l=http://www.flair2share.com/index.php
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.flair2share.com/index.php
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.flair2share.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.flair2share.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 23 Oct 2022 04:33:13 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 04:33:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d707e0f-487e-4d60-9095-919220ac939a.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d707e0f-487e-4d60-9095-919220ac939a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ae6442b63de1e40cf33df80434401ad
e9b1889e93d17e11aec51d610b38cbea22937eb3
5caa6653896a6444c22f4b560de7df98be23c1b97d8dbc950095a53fc778ab35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d707e0f-487e-4d60-9095-919220ac939a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5702
x-amzn-requestid: f59514ec-7e53-4f36-a8c2-3db852d24681
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aO4E_F4ooAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f6d52-45f71e5f22c0e7377e3b5f44;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 03:21:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFtlPyJXGd2uWLahfdlQTTdj7FIoddYUmOfBaIpt89yIQlRPxSabkA==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 09:19:29 GMT
age: 69224
etag: "e9b1889e93d17e11aec51d610b38cbea22937eb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3c188b6071e2e3725d0eafc38e0a97a
894517b00535a08a4750510a8c74cd7bff5ce3a6
2b06cd431d93eb12fccc7061bd5a5be4e50b47c4410762034937584d8a8d06a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11582
x-amzn-requestid: 20307063-f434-4fb9-8cf8-d8c93b8fc3c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqFmeoAMF5EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-76156e37226bff5674a219e9;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: k3Dk91gOozMKKg38TkOGdPtPjfIEtHpHCvg1u3dJURco32kNiHJMQg==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:45:32 GMT
age: 24461
etag: "894517b00535a08a4750510a8c74cd7bff5ce3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ef4611-6b77-47fe-8283-1e796baa7b8e.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ef4611-6b77-47fe-8283-1e796baa7b8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e019ff24b98665ff5bbcbc1e1387118
7c7a83129b4da443f2f35ad25179524aa6c4ac6c
436aa8b72f4f73e5f0c433f4302ec3318b839b0119542d80ea78a69f8fc703a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ef4611-6b77-47fe-8283-1e796baa7b8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7781
x-amzn-requestid: 3893d7b3-394e-411b-8515-28fbd6469506
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_bFqHoAMFgUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fc-7882d43206bdc9df4e096dc2;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: D2N8_5cOMTtndIbRTKjwQMt3raFh8RbLaSh-8wzRGKXqyKnRGHERWA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:48:04 GMT
age: 24309
etag: "7c7a83129b4da443f2f35ad25179524aa6c4ac6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5cf985ceb648df52d3cf5eb47c7705bc
8b0c5f567e25d9bf54263bb3c60b12db225feb81
9c8551a2d891562e12b9a30966dbd9221a041669db0cbb4395d6fa56791ef0dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8631
x-amzn-requestid: 536a4908-2fd7-4544-9159-ec2acc55a2bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRJZH2zoAMFYvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354623b-4d76adc023701d0228f951d1;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AvTOiWu0BF1Bxb5m_FlJhMqpgoNbJjUfTnZhZePfjqRCL5XVJEglpg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
age: 24577
etag: "8b0c5f567e25d9bf54263bb3c60b12db225feb81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 208445a6f07a7259b8a420c062a81998
50d9f1642c3c47504fb2d4086a40ae8fb9479b50
607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12031
x-amzn-requestid: b15d6e4e-4880-4686-80c1-ba49f705631c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFgJtHZHoAMFsMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bad71-3ef572702125f3b32ceece12;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:06:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3XZCGkKRjdtuIJ9Zp6WCsnBEuV7XimonJLAIL6OIFzYw1zPxBZOv_g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 08:04:17 GMT
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
content-type: image/jpeg
age: 73736
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff16587d8-20bf-4cbe-a307-4babf4b40f43.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff16587d8-20bf-4cbe-a307-4babf4b40f43.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b8c3defee740fd16ededbc0c5e8ff2
8842eab4aaeb646c4618081ec204d0f423ab5934
b19f5357c17653958793712c093dee642c530908c5d5009cb087ff6c70ec5d67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff16587d8-20bf-4cbe-a307-4babf4b40f43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8528
x-amzn-requestid: 469ff83f-2334-4968-9df9-d244a5763011
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxuZdFZroAMF71w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6343c43c-50e24c0339ffb18f4cadedd2;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 07:05:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PGoKUjGp5Yj08o3R1nZN-IKZIZKTR05TPh0UPXxXA26GiETcsfQK7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:56 GMT
age: 24557
etag: "8842eab4aaeb646c4618081ec204d0f423ab5934"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 36a97077444bcff61663f00ae7a4d12b
0e2db35065deab0e70dff754878a70ab0828cd41
433d36adaa91114c2bbfa8278a0dbe79bb85738b8a43d424be67f2c99ff65350
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 27 Oct 2022 03:47:54 GMT
ETag: "0e2db35065deab0e70dff754878a70ab0828cd41"
Last-Modified: Sun, 23 Oct 2022 03:47:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 467
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e7c0de0f020b61-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 36a97077444bcff61663f00ae7a4d12b
0e2db35065deab0e70dff754878a70ab0828cd41
433d36adaa91114c2bbfa8278a0dbe79bb85738b8a43d424be67f2c99ff65350
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 27 Oct 2022 03:47:54 GMT
ETag: "0e2db35065deab0e70dff754878a70ab0828cd41"
Last-Modified: Sun, 23 Oct 2022 03:47:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 467
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e7c0de0d6e0b65-OSL
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash b9b53855617661792eb4ca582b6758b5
666b23eab81205e537ab420d8a92c9dbf6c635f1
46ff3ede1e0f1d19654695679b253fd9255bdb22562b0d4fb4e42c1a88f45713
GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.flair2share.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 04:33:14 GMT
Etag: f14f4e0884bba7ed29c84803af0db02f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6FE9A56639D1EBF0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?722bcf82d448b292cb72eeee90377ca2
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?722bcf82d448b292cb72eeee90377ca2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash a78f04b6615136688c887996aa2d74a6
4fb9d392ae9cc914c157dc363f7b266fe819deff
e4107795f031476fa954af3786dd282b87533a5e6434971804ec206f7f95371c
GET /hm.js?722bcf82d448b292cb72eeee90377ca2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.flair2share.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 04:33:14 GMT
Etag: e6db28864b3e481085df74b274b5fdbb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=615A3FD730CC900B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
pg.doitalie.com/news/data.php
20.247.116.64200 OK 700 B URL HTTP/2 pg.doitalie.com/news/data.php
IP 20.247.116.64:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 81628400f99ba76c36f3fee28a8b2aff
4d6b6053515559f31dc4c5886cc85be7fb1ab067
71fb92055142d311005a6c7b2e66482a65f2db189f42ba1d1f12473c09b82110
GET /news/data.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sun, 23 Oct 2022 04:33:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2004780107&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=10096&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.flair2share.com%2Findex.php&tt=%E9%95%87%E6%B1%9F%E8%AE%B0%E5%91%98%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2004780107&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=10096&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.flair2share.com%2Findex.php&tt=%E9%95%87%E6%B1%9F%E8%AE%B0%E5%91%98%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2004780107&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=10096&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.flair2share.com%2Findex.php&tt=%E9%95%87%E6%B1%9F%E8%AE%B0%E5%91%98%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.flair2share.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 04:33:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=50734CF85F70BBA9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1100411083&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=10096&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.flair2share.com%2Findex.php&tt=%E9%95%87%E6%B1%9F%E8%AE%B0%E5%91%98%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1100411083&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=10096&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.flair2share.com%2Findex.php&tt=%E9%95%87%E6%B1%9F%E8%AE%B0%E5%91%98%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1100411083&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=10096&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.flair2share.com%2Findex.php&tt=%E9%95%87%E6%B1%9F%E8%AE%B0%E5%91%98%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.flair2share.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 04:33:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=51513386849842AB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.pgvwp.xyz/template/pgysvip/css/honglou.png
173.231.17.179200 OK 19 kB URL HTTP/2 www.pgvwp.xyz/template/pgysvip/css/honglou.png
IP 173.231.17.179:0
File type PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e
GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:15 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Tue, 22 Nov 2022 04:33:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgvwp.xyz/template/pgysvip/images/1.gif
173.231.17.179200 OK 254 B URL HTTP/2 www.pgvwp.xyz/template/pgysvip/images/1.gif
IP 173.231.17.179:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:15 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Tue, 22 Nov 2022 04:33:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgvwp.xyz/template/pgysvip/html9/ad/zxf88.js
173.231.17.179200 OK 614 B URL HTTP/2 www.pgvwp.xyz/template/pgysvip/html9/ad/zxf88.js
IP 173.231.17.179:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5544a44cad5faf09138fde07c5d2ff1a
b435357e5621bc4c023c289943638f84c560f644
e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8
GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:15 GMT
content-type: application/javascript
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Sun, 23 Oct 2022 16:33:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f56bdb13ff03ca3d0f4a35beaca36d7d
b50216b789b0d644c66b35e66af3dc903c71d665
7c13e11314fd897bcf44e15b9cafde64fbe4bf02edc75e368c2cbecaba4bb9eb
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 23 Oct 2022 04:33:16 GMT
Last-Modified: Sat, 22 Oct 2022 11:36:57 GMT
ETag: "6353d5d9-1d7"
Expires: Mon, 24 Oct 2022 11:36:57 GMT
Cache-Control: max-age=111821
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1666499596
Via: cache23.l2de2[43,43,200-0,M], cache23.l2de2[44,0], cache4.se1[64,64,200-0,M], cache4.se1[66,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 23 Oct 2022 04:33:16 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816664995961233241e
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Sat, 22 Oct 2022 04:56:02 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: -scAAABffxk3SyAX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1666414562
Via: cache15.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache7.se1[0,0,200-0,H], cache3.se1[1,0]
Content-Encoding: gzip
Age: 85034
X-Cache: HIT TCP_MEM_HIT dirn:5:289962451
X-Swift-SaveTime: Sat, 22 Oct 2022 04:56:13 GMT
X-Swift-CacheTime: 86389
Timing-Allow-Origin: *
EagleId: 2ff62c9716664995962018807e
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9469
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 92c8007e909dfdf6bac69bea09ce05c9
4009b6533c8b639d32212d7fbbb5d9d37c2bde0d
efcc905844e875e233265f1e3769032f98ed5076bde97fcd81f5a0ef055835f8
GET /upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: image/webp
content-length: 12394
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13120
content-disposition: inline; filename="dufs1uah5140349dufs1uah5142277.webp"
etag: "5e7d0743-3340"
last-modified: Thu, 26 Mar 2020 19:49:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4681
accept-ranges: bytes
server: cloudflare
cf-ray: 75e7c0ed1e781c06-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9469
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9469
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9469
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9469
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
www.pgvwp.xyz/template/pgysvip/images/video-mask.png
173.231.17.179200 OK 107 B URL HTTP/2 www.pgvwp.xyz/template/pgysvip/images/video-mask.png
IP 173.231.17.179:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Tue, 22 Nov 2022 04:33:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgvwp.xyz/template/pgysvip/images/video-play.png
173.231.17.179200 OK 1.6 kB URL HTTP/2 www.pgvwp.xyz/template/pgysvip/images/video-play.png
IP 173.231.17.179:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/pgysvip/images/video-play.png HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Tue, 22 Nov 2022 04:33:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d607096796fae9041f3725b09948ae7
3299439fe1cac50c70d9e3222ff0b65e97e41971
caceda500017d14bb3abb20f7806b3cab8d818dad5f13b240b572606370af20c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CACEDA500017D14BB3ABB20F7806B3CAB8D818DAD5F13B240B572606370AF20C"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=765
Expires: Sun, 23 Oct 2022 04:46:01 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c36ddbf075c84655d4b726f7d2978d93
8f349e2a24d6c607c3de864ebdafe65afb9e46bb
d7c1b2d1ff34b9249351defb407c781530a9294696d0d5285db0fa1e28f1a966
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158627
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:16 GMT
Etag: "63548caf-116"
Expires: Tue, 25 Oct 2022 00:37:03 GMT
Last-Modified: Sun, 23 Oct 2022 00:37:03 GMT
Server: nginx
Content-Length: 278
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
104.21.63.42200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 104.21.63.42:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Fri, 04 Nov 2022 02:11:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1563682
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE07OieqGvAIUAFo%2BVHASebLvT6QKYLyNJuXTHx93%2F6zhNZXmNl%2F%2BzfSUk%2FOGKvNZsgz1B2WS%2BBkTOOv0x313rOVEywGSDUOqfx0TEhlZC12JD%2BJZWs%2B3XERTTaIocu6xA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e7c0ee4c310afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c36ddbf075c84655d4b726f7d2978d93
8f349e2a24d6c607c3de864ebdafe65afb9e46bb
d7c1b2d1ff34b9249351defb407c781530a9294696d0d5285db0fa1e28f1a966
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=158627
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:16 GMT
Etag: "63548caf-116"
Expires: Tue, 25 Oct 2022 00:37:03 GMT
Last-Modified: Sun, 23 Oct 2022 00:37:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
www.pgvwp.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2004:33:32%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.179200 OK 3.1 kB URL HTTP/2 www.pgvwp.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2004:33:32%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.179:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 3b6c8b9e8a7e5cdee1f0b1638b9fb274
b04f56ee536ccdafe6a9d6eda184d5bb7aee28f9
36a6130a458cece7a2b24f3c9c556007c7812d352887fca91a4ead152d748b7e
GET /template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2004:33:32%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: application/json
content-length: 3123
last-modified: Fri, 07 Oct 2022 10:18:44 GMT
etag: "633ffd04-c33"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 5d876063780ae1e6560efe208935c5e5
0abc1da977c8ddb3926df5a37de76d0d30c3f187
69a9ec783cc1186919cc4390e7890b1a82a275d49a8059b7c965e989aecddffa
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=327
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 5d876063780ae1e6560efe208935c5e5
0abc1da977c8ddb3926df5a37de76d0d30c3f187
69a9ec783cc1186919cc4390e7890b1a82a275d49a8059b7c965e989aecddffa
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=319
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 5d876063780ae1e6560efe208935c5e5
0abc1da977c8ddb3926df5a37de76d0d30c3f187
69a9ec783cc1186919cc4390e7890b1a82a275d49a8059b7c965e989aecddffa
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=182
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 5d876063780ae1e6560efe208935c5e5
0abc1da977c8ddb3926df5a37de76d0d30c3f187
69a9ec783cc1186919cc4390e7890b1a82a275d49a8059b7c965e989aecddffa
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=296
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
X-N: S
acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
104.21.234.200200 OK 1.0 MB URL HTTP/2 acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
IP 104.21.234.200:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /3acd6109c1789c68133976726c0d3a33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: image/gif
content-length: 1024160
last-modified: Fri, 21 Jan 2022 10:02:31 GMT
etag: "61ea84b7-fa0a0"
expires: Sun, 20 Nov 2022 22:55:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 106692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTEwh9krwwx5bCq397nQ6Fj9mdem1bu%2F4B9VjuC8L%2BFHRTWHZfmO6NTgPCNKzvMA4qkxoNaF0iRIWnR4iPA%2BROcoLPqB69WFlSCQIIO6GH7uT%2BpPeWNPN9r9unJT4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e7c0ee3816755e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e6caaf6d10702bc0f17c4d22d5647bb
9c4f115f09206f5b7e39ebecd5c8b353c384b037
b87900e9d588298ae828ad6433ea230b4fac01423cffd176d3acbf6c789e4eb8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B87900E9D588298AE828AD6433EA230B4FAC01423CFFD176D3ACBF6C789E4EB8"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 23 Oct 2022 10:33:16 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 720416fea3a7100d6babeaebd277a300
c152912ecda2c5940c2efcc315ee5a5ef67da816
3423cba3230802c3db3f0e732ebcc999a4b211eb2f11f0d4776b7cb8c7afa4d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 14:36:05 GMT
Expires: Thu, 27 Oct 2022 14:36:04 GMT
Etag: "c152912ecda2c5940c2efcc315ee5a5ef67da816"
Cache-Control: max-age=381167,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e7c0ef68650b51-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4e537467902bf9c8955e71593fff47e5
e559a3706b6c34672588a234de3f7ec64e9e2ab4
a223ab32a14db069d49eb1ca33797eddd90c5c13b96b126508ae8b576cddfc00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A223AB32A14DB069D49EB1CA33797EDDD90C5C13B96B126508AE8B576CDDFC00"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12964
Expires: Sun, 23 Oct 2022 08:09:20 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a64492ca7d0ee6d3b8376a726b4ace86
9dd52b378d95d35ca1cf82f324c3f38e807f70cd
98311b316bbf6c9dbe0c9dc5002666e64a4e9f1ec15c376a0019c46fcb6db48b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 15:51:43 GMT
Expires: Fri, 28 Oct 2022 15:51:42 GMT
Etag: "9dd52b378d95d35ca1cf82f324c3f38e807f70cd"
Cache-Control: max-age=472105,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e7c0ef8e010b55-OSL
hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash fab9bd727c4afbfd3485c0c455e94636
7256517ee196713201e03e9b5a72c7515782943a
a7f5471732f385cebba0672b3ad68521cf43e5dcba1aab588d03024557d1a73d
GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 04:33:16 GMT
Etag: 966bfc6df64b13143003ca3b77924ab3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8FBA7CA363C4FD56; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b137c5e0bd47d360dc35db83d3bdcbf8
07833f7d24daf7e5a49b94cb751ffcfdc3d73fdf
9c3d2671a330a1e49ab6df130538d6ba283df13a0405f1902349d367282a24e9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 04:29:50 GMT
Expires: Thu, 27 Oct 2022 04:29:49 GMT
Etag: "07833f7d24daf7e5a49b94cb751ffcfdc3d73fdf"
Cache-Control: max-age=344792,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e7c0eecf21b505-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8b3d366ab895876de1d3bd8ae3c3b418
03f5af52745eed9d277efcb728a35820805bfa49
e4e0ff5992ed6135faa976eea43bbcfabb41788f48b376e0b5e4debd100e2ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157509
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:16 GMT
Etag: "63548851-116"
Expires: Tue, 25 Oct 2022 00:18:25 GMT
Last-Modified: Sun, 23 Oct 2022 00:18:25 GMT
Server: nginx
Content-Length: 278
ttsetupian.cc/lm/cstggspk01.gif
104.21.13.145200 OK 246 kB URL HTTP/2 ttsetupian.cc/lm/cstggspk01.gif
IP 104.21.13.145:0
File type GIF image data, version 89a, 320 x 190\012- data
Size 246 kB (246207 bytes)
Hash e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318
GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Tue, 15 Nov 2022 22:43:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 499056
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxuY5hPA9gRwW5VNgovYNTxfXLhormQHnDA9jGhhTXYv9yWaCi7kTKGQHURpwjb4OpUESY900BCjHf%2B%2FxeXP4noBI%2BUwT6k4DsHpm%2FR2ihAnF5AhomvPTY%2B8Ne3MWJJt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e7c0f03e3c0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4166f8a3d951ed202e826d6d5c5429a
1749c1e4a3833ebf3723c053b80b54d61fdd5661
6b0b796dd3120da995118d6b37e0c3e34dbfdb939d6bea76c84d612999a991bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B0B796DD3120DA995118D6B37E0C3E34DBFDB939D6BEA76C84D612999A991BB"
Last-Modified: Fri, 21 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2357
Expires: Sun, 23 Oct 2022 05:12:33 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8b3d366ab895876de1d3bd8ae3c3b418
03f5af52745eed9d277efcb728a35820805bfa49
e4e0ff5992ed6135faa976eea43bbcfabb41788f48b376e0b5e4debd100e2ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157509
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:16 GMT
Etag: "63548851-116"
Expires: Tue, 25 Oct 2022 00:18:25 GMT
Last-Modified: Sun, 23 Oct 2022 00:18:25 GMT
Server: nginx
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 552e61fc059bb81ae37bc3555985cd6f
061294cb4c79c3a8b4e907621fb2ebecb8d59f8a
3dcf96624e2396156b770659d75d326319c09c5fb6896aaa84d82fd9cb1c3e42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DCF96624E2396156B770659D75D326319C09C5FB6896AAA84D82FD9CB1C3E42"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16927
Expires: Sun, 23 Oct 2022 09:15:23 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9e3a4e35ac9d7f505a7704dad11efa5e
855bc515d50be14ff5706b9fcb0886f394ed35c9
51daa7132e7bff0e7ba441d30d466ba17c5fc34ceba0a8414b0ce1ccc10ca5d1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 06:21:32 GMT
Expires: Thu, 27 Oct 2022 06:21:31 GMT
Etag: "855bc515d50be14ff5706b9fcb0886f394ed35c9"
Cache-Control: max-age=351494,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e7c0f078b30b51-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 1be0f51261b520fbc490593bfd6cd505
d608fe93ad85d50c113fec0b13771de2715450e9
44ddb41e656cd37625218d95e1a69118f3146b5212bbacd43db4504a0c52d036
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 27 Oct 2022 01:34:29 GMT
ETag: "d608fe93ad85d50c113fec0b13771de2715450e9"
Last-Modified: Sun, 23 Oct 2022 01:34:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3135
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e7c0f0dd66fac4-OSL
kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: text/html
content-length: 162
location: https://kvhlll.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 04:33:16 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef75d36925bf696e792d649223ed675e
f009d5acd569610a1f6db65c4f830aa0869155b2
35ca52dd3c1396b400c304a0c4be9a3004fce98f0acc0b9fc06bc716c09fbc8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CA52DD3C1396B400C304A0C4BE9A3004FCE98F0ACC0B9FC06BC716C09FBC8D"
Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6163
Expires: Sun, 23 Oct 2022 06:15:59 GMT
Date: Sun, 23 Oct 2022 04:33:16 GMT
Connection: keep-alive
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash af558bf0aee772286710ea6fc626f351
85dd74eaf9b57e4bfa9fd2b4070b9ba5d13a3d37
2ecb3ba81c6beb74b3d215b5231c0dc294ab554776a9e32ff4041142dda7d859
GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 04:33:16 GMT
Etag: 17d8b3142c0551c6a8c44eded6069d68
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FBD23644A5C22B9C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7812e5da97c7cb67a88ac756ef58aa71
d3d2bb0940804c3912f773ed6f8091b9220df170
8180b81a2a1f07b4917f5efe9faaa83b3d78affb519b38fed99cc4e0dccac634
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=119359
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:17 GMT
Etag: "6353f34c-117"
Expires: Mon, 24 Oct 2022 13:42:36 GMT
Last-Modified: Sat, 22 Oct 2022 13:42:36 GMT
Server: nginx
Content-Length: 279
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash c131d0c15a7109e59c5806fca46c9cf9
3ff55053afaad7ff6e2dff8278a9925b43a39557
b41cd654cea87a621f17b3644773bd2c9bd75513050de165352d5a5935e73d97
GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 04:33:16 GMT
Etag: 5072e03d64544c46cbece457ace23787
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4D8234724F6B683F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
104.21.55.74200 OK 524 kB URL HTTP/2 nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 325 x 143\012- data
Size 524 kB (523775 bytes)
Hash 2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgvwp.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:17 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Wed, 16 Nov 2022 14:41:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 481886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqdwJcE913vSNcLfIijuaddgspSx4dl5%2FUIsJ61KLlDZEw2rtr5d7209oJ8oCM6QvoDNkLriU4Iqa9wevvUP9z9HddYZA4LFJFNMo%2FCZXmMwDtVuXJMxEIo9NGw0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e7c0f21fe61c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06b4f8fc96d43068e208af4a8aea9d10
300ffc02753d9c141d382a2468cf83f6605805af
206ef4e594bf6f91d4024d16f3a51d7c0a80ff7ae2903dcf8bcc751c202e3298
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128366
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:17 GMT
Etag: "6354167b-118"
Expires: Mon, 24 Oct 2022 16:12:43 GMT
Last-Modified: Sat, 22 Oct 2022 16:12:43 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7812e5da97c7cb67a88ac756ef58aa71
d3d2bb0940804c3912f773ed6f8091b9220df170
8180b81a2a1f07b4917f5efe9faaa83b3d78affb519b38fed99cc4e0dccac634
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=119359
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:17 GMT
Etag: "6353f34c-117"
Expires: Mon, 24 Oct 2022 13:42:36 GMT
Last-Modified: Sat, 22 Oct 2022 13:42:36 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4835c48f4652b65faac0f6174d499d9d
20e92c4af6df75008d24fa768c30b191bf4bebdb
c197fd23a8c3bd972d95924c9d1f802bb7842f6667835966b4b1a8ab4e772d1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C197FD23A8C3BD972D95924C9D1F802BB7842F6667835966B4B1A8AB4E772D1F"
Last-Modified: Sat, 22 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4652
Expires: Sun, 23 Oct 2022 05:50:49 GMT
Date: Sun, 23 Oct 2022 04:33:17 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=879871786&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10097&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=879871786&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10097&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=879871786&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10097&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 04:33:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=240D6660B32C4542; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06b4f8fc96d43068e208af4a8aea9d10
300ffc02753d9c141d382a2468cf83f6605805af
206ef4e594bf6f91d4024d16f3a51d7c0a80ff7ae2903dcf8bcc751c202e3298
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128366
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:17 GMT
Etag: "6354167b-118"
Expires: Mon, 24 Oct 2022 16:12:43 GMT
Last-Modified: Sat, 22 Oct 2022 16:12:43 GMT
Server: nginx
Content-Length: 280
kvhlll.top/1a182b41455cd11a06b7a6c90623f9cc.gif
104.21.233.123200 OK 832 kB URL HTTP/2 kvhlll.top/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 104.21.233.123:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 832 kB (832544 bytes)
Hash 8a1b22cb6be2662f8c75ace7480ea0e6
380d85b1d74b702a780ee04965fdb9908ab73171
928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kvhlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgvwp.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:17 GMT
content-type: image/gif
content-length: 832544
last-modified: Thu, 30 Jun 2022 12:03:43 GMT
etag: "62bd911f-cb420"
expires: Mon, 21 Nov 2022 10:19:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 65633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1HpXyCJbCUfrdchA7N03pPSKHfcdVSo%2BklD5aImYfdQMAMCaSDGBlrSCDdBKb7lpN0YbpUEzbAwupg94%2FWWuvbzU8ar2PAdLlIo%2FSKIrdwoownIqhrt%2F%2FUeHmrv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e7c0f27aa976af-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 04:33:17 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 91164b7133c6e7ac3e9110319081a03d
dda10682cb0d10fb8eac57c9bbc23817e06d3856
c7442a21e979bbe1382f86aca274544bbf6a945a6dec45da0e4fe222b81fbc29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 07:10:51 GMT
Expires: Fri, 28 Oct 2022 07:10:50 GMT
Etag: "dda10682cb0d10fb8eac57c9bbc23817e06d3856"
Cache-Control: max-age=440852,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e7c0f3af460b55-OSL
58tu.1468tu.com/58tu/960x60.gif
20.247.90.158200 OK 133 kB URL HTTP/1.1 58tu.1468tu.com/58tu/960x60.gif
IP 20.247.90.158:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 133 kB (132847 bytes)
Hash a806870e207849aef045eaa07d822c12
7d41b6ce35e3d0a498090c3e6796c6b97bb6aabc
51cd2d8382317de020ba2d00d48360ba3216f3a559bb8ea0a763fa81ffe626d0
GET /58tu/960x60.gif HTTP/1.1
Host: 58tu.1468tu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:16 GMT
Content-Type: image/gif
Content-Length: 132847
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 06:43:55 GMT
ETag: "17174c14fd9d81:0"
X-Powered-By: ASP.NET
Server: X-Y
X-Cache-Status: HIT
Accept-Ranges: bytes
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 9eab5cf4233403edb3205350d8cb5e30
8397785ec0ca10b3f88f6a2bf57edc3779b75d2f
482a95546d2c859fb10394093160aba1aa7c1bdac41cc41de8b397b027d725a2
GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 04:33:16 GMT
Etag: 146d0fd2d05db48fe8a3feb56ceca863
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DDB9E8E62A44BE2C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=369635399&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=369635399&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=369635399&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 04:33:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A63BCC62F4BB363B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 704799ae6c5ecf38cb79e16d967e1e3a
8f09db05102c95925c9a6a970f8b4f6c7e424080
b4b825bb582701507a14a12fb56079b9499f01024d3f665719461ace208e9396
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=153189
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:17 GMT
Etag: "63547772-117"
Expires: Mon, 24 Oct 2022 23:06:26 GMT
Last-Modified: Sat, 22 Oct 2022 23:06:26 GMT
Server: nginx
Content-Length: 279
kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
172.67.173.230200 OK 45 kB URL HTTP/2 kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
IP 172.67.173.230:0
File type GIF image data, version 89a, 300 x 250\012- data
Hash 27a2817f52fee59d33a011663237afdc
e7d0b357438c2865cebc6c484e5d59bc1f048593
646c480e9b32d6623a25cb02951e9e2be603ff3926511754c6994f29857626fd
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgvwp.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:17 GMT
content-type: image/gif
content-length: 44685
last-modified: Wed, 29 Jun 2022 14:36:22 GMT
etag: "62bc6366-ae8d"
expires: Sun, 13 Nov 2022 19:43:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 722978
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWXqYzQPCEsw2mQNoFeYswqxu2O7xSNn8eVU%2BtAov48SmkZhpYQTMbN9V7dvWG1yPk%2F8PgglOtSkZ2wb%2BictZeDhYfUI1pknpveXslRxo%2FASAq7XAZ8CnnlYB71D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e7c0f4fa2a0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1469704054&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1469704054&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1469704054&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 04:33:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6099DCC5CA9A9CD2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
45.61.212.131200 OK 259 kB URL HTTP/2 vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
IP 45.61.212.131:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (259280 bytes)
Hash 53d090335e8e78b28c5a51a7bcd9f866
42c109960113d98371ae8b95c216ffd7ef1a2fcd
66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc
GET /6218a3c2db7446fb906b0de97f74ff22.gif HTTP/1.1
Host: vcwzfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456f4-3f4d0"
server: nginx
date: Sat, 08 Oct 2022 19:37:11 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:59:00 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-01
content-length: 259280
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 704799ae6c5ecf38cb79e16d967e1e3a
8f09db05102c95925c9a6a970f8b4f6c7e424080
b4b825bb582701507a14a12fb56079b9499f01024d3f665719461ace208e9396
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=153189
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 04:33:17 GMT
Etag: "63547772-117"
Expires: Mon, 24 Oct 2022 23:06:26 GMT
Last-Modified: Sat, 22 Oct 2022 23:06:26 GMT
Server: nginx
Content-Length: 279
65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
45.61.212.47200 OK 580 kB URL HTTP/1.1 65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
IP 45.61.212.47:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
Analyzer Verdict Alert quad9 Sinkholed
GET /53218c3090e04eccae534334cb03ed4a.gif HTTP/1.1
Host: 65686232255.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630cc146-8dadb"
Date: Tue, 30 Aug 2022 03:37:32 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 29 Aug 2022 13:38:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 580315
79151879798.com/b8ca9e8def054d5284828d03b701ef43.gif
45.61.212.47200 OK 654 kB URL HTTP/1.1 79151879798.com/b8ca9e8def054d5284828d03b701ef43.gif
IP 45.61.212.47:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
Analyzer Verdict Alert quad9 Sinkholed
GET /b8ca9e8def054d5284828d03b701ef43.gif HTTP/1.1
Host: 79151879798.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62d16582-9f991"
Date: Fri, 14 Oct 2022 09:32:31 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 15 Jul 2022 13:02:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 653713
93533557591.com/109e604a3c6249d594c56004b700f28c.gif
45.61.212.118200 OK 720 kB URL HTTP/1.1 93533557591.com/109e604a3c6249d594c56004b700f28c.gif
IP 45.61.212.118:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 720 kB (719745 bytes)
Hash a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
Analyzer Verdict Alert quad9 Sinkholed
GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Wed, 05 Oct 2022 05:58:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 719745
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 3dc1f48a8140a0b91b20dfd1f883b605
6fbdda06f5ae2cbf2017b661385d9c43a0e62f26
36a404ca57654ac2e7eacfb6a8e732301e190f5d851ccc83dc9526cf055d7f54
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 27 Oct 2022 01:02:00 GMT
ETag: "6fbdda06f5ae2cbf2017b661385d9c43a0e62f26"
Last-Modified: Sun, 23 Oct 2022 01:02:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2105
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e7c0f62f450b61-OSL
pg.doitalie.com/news/index.php
20.247.116.64200 OK 69 kB URL HTTP/2 pg.doitalie.com/news/index.php
IP 20.247.116.64:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d4625b4477b894e58b1ed242aede7d89
77a6ba668a240ec9bbd37e6d30695950b354466d
40c096da020e6f71ead8e9a551aa1e63a7a5a2bc7af382dc7afdd3f21316f2d3
GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.flair2share.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Sun, 23 Oct 2022 04:33:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg
47.246.44.226200 OK 824 kB URL HTTP/1.1 ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 824 kB (824465 bytes)
Hash 83a0fbbc5111aed24a0cc5c8de39e8ec
b255f9c8851c05cabf151fd8f2d73c4ff2a071cf
259f28148b6b90e52934d8deafbb2b59f3f0c0df235132b2d3e1fb631e7223ba
GET /udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 824465
Connection: keep-alive
Date: Thu, 20 Oct 2022 13:31:47 GMT
Cache-Control: max-age=2592000
Expires: Thu, 27 Oct 2022 13:31:46 GMT
Last-Modified: Wed, 05 Oct 2022 05:47:42 GMT
x-amz-request-id: 11f5c22b3c934910885b0bdfd398d663
x-amz-id-2: fGBhaN0tH5VnuPNHQ9xDmYKsiLe5h0O7KcnDUmN/bfIcoxMhcRLb+YBZMOoV8ps=
Accept-Ranges: bytes
ETag: "83A0FBBC5111AED24A0CC5C8DE39E8EC"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 666272707357587182
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.226
X-Kimg: egae
Ali-Swift-Global-Savetime: 1666272707
Via: cache66.l2nu20-8[0,0,200-0,H], cache8.l2nu20-8[1,0], cache25.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache4.se1[0,1,200-0,H], cache8.se1[4,0]
Age: 226890
X-Cache: HIT TCP_HIT dirn:2:195548164
X-Swift-SaveTime: Fri, 21 Oct 2022 04:36:31 GMT
X-Swift-CacheTime: 31049716
kwaisign: null
X-Ks-Request-ID: 2ff62c9c16664995977685451e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9c16664995977685451e
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1383528315&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1383528315&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1383528315&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10098&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgvwp.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 04:33:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D99C2F89E3764B16; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
103.170.15.110200 OK 112 kB URL HTTP/1.1 unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
IP 103.170.15.110:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 112 kB (112447 bytes)
Hash 41a695940d0c5bd9d1f0ad33ab681ccf
f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6
GET /1000c6da2a3c4746b97daa78f8f1b65f.gif HTTP/1.1
Host: unpfqc9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62935fa0-1b73f"
Date: Tue, 18 Oct 2022 04:56:32 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 29 May 2022 11:57:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 112447
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:31:14 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Tue, 22 Nov 2022 04:31:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg
104.22.13.214200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4f8fa1b3af9723b191da1db636e3d15
e7a8d7afa1f1420b519f2b6a303a1473e47f0ce4
e8916db0ebdacd0720dd618601ffb77cb97ba62ab5f7a8638029ece3b1fe0abd
GET /upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:18 GMT
content-type: image/webp
content-length: 9852
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10333
content-disposition: inline; filename="zmftmj4szbu0349zmftmj4szbu2175.webp"
etag: "5e7d0741-285d"
last-modified: Thu, 26 Mar 2020 19:49:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 75e7c0ed1e791c06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg
104.22.13.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1033d39eb09b7476cfb4e073ae246f77
77369d24234edf66d8dac9355862c31b32c1d357
de486fbcd4e0aa09f55d40946ef298341cf811918d8aa51dcfdd3b88d9214416
GET /upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:18 GMT
content-type: image/webp
content-length: 6932
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9123
content-disposition: inline; filename="h1n2yo2x3vo0821h1n2yo2x3vo171619.webp"
etag: "635488fd-23a3"
last-modified: Sun, 23 Oct 2022 00:21:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 75e7c0ed1e7a1c06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg
104.22.13.214200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8cc194f43fba2b6cd8e1f944d9e03f2e
cf03d4e990b84d945cff0a886496cf94dd7ecefe
8db0e38a95e5d6e09b3ab9c6337567e81157f17a8df742c5f18a993ab90285a3
GET /upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:18 GMT
content-type: image/webp
content-length: 5990
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8287
content-disposition: inline; filename="4ec1ypeomhd08174ec1ypeomhd451353.webp"
etag: "63548829-205f"
last-modified: Sun, 23 Oct 2022 00:17:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 75e7c0ed1e721c06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 896230a4a9c83d8bc5be2fbbf3052eb9
0f78d4292a7b2066a887061f0d712d2fdb67d85a
7096d95456835e2bdc761af6a7eacfc3c27a702d9b6f049c29589f745da52a53
GET /upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:18 GMT
content-type: image/webp
content-length: 11072
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11983
content-disposition: inline; filename="xg0mjarlcav0817xg0mjarlcav411345.webp"
etag: "63548825-2ecf"
last-modified: Sun, 23 Oct 2022 00:17:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 75e7c0ed1e6e1c06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a6dfda9781e7f2478f79c9d23d658925
a93fbfcc561ea4d6590ee85fd944df26017a7deb
b35ab1bb702249af67552525a8af28c21654a999c82afc3aadf0da1484ee5e53
GET /upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:18 GMT
content-type: image/webp
content-length: 9956
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11708
content-disposition: inline; filename="f135ecdlpt50349f135ecdlpt52785.webp"
etag: "5e7d0747-2dbc"
last-modified: Thu, 26 Mar 2020 19:49:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 75e7c0ed1e751c06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg
104.22.13.214200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 71dec45bc6414d35446f7b790ff28ee8
72f4cc5b08787080d7fc88ca40b18b3367229357
dd1b2b89536b324193371d89e9b369eeaec653f1a3f147d328187d765e4d0681
GET /upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:18 GMT
content-type: image/webp
content-length: 9840
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10669
content-disposition: inline; filename="kogdazm0urj0349kogdazm0urj2889.webp"
etag: "5e7d0748-29ad"
last-modified: Thu, 26 Mar 2020 19:49:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 75e7c0ed1e7f1c06-OSL
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a1a125e5ddf3e2808aeefc17cc93a3a
b62bb2b3019adceb85ec05183201cf1442b0da97
5d60ae79f9d810fc84f09be8b03a702460b1ea2fbea7a3423378590e3b0ce406
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 23 Oct 2022 04:33:18 GMT
Last-Modified: Sat, 22 Oct 2022 23:18:51 GMT
ETag: "63547a5b-1d7"
Expires: Mon, 24 Oct 2022 23:18:51 GMT
Cache-Control: max-age=153933
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1666499598
Via: cache8.l2de2[47,46,200-0,M], cache8.l2de2[47,0], cache4.se1[68,67,200-0,M], cache4.se1[70,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 23 Oct 2022 04:33:18 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816664995983394947e
6655cy.com/cdn/ashkad.gif
154.197.15.81200 OK 311 kB URL HTTP/2 6655cy.com/cdn/ashkad.gif
IP 154.197.15.81:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 311 kB (311408 bytes)
Hash 99ed707e8993e93bff73dbb369e89b3e
21d1ef9c09316253b35c31df246c4cef8766df62
99d1c91a54ee659b7055b38390708fb6405f9b8e8f4d70a20616ced03adbfb62
GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:17 GMT
content-type: image/gif
content-length: 311408
last-modified: Mon, 15 Aug 2022 08:53:58 GMT
etag: "62fa09a6-4c070"
expires: Tue, 22 Nov 2022 02:10:12 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 64041e03ea46bd5edeb78fe8744daf8f
b6a3c7cd621d194fa4298ed0bf9e023cd9408030
b1bb46114dd0dd9f05c11d6b206a021e69a0f1a322048093d3b972bedea7b769
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 15:45:42 GMT
Expires: Fri, 28 Oct 2022 15:45:41 GMT
Etag: "b6a3c7cd621d194fa4298ed0bf9e023cd9408030"
Cache-Control: max-age=471742,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e7c0fc6c3a0b51-OSL
si1.go2yd.com/get-image/0wut3IuOIN0
58.254.180.65200 OK 51 kB URL HTTP/2 si1.go2yd.com/get-image/0wut3IuOIN0
IP 58.254.180.65:0
ASN #136958 China Unicom Guangdong IP network
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7a02a69b00eebfc2977f6d8417cf8141
2203e026eacda489b6e3aa673d5c14bb1526a6dd
e994a6c450acbc20fdca555a5a30d15af3af102f608bbd8a6a5bd295a1ee41ac
GET /get-image/0wut3IuOIN0 HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 23 Oct 2022 04:33:18 GMT
content-type: image/gif
content-length: 50826
last-modified: Sun, 09 Jan 2022 13:06:09 GMT
etag: "7a02a69b00eebfc2977f6d8417cf8141"
age: 311317
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80ha4obs6l5hib1npolkgidlol
content-md5: egKmmwDuv8KXf22EF8+BQQ==
timing-allow-origin: *
ohc-cache-hit: gz3un50 [2], zhuzuncache50 [4], bdix189 [1]
ohc-file-size: 50826
x-cache-status: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56ede933a61d19a6c735384b2e588306
81938e9fa9baeda8a3c696d833dfbea35bf24214
8e5669dc9a2cbbd7ea251ebda8fd8fb6dea98e82aee4fb3d3d3dfeed47117e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E5669DC9A2CBBD7EA251EBDA8FD8FB6DEA98E82AEE4FB3D3D3DFEED47117E4B"
Last-Modified: Sat, 22 Oct 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=735
Expires: Sun, 23 Oct 2022 04:45:33 GMT
Date: Sun, 23 Oct 2022 04:33:18 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 12cfd64f476ae1ab5d053e261d156b2f
fe9d29b820da5b83b0cc78d1f03431c09ce53056
d9f2edd0c21802264e0de924aa0492a4df2e8dcddc9eb82538a18bceb3b78d32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 05:53:24 GMT
Expires: Sat, 29 Oct 2022 05:53:23 GMT
Etag: "fe9d29b820da5b83b0cc78d1f03431c09ce53056"
Cache-Control: max-age=522604,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e7c0fcca0b0b55-OSL
p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0
43.129.255.47200 OK 246 kB URL HTTP/2 p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 120\012- data
Size 246 kB (245730 bytes)
Hash e7c9418cc4b1db452845d03cb45877a6
d0706feced92a11abc2cb112d7f031238fd614e9
6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b
GET /qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 23 Oct 2022 04:33:17 GMT
content-type: image/gif
content-length: 245730
vary: Accept,Origin
last-modified: Sun, 02 Oct 2022 13:04:42 GMT
cache-control: max-age=2592000
x-delay: 31092 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 245730
chid: 0
fid: 0
x-nws-log-uuid: b526e689-fe6e-4e57-8d17-c9a8bcc57a12
X-Firefox-Spdy: h2
vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
103.170.15.44200 OK 32 kB URL HTTP/2 vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
IP 103.170.15.44:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 240\012- data
Hash 8e006882641a7a80a721cc7067dcf340
f45892ae4a2e8fccd1aa806c478c8311e9b13bf1
c031c60fa1e0afe9efaa02b19c928f634aaa26a52363b1ba5da0d1c23b4f23ae
GET /7f743b72ee5144caa28f7e1d8a8b2ab9.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456dc-7be1"
server: nginx
date: Thu, 06 Oct 2022 10:42:27 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:58:36 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-34
content-length: 31713
X-Firefox-Spdy: h2
u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
20.239.82.158200 OK 37 kB URL HTTP/1.1 u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
IP 20.239.82.158:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 910f18fdc66120d774b5e52a309b0cfd
cf303808e3664ff87c387824d6f32df1df8af56c
01c54f3caed68e21a22c348b63a3e13e26a36ae0625f12d30d704f6d5d49db41
GET /ee2552e0433e4f19ab771ef923ba5299.gif HTTP/1.1
Host: u0053.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:58 GMT
ETag: W/"629365a2-92cd"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
20.24.99.165200 OK 37 kB URL HTTP/1.1 33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
IP 20.24.99.165:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7ded2042a95c6c192a2c06e07075236e
1fc93212b6c5296bb2e0b403884c9b37e93c27a6
8095fedc5bd55fab27f9e37eed655234aab58b2925ea2494b04dcf5ae089f699
GET /83ba7e533208445fa097e17c23a48e1c.gif HTTP/1.1
Host: 33869213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 04:33:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Jul 2022 07:53:43 GMT
ETag: W/"62dcfa87-b269"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg
104.22.13.214200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e7deb92a6462e5739d3bd76d10f5400
2abf1828f46cebb31c90c5cd909cd1f846e14613
ef57ccb9f1602e96ab71543fa3e3e296603af4178cb6b03416fb5b99e16347a3
GET /upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 04:33:20 GMT
content-type: image/webp
content-length: 7564
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8660
content-disposition: inline; filename="rmgjvugi1db0820rmgjvugi1db051537.webp"
etag: "635488b5-21d4"
last-modified: Sun, 23 Oct 2022 00:20:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 75e7c0eddeb51c06-OSL
X-Firefox-Spdy: h2
www.pgvwp.xyz/
173.231.17.179200 OK 0 B IP 173.231.17.179:0
GET / HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.pgvwp.xyz/template/pgysvip/css/zui.css
173.231.17.179200 OK 0 B URL HTTP/2 www.pgvwp.xyz/template/pgysvip/css/zui.css
IP 173.231.17.179:0
GET /template/pgysvip/css/zui.css HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:15 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 03:05:22 GMT
vary: Accept-Encoding
etag: W/"62621b72-16462"
expires: Sun, 23 Oct 2022 16:33:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x969.xyz/images/633d1a785373951e7c36e4d1.gif
23.225.222.2302 Found 0 B URL HTTP/2 img.x969.xyz/images/633d1a785373951e7c36e4d1.gif
IP 23.225.222.2:0
GET /images/633d1a785373951e7c36e4d1.gif HTTP/1.1
Host: img.x969.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.pgvwp.xyz/template/pgysvip/js/jquery.config.js
173.231.17.179200 OK 0 B URL HTTP/2 www.pgvwp.xyz/template/pgysvip/js/jquery.config.js
IP 173.231.17.179:0
GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pgvwp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgvwp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 04:33:15 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Sun, 23 Oct 2022 16:33:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2