Report - iift2.com/

Report Overview

Submitted URL
iift2.com/
IP
23.81.162.101
ASN
#7203 LEASEWEB-USA-SFO-12
Submitted
2022-10-23 03:15:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
dvcasha2.ocsp-certum.com	71753	2014-11-27T09:04:42Z	2023-03-09T12:14:45Z	1.3 kB	7.4 kB	23.36.79.17
79151879798.com	unknown	2022-08-10T11:40:00Z	2023-02-02T02:58:46Z	394 B	654 kB	103.170.15.77
kvkaa.com	unknown	2022-05-19T11:47:10Z	2023-03-09T08:15:13Z	388 B	422 B	64.32.13.142
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-09T08:30:34Z	6.1 kB	74 kB	103.235.46.191
www.pgurw.xyz	unknown	2022-05-26T03:39:23Z	2023-02-08T10:25:45Z	3.4 kB	29 kB	173.231.17.179
cdn.staticfile.org	46426	2013-08-23T10:51:19Z	2023-03-09T08:27:12Z	362 B	81 kB	47.246.44.211
nvhbbb.top	unknown	2022-04-10T10:43:59Z	2023-03-10T01:34:07Z	389 B	524 kB	104.21.55.74
u0053.com	unknown	2021-02-01T02:45:40Z	2023-02-15T11:35:13Z	388 B	38 kB	20.24.101.60
si1.go2yd.com	325918	2017-02-02T12:37:19Z	2023-03-09T06:53:14Z	377 B	51 kB	58.254.180.65
www.iift2.com	unknown			1.2 kB	3.8 kB	23.81.162.101
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	56 kB	34.120.237.76
kvkbbb.top	unknown	2022-05-01T11:59:00Z	2023-02-28T21:02:11Z	389 B	833 kB	104.21.45.17
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-09T05:47:10Z	271 B	750 B	112.34.113.148
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-09T05:47:11Z	319 B	114 B	182.61.201.93
pg.doitalie.com	unknown	2022-06-06T09:45:55Z	2023-03-06T05:50:47Z	844 B	144 kB	20.247.116.64
cdn.jsjsjs.xyz	unknown	2022-02-22T22:30:27Z	2023-03-09T12:58:43Z	392 B	407 kB	104.21.63.42
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-09T05:09:49Z	355 B	2.0 kB	151.101.86.133
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	3.9 kB	11 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
iift2.com	unknown			329 B	194 B	23.81.162.101
kvmaa.com	unknown	2015-11-06T05:44:54Z	2023-01-07T21:05:57Z	388 B	422 B	78.46.107.74
img.x969.xyz	unknown	2022-07-18T15:07:19Z	2022-11-27T09:00:26Z	390 B	45 kB	23.225.222.2
vgvjkw.com	unknown	2022-07-07T18:38:40Z	2022-12-23T22:18:00Z	389 B	32 kB	103.189.108.93
6655cy.com	unknown	2022-08-10T14:25:13Z	2023-02-12T04:38:06Z	367 B	312 kB	154.197.15.81
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.36
65686232255.com	unknown	2022-08-09T11:37:00Z	2023-02-15T11:15:43Z	394 B	581 kB	45.61.212.227
33869213.com	unknown	2022-06-24T13:16:06Z	2023-02-27T00:17:02Z	391 B	37 kB	20.24.200.53
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-09T05:14:26Z	336 B	1.2 kB	104.18.32.68
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-09T05:14:34Z	2.3 kB	5.1 kB	23.36.77.32
vcwzfn.com	unknown	2022-07-05T03:20:44Z	2023-02-15T17:32:22Z	389 B	260 kB	103.170.15.42
taiwtp1.com	unknown	2022-04-08T09:06:08Z	2023-03-09T05:15:22Z	735 B	144 kB	220.128.218.220
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	3.0 kB	5.5 kB	93.184.220.29
ocsp.digicert.cn	37572	2020-03-20T18:45:56Z	2023-03-09T11:08:28Z	656 B	2.2 kB	47.246.44.205
93533557591.com	unknown	2022-08-10T15:54:43Z	2022-12-26T00:27:46Z	394 B	720 kB	103.170.15.101
acoossi.top	489936	2022-01-13T06:50:58Z	2022-12-08T04:06:14Z	390 B	1.0 MB	104.21.234.200
kveww.com	unknown	2021-10-19T09:57:06Z	2023-03-09T10:00:49Z	388 B	422 B	66.150.130.123
ttsetupian.cc	unknown	2022-06-07T10:00:54Z	2023-03-08T07:27:28Z	373 B	247 kB	172.67.200.154
unpfqc9.com	unknown	2022-03-23T07:48:08Z	2023-01-18T08:34:47Z	390 B	113 kB	103.170.15.107
ali2.a.yximgs.com	35964	2017-01-29T09:52:05Z	2023-03-08T23:45:28Z	382 B	826 kB	47.246.44.229
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	35.164.56.167
lbfm.lbpictupian.com	unknown	2022-10-09T18:47:38Z	2023-03-09T05:15:22Z	14 kB	295 kB	172.67.28.138
p.qlogo.cn	48578	2014-01-15T12:11:45Z	2023-03-09T05:15:22Z	445 B	246 kB	43.129.255.47
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-09T05:09:04Z	1.0 kB	6.0 kB	151.101.86.133
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	2.3 kB	6.7 kB	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-22	medium	79151879798.com	Sinkholed
2022-10-23	medium	93533557591.com	Sinkholed
2022-10-23	medium	65686232255.com	Sinkholed

JavaScript (25)

	URL	Size	First Seen	Last Seen
	pg.doitalie.com/news/data.php	304 B	2023-03-10	2023-03-11
Pretty URL pg.doitalie.com/news/data.php IP 20.247.116.64 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:34:20 Last Seen2023-03-11 12:22:24 Times Seen1 Hash d987c5bd0bbe71e85a0e04cf5cca1bbb e6bf8e7b3182204c224b50a97b31360344ac414f 52e2f2607383a21462c39fc51a38bc83efa217aa922751372e10bb68eaeecea7 Loading...

	hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8	30 kB	2023-03-10	2023-03-10
Pretty URL hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:36:08 Last Seen2023-03-10 13:36:08 Times Seen1 Hash 8e951f9a3391b55f41f0f939a0a16c81 d41f3b3f3573f43c8d309219cbfad3c91b7f3cad aac254aaec85bbc1f13893b99ca6588948e1c34166a903d2ac5049fa3085ffda Loading...

	www.pgurw.xyz/template/pgysvip/js/jquery.config.js	5.2 kB	2023-03-07	2023-07-10
Pretty URL www.pgurw.xyz/template/pgysvip/js/jquery.config.js IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-07-10 06:46:32 Times Seen30 Hash 242f88320e2fab8358422f78a0ba3513 079ab5ea8453c12cd23d7893c2cf4f2bf3f973e5 3307ac2d9b16148f210070834055add1db4b8e0fd046fa3045ef1d9eee64cdd4 Loading...

	www.pgurw.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgurw.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 28c1ae84e70f33425fd999c791ee3dbf 2dec8b0a53819d07f33169d7cc52870499686150 d57c7ad00a438cf92657799ee14adc23a172f9ae57e897dd08aaa278fdd9f5c9 Loading...

	www.iift2.com/index.php	404 B	2023-03-07	2024-04-26
Pretty URL www.iift2.com/index.php IP 23.81.162.101 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 13:23:16 Times Seen2980 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-26
Pretty URL push.zhanzhang.baidu.com/push.js IP 112.34.113.148 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 14:21:43 Times Seen19021 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	www.pgurw.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgurw.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 6c6c25f97b8fb687803d97c0e38848bc e2b22fee96d32254461606df4b3141f5111401c0 e502f6b7667b4baaf00ea8661e9542ab781f926ad85e56b9dfa6b280a3b5eeda Loading...

	hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb	30 kB	2023-03-10	2023-03-10
Pretty URL hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:36:08 Last Seen2023-03-10 13:36:08 Times Seen1 Hash b5c692df5d8f35a6ffe6db338dcf41b7 a0a2f358967bf4bf27584ae2df7835e400f60064 bbb459c05f1c88da831dbe8feec7fc5561e3a5212ae42ef64815190ede1e89de Loading...

	cdn.staticfile.org/jquery/1.9.1/jquery.js	268 kB	2023-03-07	2024-04-26
Pretty URL cdn.staticfile.org/jquery/1.9.1/jquery.js IP 47.246.44.211 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:57 Last Seen2024-04-26 12:09:09 Times Seen43958 Hash 08c235d357750c657ac1db7d1cf656a9 9257afd2d46c3a189ec0d40a45722701d47e9ca5 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40 Loading...

	www.pgurw.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgurw.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 7b57b693d764afd14b850e634ceb4dc5 1babd76f0725a7d134c882ed8a8b9aa2f7d91455 438193789ec9443d24e904f4032802401361c5aee6e8537afc301a4af5cff5af Loading...

	hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc	30 kB	2023-03-10	2023-03-10
Pretty URL hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:36:09 Last Seen2023-03-10 13:36:09 Times Seen1 Hash d8da03bbdba049557602f9a45217521e 44854d5d5f6b8a68d0788ddb2e579b57d28aa8dc 370317a8c01ad95d809665cdf68b2257dac52fc79f5a01b7dcb0e137004cf0bf Loading...

	www.iift2.com/tj.js	520 B	2023-03-10	2023-03-12
Pretty URL www.iift2.com/tj.js IP 23.81.162.101 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:42:56 Last Seen2023-03-12 06:06:52 Times Seen1 Hash d251afdf67cad8d670b3b27263c761ae f94dd6cca51247e052f8fb972f3d4b26a52d315d 9d09fa601221b8a8d123a70233abdefb7b398c154803635f173620777246ba33 Loading...

	www.iift2.com/common.js	3.1 kB	2023-03-07	2023-04-16
Pretty URL www.iift2.com/common.js IP 23.81.162.101 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-04-16 14:51:12 Times Seen7 Hash 33649c66b9a6a9b9891a3e24deec2e3f e3740e085b436cd76dd7fe301db043d236c9ede3 16dcb8ce59dfa9e474a91736c1d9ff7b4ee1830f165e517b3d5b4e110236d186 Loading...

	hm.baidu.com/hm.js?722bcf82d448b292cb72eeee90377ca2	30 kB	2023-03-10	2023-03-10
Pretty URL hm.baidu.com/hm.js?722bcf82d448b292cb72eeee90377ca2 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:36:09 Last Seen2023-03-10 13:36:09 Times Seen1 Hash e48e3ac235d6309d1f720c7d3321257a f877f1039daad38242b6d179c8387ac5a419782d 9fbb426fd3c65fd5ad3c77076f01a50e9a0d308d0b874bf83389d8336801d7c3 Loading...

	www.pgurw.xyz/template/pgysvip/html9/ad/zxf88.js	614 B	2023-03-07	2023-03-17
Pretty URL www.pgurw.xyz/template/pgysvip/html9/ad/zxf88.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-17 12:53:52 Times Seen1 Hash 5544a44cad5faf09138fde07c5d2ff1a b435357e5621bc4c023c289943638f84c560f644 e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8 Loading...

	www.pgurw.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgurw.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash a6e45831c0e5008c704b8f06607d4693 22369aa571a9d1bbeb8bc6245b9a44f70a52c7a8 9f6afe3289f88072053e3911de6b95100b3e4b51470dfb073989034e7f2dd707 Loading...

	hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1	30 kB	2023-03-10	2023-03-10
Pretty URL hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:36:09 Last Seen2023-03-10 13:36:09 Times Seen1 Hash 92ac9ba49cb4bdc4cfc5b33c4b4aece7 2ce51101c4ec629103815d36370723b4dae089eb 5816d69118ab3cb29df74662b61a8d42d662d84f2ba40c6f3cd87c48146074bf Loading...

	hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125	30 kB	2023-03-10	2023-03-10
Pretty URL hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:36:09 Last Seen2023-03-10 13:36:09 Times Seen1 Hash 1a1770108756f430e81f9df7c1f02ba6 99bd939fec1602476aab468c923d473e1cf3806c cefd005f96bd37de8ff3f44f23052d2974a1f721b8f0afe21f6108d9fa6a2098 Loading...

		Size	First Seen	Last Seen
	#1 Write - 78ac2aa5ccc29c90a345c90aab40b442	103 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-19 17:37:58 Times Seen2026 Hash 78ac2aa5ccc29c90a345c90aab40b442 cac604932faa4add2955602b41de8a8bff362ebd 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e Loading...

	#2 Write - 59cf81439a8bf9b569e5577fe5aa0de8	77 B	2023-03-07	2024-04-03
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-03 10:05:58 Times Seen1648 Hash 59cf81439a8bf9b569e5577fe5aa0de8 7310f3ea09ddff6601e9da7bf0665b0edd6d1435 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4 Loading...

	#3 Write - 541fdbf27fee487a6a7abc7bea135420	87 B	2023-03-07	2024-04-03
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-03 10:05:58 Times Seen1031 Hash 541fdbf27fee487a6a7abc7bea135420 25b31600313f8e557d0c9c863dc9bdec7cf69ff8 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9 Loading...

	#4 Write - 47f289a5cafd63d486ff2559f067731b	182 B	2023-03-07	2023-04-16
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2023-04-16 14:51:12 Times Seen5 Hash 47f289a5cafd63d486ff2559f067731b 0660b615f9c2ef7f49bc0702530e99fc825b5b10 d11ba4e523ac4988ae751c55dd6429af48a06e3cf158a7f5a4115a3676778a14 Loading...

	#5 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 10:28:57 Times Seen11452 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#6 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-25 20:37:27 Times Seen3762 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#7 Write - f354e4723d6f8a8c55507076f1ede231	318 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-17 12:53:52 Times Seen1 Hash f354e4723d6f8a8c55507076f1ede231 0c65fe89c03b5054ef4b052d320b3bb1b2f0298f 7e04099921ecc9c0597e2fba4001c974fe4dd405733b40ab6a5a85397d4fd2be Loading...

HTTP Transactions (142)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 02:52:47 GMT
Expires: Sun, 23 Oct 2022 03:04:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Toz6ObpgU5jdS03Z8dhwtDLgbgqqp705E1ks-l1LIdaLPOBkSXsS3w==
Age: 1343

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15461
Expires: Sun, 23 Oct 2022 07:32:51 GMT
Date: Sun, 23 Oct 2022 03:15:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2698
Expires: Sun, 23 Oct 2022 04:00:08 GMT
Date: Sun, 23 Oct 2022 03:15:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: y6tD4iCQIRnqnK74bNPHLC60PtIVrg4kTqc5D1Ky5FRg8firXf65eS4dy9Hj1oJ2ml7SkDVya7c=
x-amz-request-id: 1GPEA7X8VVSBKE9H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 02:37:48 GMT
age: 2242
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

iift2.com/

23.81.162.101

301 Moved Permanently

0 B

URL HTTP/1.1
iift2.com/
IP
23.81.162.101:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 23 Oct 2022 03:14:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.iift2.com/index.php

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 02:43:40 GMT
Expires: Sun, 23 Oct 2022 03:17:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WUHj0pzRqd8RF4ro-mvaZtC7BhhQlrFWbSgPTI_a8daLoemAX2dYig==
Age: 1890

www.iift2.com/index.php

23.81.162.101

200 OK

785 B

URL HTTP/1.1
www.iift2.com/index.php
IP
23.81.162.101:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
785 B (785 bytes)
Hash
8a849857fddf67c5568dacc44ccdb1a2
0f57da0cc1532ad794baca02d0b3412f4364bc7e
55cf5a499ebd750dd9155ad2f4f2ecbed68bf46b5b484f0fe5523e320e5593c2

HTTP Headers

GET /index.php HTTP/1.1
Host: www.iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 03:14:57 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6121
Cache-Control: max-age=110016
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:10 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:48:46 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

www.iift2.com/tj.js

23.81.162.101

200 OK

520 B

URL HTTP/1.1
www.iift2.com/tj.js
IP
23.81.162.101:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
d251afdf67cad8d670b3b27263c761ae
f94dd6cca51247e052f8fb972f3d4b26a52d315d
9d09fa601221b8a8d123a70233abdefb7b398c154803635f173620777246ba33

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 03:14:57 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

push.services.mozilla.com/

35.164.56.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.56.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oshGtcGJU4dPdkd4lJY7hA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zxdeAfF/vbvVn/mm9JWQ4lRd8rs=

www.iift2.com/common.js

23.81.162.101

200 OK

1.1 kB

URL HTTP/1.1
www.iift2.com/common.js
IP
23.81.162.101:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Size
1.1 kB (1093 bytes)
Hash
b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e

HTTP Headers

GET /common.js HTTP/1.1
Host: www.iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 03:14:57 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.globalsign.com/gsrsaovsslca2018

151.101.86.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
8d9f5a676a34b2ebf4f6dfc3b7044bce
2cffc675f602d34dd00ffcbaeea4515075a31a47
e4b08a8c8a8321f6c727269131717bbc27ed9a3b941b1358b8c031f58ba737fe

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 27 Oct 2022 01:03:33 GMT
ETag: "2cffc675f602d34dd00ffcbaeea4515075a31a47"
Last-Modified: Sun, 23 Oct 2022 01:03:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 03:15:11 GMT
Age: 671
X-Served-By: cache-qpg1274-QPG, cache-bma1643-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 1
X-Timer: S1666494912.855717,VS0,VE0

ocsp.globalsign.com/gsrsaovsslca2018

151.101.86.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
8d9f5a676a34b2ebf4f6dfc3b7044bce
2cffc675f602d34dd00ffcbaeea4515075a31a47
e4b08a8c8a8321f6c727269131717bbc27ed9a3b941b1358b8c031f58ba737fe

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 27 Oct 2022 01:03:33 GMT
ETag: "2cffc675f602d34dd00ffcbaeea4515075a31a47"
Last-Modified: Sun, 23 Oct 2022 01:03:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 03:15:11 GMT
Age: 671
X-Served-By: cache-qpg1274-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 1
X-Timer: S1666494912.862763,VS0,VE1

www.iift2.com/favicon.ico

23.81.162.101

200 OK

785 B

URL HTTP/1.1
www.iift2.com/favicon.ico
IP
23.81.162.101:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
785 B (785 bytes)
Hash
8a849857fddf67c5568dacc44ccdb1a2
0f57da0cc1532ad794baca02d0b3412f4364bc7e
55cf5a499ebd750dd9155ad2f4f2ecbed68bf46b5b484f0fe5523e320e5593c2

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 03:14:58 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
77c9125b7ec8f0b59874f52496786867
aa423d0ab692e5d211351e09d406c811e56f7ce0
c27c57df120776ad92ece250dfe487d2278435552593b51d264957d42fc6c81b

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:12 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 03:46:19 GMT
Expires: Thu, 27 Oct 2022 03:46:18 GMT
Etag: "aa423d0ab692e5d211351e09d406c811e56f7ce0"
Cache-Control: max-age=346865,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74e903fe50b51-OSL

push.zhanzhang.baidu.com/push.js

112.34.113.148

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
112.34.113.148:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 23 Oct 2022 03:15:12 GMT
Etag: "4078521116"
Expires: Mon, 23 Oct 2023 03:15:12 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=9F11C61D6782CE7DF91E6153B1FC754F:FG=1; max-age=31536000; expires=Mon, 23-Oct-23 03:15:12 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

api.share.baidu.com/s.gif?l=http://www.iift2.com/index.php

182.61.201.93

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.iift2.com/index.php
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.iift2.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 23 Oct 2022 03:15:12 GMT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16091
Expires: Sun, 23 Oct 2022 07:43:23 GMT
Date: Sun, 23 Oct 2022 03:15:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16091
Expires: Sun, 23 Oct 2022 07:43:23 GMT
Date: Sun, 23 Oct 2022 03:15:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16091
Expires: Sun, 23 Oct 2022 07:43:23 GMT
Date: Sun, 23 Oct 2022 03:15:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda6a073-f00e-40b8-bbff-eeeffe03083d.jpeg

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda6a073-f00e-40b8-bbff-eeeffe03083d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
ab395803138af2f1c4a95b643a69fcd0
004c737da6827867b87a78f7f8d92699468b050b
7a1806038d98d478ec019ff97356b3255afbbea70a74180fdacd4958fe62b807

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda6a073-f00e-40b8-bbff-eeeffe03083d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9565
x-amzn-requestid: 84c51ee2-64f1-4236-a8c7-278a6e28b24a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRJaGUBIAMFcRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354623c-36a42ee364025d0270960976;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:35:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s0bwoRJ0cmtAkh-hR2PqFqcrthu7VTBiSdEN3ai8410XKLqkqF7yJg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
age: 19896
etag: "004c737da6827867b87a78f7f8d92699468b050b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11582 bytes)
Hash
e3c188b6071e2e3725d0eafc38e0a97a
894517b00535a08a4750510a8c74cd7bff5ce3a6
2b06cd431d93eb12fccc7061bd5a5be4e50b47c4410762034937584d8a8d06a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11582
x-amzn-requestid: 20307063-f434-4fb9-8cf8-d8c93b8fc3c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqFmeoAMF5EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-76156e37226bff5674a219e9;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: k3Dk91gOozMKKg38TkOGdPtPjfIEtHpHCvg1u3dJURco32kNiHJMQg==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:45:32 GMT
age: 19780
etag: "894517b00535a08a4750510a8c74cd7bff5ce3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d707e0f-487e-4d60-9095-919220ac939a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5702 bytes)
Hash
0ae6442b63de1e40cf33df80434401ad
e9b1889e93d17e11aec51d610b38cbea22937eb3
5caa6653896a6444c22f4b560de7df98be23c1b97d8dbc950095a53fc778ab35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d707e0f-487e-4d60-9095-919220ac939a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5702
x-amzn-requestid: f59514ec-7e53-4f36-a8c2-3db852d24681
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aO4E_F4ooAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f6d52-45f71e5f22c0e7377e3b5f44;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 03:21:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFtlPyJXGd2uWLahfdlQTTdj7FIoddYUmOfBaIpt89yIQlRPxSabkA==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 09:19:29 GMT
age: 64543
etag: "e9b1889e93d17e11aec51d610b38cbea22937eb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7588 bytes)
Hash
3c0675dc4be3e7a62f7083f4b34e5959
f6c43d035774306f3622029fb6a2c9d44086a3f8
56153c1a09bbf2a2d0079fe15ee54733460bbce7572d6b1b66972a0e00123b1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7588
x-amzn-requestid: b6a2786a-7863-49b7-b96f-09b94c44dcdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRm0GRfIAMFVcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635462f8-58ef725d7c9a71fc0c90a86d;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jtZFCDkxgLwr6JRka5OuVuFcxmZH4sNWrhT_kx1DkFTSN3NQ9NUu0Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
etag: "f6c43d035774306f3622029fb6a2c9d44086a3f8"
content-type: image/jpeg
age: 19896
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12031 bytes)
Hash
208445a6f07a7259b8a420c062a81998
50d9f1642c3c47504fb2d4086a40ae8fb9479b50
607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12031
x-amzn-requestid: b15d6e4e-4880-4686-80c1-ba49f705631c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFgJtHZHoAMFsMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bad71-3ef572702125f3b32ceece12;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:06:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3XZCGkKRjdtuIJ9Zp6WCsnBEuV7XimonJLAIL6OIFzYw1zPxBZOv_g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 08:04:17 GMT
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
content-type: image/jpeg
age: 69055
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3518 bytes)
Hash
85de0c3844ed8f109992d7c37cc5db1b
454136ba1c69e33ae3ba4fcfe4963bd492991e07
c8d2f6fabb976cc65c2029b102fee589b639c0f18110f1c2502733903da73d0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3518
x-amzn-requestid: 8b13ebbd-b086-4007-a17d-d8ab307e2575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFhSdGtEoAMFajw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634baf42-0ca66cd74f79dbfa54f3613b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:14:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xW8lD02LEzgVvUNKqXck7eMr2CXbt_xdVzN4H1M7qj4qQJpvXLFy5Q==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:48:55 GMT
age: 19577
etag: "454136ba1c69e33ae3ba4fcfe4963bd492991e07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11330 bytes)
Hash
f78bf8cf1aef94a434341631d1b2ca12
c21ae96ea433b807b75213f7bad0c671c8c3e022
6f920d35eae5386eb71e37a458b70b9f0ff3e3b7f4d247e249f404d2ead7f1ee

HTTP Headers

GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:12 GMT
Etag: 1454ffe3467ca66fa9642776c64a9e37
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0424DAFBC8DE33FE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?722bcf82d448b292cb72eeee90377ca2

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?722bcf82d448b292cb72eeee90377ca2
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11331 bytes)
Hash
34587c67afb34ec2612200a223d8e592
b133fbea68aa4fc6eb1d2d53e98079006fbeb738
d9c45cbe384d7babfcdf376c22051956a8962b0defdb61a54b4da6807ffeea91

HTTP Headers

GET /hm.js?722bcf82d448b292cb72eeee90377ca2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:12 GMT
Etag: 86e8da131b652b22dcba4e80d69809bd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=802DAE0A8520FB69; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
506f7a4ca0cb4363f74ffbdc125f0510
e83bdf3f7bd99bed24105da4913835ccd3d671d2
18ce3cdf9a66f714e9b5d03fa5cb1222e3b627a33d18a9cfb21e3556d4564204

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18CE3CDF9A66F714E9B5D03FA5CB1222E3B627A33D18A9CFB21E3556D4564204"
Last-Modified: Sat, 22 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5445
Expires: Sun, 23 Oct 2022 04:45:58 GMT
Date: Sun, 23 Oct 2022 03:15:13 GMT
Connection: keep-alive

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=993855914&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=993855914&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=993855914&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F56CD832FFFF3658; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1824768231&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1824768231&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1824768231&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7886722E7156D4C2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.pgurw.xyz/template/pgysvip/css/honglou.png

173.231.17.179

200 OK

19 kB

URL HTTP/2
www.pgurw.xyz/template/pgysvip/css/honglou.png
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Size
19 kB (19004 bytes)
Hash
d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e

HTTP Headers

GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Tue, 22 Nov 2022 03:15:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pgurw.xyz/template/pgysvip/images/1.gif

173.231.17.179

200 OK

254 B

URL HTTP/2
www.pgurw.xyz/template/pgysvip/images/1.gif
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Tue, 22 Nov 2022 03:15:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

pg.doitalie.com/news/index.php

20.247.116.64

200 OK

662 B

URL HTTP/2
pg.doitalie.com/news/index.php
IP
20.247.116.64:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
662 B (662 bytes)
Hash
22e45b926396d11c28c16a21ac9d3bb6
e5a3840aa14171234a8e881ad41c811f7988f655
1854cf8a37cc82b6efc034e2d0e756400d38a439ab5d88e629a0848d136c14fc

HTTP Headers

GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.21.6
date: Sun, 23 Oct 2022 03:15:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
f56bdb13ff03ca3d0f4a35beaca36d7d
b50216b789b0d644c66b35e66af3dc903c71d665
7c13e11314fd897bcf44e15b9cafde64fbe4bf02edc75e368c2cbecaba4bb9eb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 23 Oct 2022 03:15:14 GMT
Last-Modified: Sat, 22 Oct 2022 11:36:57 GMT
ETag: "6353d5d9-1d7"
Expires: Mon, 24 Oct 2022 11:36:57 GMT
Cache-Control: max-age=116503
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1666494914
Via: cache21.l2de2[473,473,200-0,M], cache21.l2de2[474,0], cache7.se1[494,494,200-0,M], cache7.se1[495,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 23 Oct 2022 03:15:14 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16664949144561447e

cdn.staticfile.org/jquery/1.9.1/jquery.js

47.246.44.211

200 OK

80 kB

URL HTTP/1.1
cdn.staticfile.org/jquery/1.9.1/jquery.js
IP
47.246.44.211:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
ASCII text
Size
80 kB (80123 bytes)
Hash
a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab

HTTP Headers

GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Sat, 22 Oct 2022 04:56:02 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: -scAAABffxk3SyAX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1666414562
Via: cache15.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[1,0]
Content-Encoding: gzip
Age: 80352
X-Cache: HIT TCP_MEM_HIT dirn:5:289962451
X-Swift-SaveTime: Sat, 22 Oct 2022 04:56:13 GMT
X-Swift-CacheTime: 86389
Timing-Allow-Origin: *
EagleId: 2ff62c9b16664949149621819e

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14150
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14150
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/fsfufevfozo0820fsfufevfozo041535.jpg

172.67.28.138

200 OK

5.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/fsfufevfozo0820fsfufevfozo041535.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.3 kB (5342 bytes)
Hash
696efdbefba8e9baa38d6f5cfdc593bd
cddcf347d0236408206937e54495136173633ee8
115b41842bac6d6bd6c2587ea0f17db1218964959386be340ab38f4b24099b60

HTTP Headers

GET /upload/vod/2022/10-23/08/fsfufevfozo0820fsfufevfozo041535.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 5342
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7398
content-disposition: inline; filename="fsfufevfozo0820fsfufevfozo041535.webp"
etag: "635488b4-1ce6"
last-modified: Sun, 23 Oct 2022 00:20:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aa7b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg

172.67.28.138

200 OK

9.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.9 kB (9852 bytes)
Hash
b4f8fa1b3af9723b191da1db636e3d15
e7a8d7afa1f1420b519f2b6a303a1473e47f0ce4
e8916db0ebdacd0720dd618601ffb77cb97ba62ab5f7a8638029ece3b1fe0abd

HTTP Headers

GET /upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9852
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10333
content-disposition: inline; filename="zmftmj4szbu0349zmftmj4szbu2175.webp"
etag: "5e7d0741-285d"
last-modified: Thu, 26 Mar 2020 19:49:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aa8b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/obvvv2ouqde0821obvvv2ouqde141613.jpg

172.67.28.138

200 OK

9.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/obvvv2ouqde0821obvvv2ouqde141613.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.5 kB (9492 bytes)
Hash
fe5c51c1f50e0866b87d3b858fcd0f1e
53239b065d18f7724ce762391270b680e2e82e6f
0de2ab6829c059d400ce1b201ddb4ddea5b32063e0c075dd397b6b8b09dd0980

HTTP Headers

GET /upload/vod/2022/10-23/08/obvvv2ouqde0821obvvv2ouqde141613.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9492
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10068
content-disposition: inline; filename="obvvv2ouqde0821obvvv2ouqde141613.webp"
etag: "635488fa-2754"
last-modified: Sun, 23 Oct 2022 00:21:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aaeb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/cwez4wsoj3o0821cwez4wsoj3o161617.jpg

172.67.28.138

200 OK

8.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/cwez4wsoj3o0821cwez4wsoj3o161617.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.1 kB (8106 bytes)
Hash
c125709f0aed78588ba1832652cae19b
bfc703852aa684b3152a58bdac15acea9b0f4ea0
7b3c381d68236b6e93c2ea41339fbac215340cd25640acd6aca03c8113644059

HTTP Headers

GET /upload/vod/2022/10-23/08/cwez4wsoj3o0821cwez4wsoj3o161617.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 8106
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10487
content-disposition: inline; filename="cwez4wsoj3o0821cwez4wsoj3o161617.webp"
etag: "635488fc-28f7"
last-modified: Sun, 23 Oct 2022 00:21:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab0b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/rpqocm2rua10349rpqocm2rua12479.jpg

172.67.28.138

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/rpqocm2rua10349rpqocm2rua12479.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (11248 bytes)
Hash
0895ffa46d6813dff59a1d1f485a1872
05e16f64a632df05e841a70a198f2bd8e863f9a4
262383fe39918945cd0725f45f3d299824829abc9bcb216e139808ac8ab7722d

HTTP Headers

GET /upload/vod/2020/03-27/03/rpqocm2rua10349rpqocm2rua12479.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 11248
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13084
content-disposition: inline; filename="rpqocm2rua10349rpqocm2rua12479.webp"
etag: "5e7d0744-331c"
last-modified: Thu, 26 Mar 2020 19:49:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aaab4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/qhux4qbebx00349qhux4qbebx02581.jpg

172.67.28.138

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/qhux4qbebx00349qhux4qbebx02581.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
12 kB (12516 bytes)
Hash
cfd92ac22fac04ce33101f02895438a4
a41c40596edce605b6b98ee201f1fa41d902d345
fa8b9c76dfb397b3bd5b725cda2b6de1cb0ccc0cf1054d13ce0776d2b0bc35b2

HTTP Headers

GET /upload/vod/2020/03-27/03/qhux4qbebx00349qhux4qbebx02581.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 12516
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13115, status=webp_bigger
etag: "5e7d0745-333b"
last-modified: Thu, 26 Mar 2020 19:49:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea37aabb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/x3ce11jy1ya0820x3ce11jy1ya261569.jpg

172.67.28.138

200 OK

8.0 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/x3ce11jy1ya0820x3ce11jy1ya261569.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.0 kB (7992 bytes)
Hash
db7282368f8ddb26d26bb7dc027ea9df
8196fc73d58d2006f8c96a00226a8a01ee789c96
ba7668d6854074b95b36c307a42aad6eb65ab6174a56fbbfc25456f973dfd43e

HTTP Headers

GET /upload/vod/2022/10-23/08/x3ce11jy1ya0820x3ce11jy1ya261569.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 7992
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8780
content-disposition: inline; filename="x3ce11jy1ya0820x3ce11jy1ya261569.webp"
etag: "635488ca-224c"
last-modified: Sun, 23 Oct 2022 00:20:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab3b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/o2zmsb5xrww0820o2zmsb5xrww281573.jpg

172.67.28.138

200 OK

6.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/o2zmsb5xrww0820o2zmsb5xrww281573.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.4 kB (6388 bytes)
Hash
f543318959c31cd63765b62700751ccc
38a48ad13afac5eb13cd432c885282d700921d5b
432348ed96867efaf81d57a2e5e98a29809f8272a55984b8f05d0dfa640071e2

HTTP Headers

GET /upload/vod/2022/10-23/08/o2zmsb5xrww0820o2zmsb5xrww281573.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6388
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7644
content-disposition: inline; filename="o2zmsb5xrww0820o2zmsb5xrww281573.webp"
etag: "635488cc-1ddc"
last-modified: Sun, 23 Oct 2022 00:20:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab6b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg

172.67.28.138

200 OK

9.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.8 kB (9840 bytes)
Hash
71dec45bc6414d35446f7b790ff28ee8
72f4cc5b08787080d7fc88ca40b18b3367229357
dd1b2b89536b324193371d89e9b369eeaec653f1a3f147d328187d765e4d0681

HTTP Headers

GET /upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9840
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10669
content-disposition: inline; filename="kogdazm0urj0349kogdazm0urj2889.webp"
etag: "5e7d0748-29ad"
last-modified: Thu, 26 Mar 2020 19:49:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aadb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg

172.67.28.138

200 OK

10 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (9956 bytes)
Hash
a6dfda9781e7f2478f79c9d23d658925
a93fbfcc561ea4d6590ee85fd944df26017a7deb
b35ab1bb702249af67552525a8af28c21654a999c82afc3aadf0da1484ee5e53

HTTP Headers

GET /upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9956
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11708
content-disposition: inline; filename="f135ecdlpt50349f135ecdlpt52785.webp"
etag: "5e7d0747-2dbc"
last-modified: Thu, 26 Mar 2020 19:49:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aacb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg

172.67.28.138

200 OK

6.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.9 kB (6932 bytes)
Hash
1033d39eb09b7476cfb4e073ae246f77
77369d24234edf66d8dac9355862c31b32c1d357
de486fbcd4e0aa09f55d40946ef298341cf811918d8aa51dcfdd3b88d9214416

HTTP Headers

GET /upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6932
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9123
content-disposition: inline; filename="h1n2yo2x3vo0821h1n2yo2x3vo171619.webp"
etag: "635488fd-23a3"
last-modified: Sun, 23 Oct 2022 00:21:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab1b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/52wtjm5rz25082052wtjm5rz25511575.jpg

172.67.28.138

200 OK

6.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/52wtjm5rz25082052wtjm5rz25511575.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.2 kB (6206 bytes)
Hash
81659c3902f40c66717ea9e5c13a12c2
175987eb3794c8a8e06f9ae1b3d9e443eb2af68a
a8800e8491fe9e3025c254e9d0aaa97c3b04900195f926aae019752951b7b871

HTTP Headers

GET /upload/vod/2022/10-23/08/52wtjm5rz25082052wtjm5rz25511575.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6206
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8536
content-disposition: inline; filename="52wtjm5rz25082052wtjm5rz25511575.webp"
etag: "635488e3-2158"
last-modified: Sun, 23 Oct 2022 00:20:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6360
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab7b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/u3ivpqbkzfd0820u3ivpqbkzfd271571.jpg

172.67.28.138

200 OK

13 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/u3ivpqbkzfd0820u3ivpqbkzfd271571.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (13018 bytes)
Hash
a287ef67d7da5e3a54b34108b75b550d
f7c9cf669a57d000b7218a0e55bf0bb7a89a1d43
6e5c43d35644b2fe98a27540ea73c94835051112e77698834b8037333d339ed8

HTTP Headers

GET /upload/vod/2022/10-23/08/u3ivpqbkzfd0820u3ivpqbkzfd271571.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 13018
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13306
content-disposition: inline; filename="u3ivpqbkzfd0820u3ivpqbkzfd271571.webp"
etag: "635488cb-33fa"
last-modified: Sun, 23 Oct 2022 00:20:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab5b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/qwq5nu4qcwb0820qwq5nu4qcwb081543.jpg

172.67.28.138

200 OK

5.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/qwq5nu4qcwb0820qwq5nu4qcwb081543.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.9 kB (5900 bytes)
Hash
8429e59d1b30a9d98fdd6e7661935606
3b949ac7391182596a03b82c4416c4dfb3d60773
ebafb2e18c2edc99bd684b1082fef74f4feb35b0d68b90ccaf407a689f465da3

HTTP Headers

GET /upload/vod/2022/10-23/08/qwq5nu4qcwb0820qwq5nu4qcwb081543.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 5900
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7108
content-disposition: inline; filename="qwq5nu4qcwb0820qwq5nu4qcwb081543.webp"
etag: "635488b8-1bc4"
last-modified: Sun, 23 Oct 2022 00:20:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab9b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rlov2obgwah0820rlov2obgwah071541.jpg

172.67.28.138

200 OK

6.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rlov2obgwah0820rlov2obgwah071541.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.6 kB (6642 bytes)
Hash
ff5b2b64b7a650626d558f0bf72cb100
75c05c09b0d2decdcc19aa6227ed8f62f5159488
5a3f23192d5a67c9229e5830ee52a2c55497476fd11ca68aca037163c36024e5

HTTP Headers

GET /upload/vod/2022/10-23/08/rlov2obgwah0820rlov2obgwah071541.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6642
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8889
content-disposition: inline; filename="rlov2obgwah0820rlov2obgwah071541.webp"
etag: "635488b7-22b9"
last-modified: Sun, 23 Oct 2022 00:20:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37abdb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/jzyvcmqquba0820jzyvcmqquba061539.jpg

172.67.28.138

200 OK

9.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/jzyvcmqquba0820jzyvcmqquba061539.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.8 kB (9802 bytes)
Hash
8a7fd725de331f7e79ac646938f74809
d976191b6032a1eb695df345f5ab4fcc74cb30ef
fca3f7d2fbd58ab27c5e3fad818162d00d6c22fb4f20d513fd9f7f332d2828bf

HTTP Headers

GET /upload/vod/2022/10-23/08/jzyvcmqquba0820jzyvcmqquba061539.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9802
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10625
content-disposition: inline; filename="jzyvcmqquba0820jzyvcmqquba061539.webp"
etag: "635488b6-2981"
last-modified: Sun, 23 Oct 2022 00:20:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac1b4fd-OSL
X-Firefox-Spdy: h2

www.pgurw.xyz/template/pgysvip/js/jquery.config.js

173.231.17.179

200 OK

2.2 kB

URL HTTP/2
www.pgurw.xyz/template/pgysvip/js/jquery.config.js
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
data
Size
2.2 kB (2214 bytes)
Hash
87e21dc7aac5097121c5dcf47d3d76c9
af120f0174212687eb8dd0948cb8e43ff7570190
ead446e0829391770ae2ce4788d088f6b1cfb272d1c2e389c452985938e45ea3

HTTP Headers

GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Sun, 23 Oct 2022 15:15:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a64492ca7d0ee6d3b8376a726b4ace86
9dd52b378d95d35ca1cf82f324c3f38e807f70cd
98311b316bbf6c9dbe0c9dc5002666e64a4e9f1ec15c376a0019c46fcb6db48b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 15:51:43 GMT
Expires: Fri, 28 Oct 2022 15:51:42 GMT
Etag: "9dd52b378d95d35ca1cf82f324c3f38e807f70cd"
Cache-Control: max-age=476786,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea36a1d0b55-OSL

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg

172.67.28.138

200 OK

7.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.6 kB (7564 bytes)
Hash
2e7deb92a6462e5739d3bd76d10f5400
2abf1828f46cebb31c90c5cd909cd1f846e14613
ef57ccb9f1602e96ab71543fa3e3e296603af4178cb6b03416fb5b99e16347a3

HTTP Headers

GET /upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 7564
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8660
content-disposition: inline; filename="rmgjvugi1db0820rmgjvugi1db051537.webp"
etag: "635488b5-21d4"
last-modified: Sun, 23 Oct 2022 00:20:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac4b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg

172.67.28.138

200 OK

6.0 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.0 kB (5990 bytes)
Hash
8cc194f43fba2b6cd8e1f944d9e03f2e
cf03d4e990b84d945cff0a886496cf94dd7ecefe
8db0e38a95e5d6e09b3ab9c6337567e81157f17a8df742c5f18a993ab90285a3

HTTP Headers

GET /upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 5990
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8287
content-disposition: inline; filename="4ec1ypeomhd08174ec1ypeomhd451353.webp"
etag: "63548829-205f"
last-modified: Sun, 23 Oct 2022 00:17:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac5b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rpkt1tsf12u0817rpkt1tsf12u441351.jpg

172.67.28.138

200 OK

9.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rpkt1tsf12u0817rpkt1tsf12u441351.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.9 kB (9936 bytes)
Hash
f13d4934c193baeb4b00d5bebf0957d0
7adadc0bd4084797ba3cb4fe73912b8e315c7585
46558a41f5a4bae0150ddcfccbeaa755d475a956bc120a92aea32596067e469f

HTTP Headers

GET /upload/vod/2022/10-23/08/rpkt1tsf12u0817rpkt1tsf12u441351.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9936
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10863
content-disposition: inline; filename="rpkt1tsf12u0817rpkt1tsf12u441351.webp"
etag: "63548828-2a6f"
last-modified: Sun, 23 Oct 2022 00:17:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac6b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xp5i22btamz0821xp5i22btamz151615.jpg

172.67.28.138

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xp5i22btamz0821xp5i22btamz151615.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Size
12 kB (11914 bytes)
Hash
e7efed6e197242447b3b861b2f5ab378
e6d85224ab77b54d71876ec8e58ac9e925476ddf
03a40ed6ab25a245738fc82a7422feaac16500834f2d80ed615aee79391d4a0f

HTTP Headers

GET /upload/vod/2022/10-23/08/xp5i22btamz0821xp5i22btamz151615.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 11914
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=12052, status=webp_bigger
etag: "635488fb-2f14"
last-modified: Sun, 23 Oct 2022 00:21:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea37aafb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/yoowdh0qihg0817yoowdh0qihg401343.jpg

172.67.28.138

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/yoowdh0qihg0817yoowdh0qihg401343.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 1281-3, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, maximum point enabled, calibration: offset 0.000000, slope 11.070587\012- data
Size
11 kB (10687 bytes)
Hash
792d36c301c6b70caf2a964edb78da34
d573c993f4fd0d901b607b594f4e65d20872c6bf
4721daca9001cb897fe32e82b01e24f8ed61811f1888a65f476fac7d29572851

HTTP Headers

GET /upload/vod/2022/10-23/08/yoowdh0qihg0817yoowdh0qihg401343.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 10687
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11186, status=webp_bigger
etag: "63548824-2bb2"
last-modified: Sun, 23 Oct 2022 00:17:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea37ab8b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/spgflvzqc4v0817spgflvzqc4v431349.jpg

172.67.28.138

200 OK

5.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/spgflvzqc4v0817spgflvzqc4v431349.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.8 kB (5806 bytes)
Hash
9ebcbe23673f463e0905bae2c31f3a63
c35b39d33b7be8debfb1f1665ad950ab83055867
a067fd3f0b3d858a35c2031d58fff8aa02555ce81d7cc059de3529a009eb1931

HTTP Headers

GET /upload/vod/2022/10-23/08/spgflvzqc4v0817spgflvzqc4v431349.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 5806
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8413
content-disposition: inline; filename="spgflvzqc4v0817spgflvzqc4v431349.webp"
etag: "63548827-20dd"
last-modified: Sun, 23 Oct 2022 00:17:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac9b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/d45exooekot0817d45exooekot421347.jpg

172.67.28.138

200 OK

8.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/d45exooekot0817d45exooekot421347.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.8 kB (8778 bytes)
Hash
62c04a12d4ee8d605984adf05dbd085e
1cdbb36bd8531eb59fbda12555230bd9affc3882
7bdc489af44d48c04509c422de1fbdc16e023160c4bcf601d1d50fc321443784

HTTP Headers

GET /upload/vod/2022/10-23/08/d45exooekot0817d45exooekot421347.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 8778
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9616
content-disposition: inline; filename="d45exooekot0817d45exooekot421347.webp"
etag: "63548826-2590"
last-modified: Sun, 23 Oct 2022 00:17:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea39acbb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg

172.67.28.138

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (11072 bytes)
Hash
896230a4a9c83d8bc5be2fbbf3052eb9
0f78d4292a7b2066a887061f0d712d2fdb67d85a
7096d95456835e2bdc761af6a7eacfc3c27a702d9b6f049c29589f745da52a53

HTTP Headers

GET /upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 11072
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11983
content-disposition: inline; filename="xg0mjarlcav0817xg0mjarlcav411345.webp"
etag: "63548825-2ecf"
last-modified: Sun, 23 Oct 2022 00:17:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea39accb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/0zy3mbrnldo08170zy3mbrnldo461357.jpg

172.67.28.138

200 OK

8.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/0zy3mbrnldo08170zy3mbrnldo461357.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.8 kB (8836 bytes)
Hash
cd04cf9079f535220c9332fceb1b65a7
38eca27f30bb889486c3eba44a3003174a96db14
e96957a73187b81f74aa009510681a0391984b2a12f3e26c2b7eacb81d433827

HTTP Headers

GET /upload/vod/2022/10-23/08/0zy3mbrnldo08170zy3mbrnldo461357.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 8836
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10088
content-disposition: inline; filename="0zy3mbrnldo08170zy3mbrnldo461357.webp"
etag: "6354882a-2768"
last-modified: Sun, 23 Oct 2022 00:17:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6534
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea39acfb4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/2at2lqodr0p08172at2lqodr0p451355.jpg

172.67.28.138

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/2at2lqodr0p08172at2lqodr0p451355.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
12 kB (12314 bytes)
Hash
4f1111ecb8ae8da60fa17311fc3f8e66
95366cf5e5000ae8139259c869431bf73c096a88
94b9c6990d9614a6c14e95d6048e27967f683597fd8750d3b983027b0530579d

HTTP Headers

GET /upload/vod/2022/10-23/08/2at2lqodr0p08172at2lqodr0p451355.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 12314
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13000, status=webp_bigger
etag: "6354882a-32c8"
last-modified: Sun, 23 Oct 2022 00:17:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea3aad2b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/x4hjb32tl0g0820x4hjb32tl0g031533.jpg

172.67.28.138

200 OK

6.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/x4hjb32tl0g0820x4hjb32tl0g031533.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.7 kB (6700 bytes)
Hash
242fe4e2c8539ce8bff4485df0443272
8a23c9ac443e1ed7ca91a67872c61d538a8d6179
1e1211e396b5a1183d0afc7c7e01622059e6995c02316633d70b5d767d2432d1

HTTP Headers

GET /upload/vod/2022/10-23/08/x4hjb32tl0g0820x4hjb32tl0g031533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6700
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7770
content-disposition: inline; filename="x4hjb32tl0g0820x4hjb32tl0g031533.webp"
etag: "635488b3-1e5a"
last-modified: Sun, 23 Oct 2022 00:20:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea3aad3b4fd-OSL
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14150
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/hyo2yuj3h1d0820hyo2yuj3h1d521579.jpg

172.67.28.138

200 OK

6.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/hyo2yuj3h1d0820hyo2yuj3h1d521579.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.8 kB (6790 bytes)
Hash
8a48cbede8f059dfa48ac3f70286c341
b2197c5ed6c318bb14a6b3bdbd46f8d5037b0a7c
c6ae4bc8ab6fe4aa1999a46521cc9a24c310f326922541289fb10c719c4147c4

HTTP Headers

GET /upload/vod/2022/10-23/08/hyo2yuj3h1d0820hyo2yuj3h1d521579.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6790
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7940
content-disposition: inline; filename="hyo2yuj3h1d0820hyo2yuj3h1d521579.webp"
etag: "635488e4-1f04"
last-modified: Sun, 23 Oct 2022 00:20:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea3bad9b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/ivswieror1m0821ivswieror1m171621.jpg

172.67.28.138

200 OK

5.0 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/ivswieror1m0821ivswieror1m171621.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.0 kB (4982 bytes)
Hash
5da64fbd0cbfe828418b78f3205213b1
d1abc22c63a9b349cf808f1b2ca1990dc56c8976
e52153efc0102c7f3c27c1521f6e50f99d03679231853c70bc3df76caf876565

HTTP Headers

GET /upload/vod/2022/10-23/08/ivswieror1m0821ivswieror1m171621.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 4982
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6392
content-disposition: inline; filename="ivswieror1m0821ivswieror1m171621.webp"
etag: "635488fd-18f8"
last-modified: Sun, 23 Oct 2022 00:21:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea3dae1b4fd-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/gnmtrxjapcj0821gnmtrxjapcj181623.jpg

172.67.28.138

200 OK

9.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/gnmtrxjapcj0821gnmtrxjapcj181623.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Size
9.8 kB (9789 bytes)
Hash
80d3486be77227f94a47f4d913797feb
7fe10e427fe496e7e5107a90775efd35da390fa3
19705834db3b7a3193503f61665c472080fc1619bae7d098229ab3656d4c1786

HTTP Headers

GET /upload/vod/2022/10-23/08/gnmtrxjapcj0821gnmtrxjapcj181623.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 9789
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10310, status=webp_bigger
etag: "635488fe-2846"
last-modified: Sun, 23 Oct 2022 00:21:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea3eaeab4fd-OSL
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0d607096796fae9041f3725b09948ae7
3299439fe1cac50c70d9e3222ff0b65e97e41971
caceda500017d14bb3abb20f7806b3cab8d818dad5f13b240b572606370af20c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CACEDA500017D14BB3ABB20F7806B3CAB8D818DAD5F13B240B572606370AF20C"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Sun, 23 Oct 2022 04:46:01 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2022/10-23/08/poixomjmfao0820poixomjmfao511577.jpg

172.67.28.138

200 OK

6.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/poixomjmfao0820poixomjmfao511577.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.4 kB (6400 bytes)
Hash
3c0f03458e8487149e9c046aa520c2be
5c8b696ec0f464090108e627bcf4d5277875c291
00af42e28870430c31c2cf88acb1a5c676023433648169d31359efb51f0fd0b0

HTTP Headers

GET /upload/vod/2022/10-23/08/poixomjmfao0820poixomjmfao511577.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6400
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7459
content-disposition: inline; filename="poixomjmfao0820poixomjmfao511577.webp"
etag: "635488e4-1d23"
last-modified: Sun, 23 Oct 2022 00:20:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea3faedb4fd-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b137c5e0bd47d360dc35db83d3bdcbf8
07833f7d24daf7e5a49b94cb751ffcfdc3d73fdf
9c3d2671a330a1e49ab6df130538d6ba283df13a0405f1902349d367282a24e9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 04:29:50 GMT
Expires: Thu, 27 Oct 2022 04:29:49 GMT
Etag: "07833f7d24daf7e5a49b94cb751ffcfdc3d73fdf"
Cache-Control: max-age=349473,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea3ea420b55-OSL

www.pgurw.xyz/template/pgysvip/images/video-mask.png

173.231.17.179

200 OK

107 B

URL HTTP/2
www.pgurw.xyz/template/pgysvip/images/video-mask.png
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

HTTP Headers

GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Tue, 22 Nov 2022 03:15:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pgurw.xyz/template/pgysvip/images/video-play.png

173.231.17.179

200 OK

1.6 kB

URL HTTP/2
www.pgurw.xyz/template/pgysvip/images/video-play.png
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/pgysvip/images/video-play.png HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Tue, 22 Nov 2022 03:15:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0d607096796fae9041f3725b09948ae7
3299439fe1cac50c70d9e3222ff0b65e97e41971
caceda500017d14bb3abb20f7806b3cab8d818dad5f13b240b572606370af20c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CACEDA500017D14BB3ABB20F7806B3CAB8D818DAD5F13B240B572606370AF20C"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Sun, 23 Oct 2022 04:46:01 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

acoossi.top/3acd6109c1789c68133976726c0d3a33.gif

104.21.234.200

200 OK

1.0 MB

URL HTTP/2
acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
IP
104.21.234.200:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
1.0 MB (1024160 bytes)
Hash
52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6

HTTP Headers

GET /3acd6109c1789c68133976726c0d3a33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/gif
content-length: 1024160
last-modified: Fri, 21 Jan 2022 10:02:31 GMT
etag: "61ea84b7-fa0a0"
expires: Sun, 20 Nov 2022 05:17:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 165494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvggYulYvl%2FKnKT7%2BjVPD98Q7Y4WqmLIE%2Bm7tvjG1tFLIJNGx2CayDME0OT%2FTMCf66wgBlQ%2Blwieov8T8t7beGdRY8UYrb0TSBtnDhqLMOabjrwVVGS6gjOhBW748w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea41826406b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pgurw.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2003:15:30%20GMT+0000%20(Coordinated%20Universal%20Time)

173.231.17.179

200 OK

3.1 kB

URL HTTP/2
www.pgurw.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2003:15:30%20GMT+0000%20(Coordinated%20Universal%20Time)
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size
3.1 kB (3123 bytes)
Hash
3b6c8b9e8a7e5cdee1f0b1638b9fb274
b04f56ee536ccdafe6a9d6eda184d5bb7aee28f9
36a6130a458cece7a2b24f3c9c556007c7812d352887fca91a4ead152d748b7e

HTTP Headers

GET /template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2003:15:30%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: application/json
content-length: 3123
last-modified: Fri, 07 Oct 2022 10:18:44 GMT
etag: "633ffd04-c33"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c36ddbf075c84655d4b726f7d2978d93
8f349e2a24d6c607c3de864ebdafe65afb9e46bb
d7c1b2d1ff34b9249351defb407c781530a9294696d0d5285db0fa1e28f1a966

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163308
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: "63548caf-116"
Expires: Tue, 25 Oct 2022 00:37:03 GMT
Last-Modified: Sun, 23 Oct 2022 00:37:03 GMT
Server: nginx
Content-Length: 278

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e537467902bf9c8955e71593fff47e5
e559a3706b6c34672588a234de3f7ec64e9e2ab4
a223ab32a14db069d49eb1ca33797eddd90c5c13b96b126508ae8b576cddfc00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A223AB32A14DB069D49EB1CA33797EDDD90C5C13B96B126508AE8B576CDDFC00"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17620
Expires: Sun, 23 Oct 2022 08:08:55 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
720416fea3a7100d6babeaebd277a300
c152912ecda2c5940c2efcc315ee5a5ef67da816
3423cba3230802c3db3f0e732ebcc999a4b211eb2f11f0d4776b7cb8c7afa4d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 14:36:05 GMT
Expires: Thu, 27 Oct 2022 14:36:04 GMT
Etag: "c152912ecda2c5940c2efcc315ee5a5ef67da816"
Cache-Control: max-age=385848,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea41819fac0-OSL

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
4a1b35561254de62fedfb80c9ddb2ccd
b291ac505e72f251e47abd47b32bad6b7f247c63
beb53f3ab8eec04a952bddda83daeeb1cee52ba53480eeaceb6a536a00fa0de2

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=732
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
X-N: S

cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif

104.21.63.42

200 OK

406 kB

URL HTTP/2
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP
104.21.63.42:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
406 kB (406419 bytes)
Hash
91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507

HTTP Headers

GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Fri, 04 Nov 2022 02:11:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1559001
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddwGWB%2BF%2BRr1I4cQ%2FpATDYZ%2FlCH%2FvjoiHyE6WmpbuiGG4nBJO4MF%2BsZiJwUtzWSvaiXwW3hnZ6OIAIewp6uopOL6HdpgfM1n4YlufDlF6BaVtJxXj93dNNCAQHUwh%2FxYfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea54e6ab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
4a1b35561254de62fedfb80c9ddb2ccd
b291ac505e72f251e47abd47b32bad6b7f247c63
beb53f3ab8eec04a952bddda83daeeb1cee52ba53480eeaceb6a536a00fa0de2

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=768
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
4a1b35561254de62fedfb80c9ddb2ccd
b291ac505e72f251e47abd47b32bad6b7f247c63
beb53f3ab8eec04a952bddda83daeeb1cee52ba53480eeaceb6a536a00fa0de2

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=821
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
4a1b35561254de62fedfb80c9ddb2ccd
b291ac505e72f251e47abd47b32bad6b7f247c63
beb53f3ab8eec04a952bddda83daeeb1cee52ba53480eeaceb6a536a00fa0de2

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=821
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
X-N: S

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c36ddbf075c84655d4b726f7d2978d93
8f349e2a24d6c607c3de864ebdafe65afb9e46bb
d7c1b2d1ff34b9249351defb407c781530a9294696d0d5285db0fa1e28f1a966

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=163308
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: "63548caf-116"
Expires: Tue, 25 Oct 2022 00:37:03 GMT
Last-Modified: Sun, 23 Oct 2022 00:37:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278

kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif

66.150.130.123

301 Moved Permanently

162 B

URL HTTP/2
kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
IP
66.150.130.123:0
ASN
#35913 DEDIPATH-LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: text/html
content-length: 162
location: https://kvkbbb.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4166f8a3d951ed202e826d6d5c5429a
1749c1e4a3833ebf3723c053b80b54d61fdd5661
6b0b796dd3120da995118d6b37e0c3e34dbfdb939d6bea76c84d612999a991bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B0B796DD3120DA995118D6B37E0C3E34DBFDB939D6BEA76C84D612999A991BB"
Last-Modified: Fri, 21 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7051
Expires: Sun, 23 Oct 2022 05:12:46 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
8b3d366ab895876de1d3bd8ae3c3b418
03f5af52745eed9d277efcb728a35820805bfa49
e4e0ff5992ed6135faa976eea43bbcfabb41788f48b376e0b5e4debd100e2ca3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=162190
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: "63548851-116"
Expires: Tue, 25 Oct 2022 00:18:25 GMT
Last-Modified: Sun, 23 Oct 2022 00:18:25 GMT
Server: nginx
Content-Length: 278

ttsetupian.cc/lm/cstggspk01.gif

172.67.200.154

200 OK

246 kB

URL HTTP/2
ttsetupian.cc/lm/cstggspk01.gif
IP
172.67.200.154:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 320 x 190\012- data
Size
246 kB (246207 bytes)
Hash
e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318

HTTP Headers

GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Tue, 15 Nov 2022 22:43:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 494375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRYTY873f0sYMvpwLNYjX5Mu4zj2YOx%2FrQBI82m1d2N%2Bv9Wa5lUOJd8tpWZxnmGPjPdws2B38XngSC3VenaSD7TUd1v7IA4bYOlxUcJnZ8ofkxFIMSueQl6AGKMxogKy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea6acd4b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
8b3d366ab895876de1d3bd8ae3c3b418
03f5af52745eed9d277efcb728a35820805bfa49
e4e0ff5992ed6135faa976eea43bbcfabb41788f48b376e0b5e4debd100e2ca3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=162190
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: "63548851-116"
Expires: Tue, 25 Oct 2022 00:18:25 GMT
Last-Modified: Sun, 23 Oct 2022 00:18:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9e3a4e35ac9d7f505a7704dad11efa5e
855bc515d50be14ff5706b9fcb0886f394ed35c9
51daa7132e7bff0e7ba441d30d466ba17c5fc34ceba0a8414b0ce1ccc10ca5d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 06:21:32 GMT
Expires: Thu, 27 Oct 2022 06:21:31 GMT
Etag: "855bc515d50be14ff5706b9fcb0886f394ed35c9"
Cache-Control: max-age=356175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea5bacc0b55-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.86.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
36ee59b4047af6dbd398723d665dcdae
ffed26d94a24f3a820f2bf0e8a45a55857aa9d41
6407f226636391813816f24439a8d4491874b6f6ad112858ae813918ddd7254d

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 27 Oct 2022 00:59:42 GMT
ETag: "ffed26d94a24f3a820f2bf0e8a45a55857aa9d41"
Last-Modified: Sun, 23 Oct 2022 00:59:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 03:15:15 GMT
Age: 503
X-Served-By: cache-qpg1239-QPG, cache-bma1670-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 6, 1
X-Timer: S1666494916.708447,VS0,VE1

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
831f227b79682eb91acab7f6590916f0
35bb66e440e5641b38aecd3909a1c762aaa51883
41dd811e3d73fd7292e1a79a4a045d4406e315f236e07990eac47e5d391de4cc

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "41DD811E3D73FD7292E1A79A4A045D4406E315F236E07990EAC47E5D391DE4CC"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14973
Expires: Sun, 23 Oct 2022 07:24:48 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef75d36925bf696e792d649223ed675e
f009d5acd569610a1f6db65c4f830aa0869155b2
35ca52dd3c1396b400c304a0c4be9a3004fce98f0acc0b9fc06bc716c09fbc8d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CA52DD3C1396B400C304A0C4BE9A3004FCE98F0ACC0B9FC06BC716C09FBC8D"
Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10844
Expires: Sun, 23 Oct 2022 06:15:59 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
552e61fc059bb81ae37bc3555985cd6f
061294cb4c79c3a8b4e907621fb2ebecb8d59f8a
3dcf96624e2396156b770659d75d326319c09c5fb6896aaa84d82fd9cb1c3e42

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DCF96624E2396156B770659D75D326319C09C5FB6896AAA84D82FD9CB1C3E42"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=287
Expires: Sun, 23 Oct 2022 03:20:02 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

kvkbbb.top/1a182b41455cd11a06b7a6c90623f9cc.gif

104.21.45.17

200 OK

832 kB

URL HTTP/2
kvkbbb.top/1a182b41455cd11a06b7a6c90623f9cc.gif
IP
104.21.45.17:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
832 kB (832544 bytes)
Hash
8a1b22cb6be2662f8c75ace7480ea0e6
380d85b1d74b702a780ee04965fdb9908ab73171
928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0

HTTP Headers

GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kvkbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurw.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/gif
content-length: 832544
last-modified: Thu, 30 Jun 2022 12:03:43 GMT
etag: "62bd911f-cb420"
expires: Wed, 16 Nov 2022 15:56:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 472754
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3uUBiil2bp%2Bd7Qu9rAMX86bMJXnTPOJhzMjdgTzSRdauzwJbimOwDjBIIouWykUdVbs49ZmV%2FLdbhdKfb%2FQjMZzlPQMSaiyO9s0uVXWXXuRvye1lg3jl68UouuX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea76a690b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif

78.46.107.74

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
78.46.107.74:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
831f227b79682eb91acab7f6590916f0
35bb66e440e5641b38aecd3909a1c762aaa51883
41dd811e3d73fd7292e1a79a4a045d4406e315f236e07990eac47e5d391de4cc

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "41DD811E3D73FD7292E1A79A4A045D4406E315F236E07990EAC47E5D391DE4CC"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14973
Expires: Sun, 23 Oct 2022 07:24:48 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive

hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11331 bytes)
Hash
44e6287094621e41325dee4cd377abc3
b7f086992627269425084682f83a41dc8ed3cb8e
c24b28e27b40379b18ac13609762dae3e5991835fbd690b739242bc51927c0df

HTTP Headers

GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: a1deaac45292578131c7e4670014dce2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9DDA874B3AD2E2A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11330 bytes)
Hash
c33c92b57e8dfb01aedd91ed7eff842f
329b3bdb070dbb0dc0c21d4cb0301b03c0eac5db
e7bf8c5b0e7815f7dccaa35a313421449e0f04be008d800e47cdb3db501f4423

HTTP Headers

GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: cbb213ece286a7da96ddc5c750848670
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=774D9E0EE3F0A394; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11330 bytes)
Hash
c9092514e73567a9adb4d3545a43724d
278e5418390694fab1037e991d3f2e2dfeac6d20
37ee314307fe27bbe4970e04fa383b96cf58edc25749c1001523fa5d4a2211d9

HTTP Headers

GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: a712c094fe8ef04895a2c9c607c97118
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=72381DC11B9C129B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

pg.doitalie.com/news/data.php

20.247.116.64

200 OK

143 kB

URL HTTP/2
pg.doitalie.com/news/data.php
IP
20.247.116.64:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
143 kB (143000 bytes)
Hash
5ab61fbf85aa54aaff67920f7cb54752
c396e57da1f63e35b1a49e739f4cddea7321271e
260e641dd93ae43cc73df56ec885c0b552980953ed253c5b4ea00bc3b4210b6e

HTTP Headers

GET /news/data.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Sun, 23 Oct 2022 03:15:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg

172.67.28.138

200 OK

13 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
13 kB (13120 bytes)
Hash
c89daa928a160401b01e586356acb68b
bf0bf9b951f911fb08fa17742fb31cba6c3d4d87
b9b0aa065a2b7e642f1e6224f34e7fd606c9b5aba54674e51ab9a2e912e12617

HTTP Headers

GET /upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: image/jpeg
content-length: 13120
last-modified: Thu, 26 Mar 2020 19:49:23 GMT
etag: "5e7d0743-3340"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea37aa9b4fd-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4835c48f4652b65faac0f6174d499d9d
20e92c4af6df75008d24fa768c30b191bf4bebdb
c197fd23a8c3bd972d95924c9d1f802bb7842f6667835966b4b1a8ab4e772d1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C197FD23A8C3BD972D95924C9D1F802BB7842F6667835966B4B1A8AB4E772D1F"
Last-Modified: Sat, 22 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9346
Expires: Sun, 23 Oct 2022 05:51:02 GMT
Date: Sun, 23 Oct 2022 03:15:16 GMT
Connection: keep-alive

79151879798.com/b8ca9e8def054d5284828d03b701ef43.gif

103.170.15.77

200 OK

654 kB

URL HTTP/1.1
79151879798.com/b8ca9e8def054d5284828d03b701ef43.gif
IP
103.170.15.77:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
654 kB (653713 bytes)
Hash
6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /b8ca9e8def054d5284828d03b701ef43.gif HTTP/1.1
Host: 79151879798.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62d16582-9f991"
Date: Sat, 15 Oct 2022 19:29:40 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 15 Jul 2022 13:02:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-07
Content-Length: 653713

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7812e5da97c7cb67a88ac756ef58aa71
d3d2bb0940804c3912f773ed6f8091b9220df170
8180b81a2a1f07b4917f5efe9faaa83b3d78affb519b38fed99cc4e0dccac634

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124040
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:16 GMT
Etag: "6353f34c-117"
Expires: Mon, 24 Oct 2022 13:42:36 GMT
Last-Modified: Sat, 22 Oct 2022 13:42:36 GMT
Server: nginx
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56ede933a61d19a6c735384b2e588306
81938e9fa9baeda8a3c696d833dfbea35bf24214
8e5669dc9a2cbbd7ea251ebda8fd8fb6dea98e82aee4fb3d3d3dfeed47117e4b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E5669DC9A2CBBD7EA251EBDA8FD8FB6DEA98E82AEE4FB3D3D3DFEED47117E4B"
Last-Modified: Sat, 22 Oct 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5468
Expires: Sun, 23 Oct 2022 04:46:24 GMT
Date: Sun, 23 Oct 2022 03:15:16 GMT
Connection: keep-alive

nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif

104.21.55.74

200 OK

524 kB

URL HTTP/2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 325 x 143\012- data
Size
524 kB (523775 bytes)
Hash
2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurw.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Wed, 16 Nov 2022 14:41:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 477205
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEhnvVy%2BkN3GEiTbQYPkI7V8XtUMuyh4gBNr5Fo76MLGpupVSbiYn3FpvxuwusHMEN3lZyR4ZdWrwGx%2BAS6mlUZPYjjAJjr3P0QdkwiNNOyUuB%2Fe5VI1%2Bdk2of2m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea9ecfeb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (621)
Size
11 kB (11334 bytes)
Hash
9e85c93601e3492752a8504becacb2eb
ac2e63659bab786d8bf3f9da3956aecccc41cdc0
91516b98ab03efed14b7b4d53de9f81d32c1702e7112ba5f71b57328fe7eeb94

HTTP Headers

GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: 787938fc3ab0bf39df167063104d92f9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=605155233BD5B581; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

93533557591.com/109e604a3c6249d594c56004b700f28c.gif

103.170.15.101

200 OK

720 kB

URL HTTP/1.1
93533557591.com/109e604a3c6249d594c56004b700f28c.gif
IP
103.170.15.101:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
720 kB (719745 bytes)
Hash
a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Thu, 20 Oct 2022 20:46:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Length: 719745

kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1837756564&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1837756564&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1837756564&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6529D7A678557470; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7812e5da97c7cb67a88ac756ef58aa71
d3d2bb0940804c3912f773ed6f8091b9220df170
8180b81a2a1f07b4917f5efe9faaa83b3d78affb519b38fed99cc4e0dccac634

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=124040
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:16 GMT
Etag: "6353f34c-117"
Expires: Mon, 24 Oct 2022 13:42:36 GMT
Last-Modified: Sat, 22 Oct 2022 13:42:36 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
12cfd64f476ae1ab5d053e261d156b2f
fe9d29b820da5b83b0cc78d1f03431c09ce53056
d9f2edd0c21802264e0de924aa0492a4df2e8dcddc9eb82538a18bceb3b78d32

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 05:53:24 GMT
Expires: Sat, 29 Oct 2022 05:53:23 GMT
Etag: "fe9d29b820da5b83b0cc78d1f03431c09ce53056"
Cache-Control: max-age=527286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea9c945fac0-OSL

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1844609368&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1844609368&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1844609368&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9B12E77AA0F2966A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
91164b7133c6e7ac3e9110319081a03d
dda10682cb0d10fb8eac57c9bbc23817e06d3856
c7442a21e979bbe1382f86aca274544bbf6a945a6dec45da0e4fe222b81fbc29

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 07:10:51 GMT
Expires: Fri, 28 Oct 2022 07:10:50 GMT
Etag: "dda10682cb0d10fb8eac57c9bbc23817e06d3856"
Cache-Control: max-age=445533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea9ec210b55-OSL

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2066174615&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2066174615&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2066174615&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6F963DD5863C5C65; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
64041e03ea46bd5edeb78fe8744daf8f
b6a3c7cd621d194fa4298ed0bf9e023cd9408030
b1bb46114dd0dd9f05c11d6b206a021e69a0f1a322048093d3b972bedea7b769

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 15:45:42 GMT
Expires: Fri, 28 Oct 2022 15:45:41 GMT
Etag: "b6a3c7cd621d194fa4298ed0bf9e023cd9408030"
Cache-Control: max-age=476424,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74eaafee2b517-OSL

65686232255.com/53218c3090e04eccae534334cb03ed4a.gif

45.61.212.227

200 OK

580 kB

URL HTTP/1.1
65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
IP
45.61.212.227:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
580 kB (580315 bytes)
Hash
1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /53218c3090e04eccae534334cb03ed4a.gif HTTP/1.1
Host: 65686232255.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630cc146-8dadb"
Date: Tue, 30 Aug 2022 03:37:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 29 Aug 2022 13:38:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-27
Content-Length: 580315

vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif

103.170.15.42

200 OK

259 kB

URL HTTP/2
vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
IP
103.170.15.42:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
259 kB (259280 bytes)
Hash
53d090335e8e78b28c5a51a7bcd9f866
42c109960113d98371ae8b95c216ffd7ef1a2fcd
66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc

HTTP Headers

GET /6218a3c2db7446fb906b0de97f74ff22.gif HTTP/1.1
Host: vcwzfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456f4-3f4d0"
server: nginx
date: Fri, 16 Sep 2022 14:50:52 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:59:00 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-32
content-length: 259280
X-Firefox-Spdy: h2

taiwtp1.com/xin/96060.gif

220.128.218.220

200 OK

69 kB

URL HTTP/2
taiwtp1.com/xin/96060.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 960 x 60\012- data
Size
69 kB (68564 bytes)
Hash
1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2

HTTP Headers

GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:13:13 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Tue, 22 Nov 2022 03:13:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
704799ae6c5ecf38cb79e16d967e1e3a
8f09db05102c95925c9a6a970f8b4f6c7e424080
b4b825bb582701507a14a12fb56079b9499f01024d3f665719461ace208e9396

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157870
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:16 GMT
Etag: "63547772-117"
Expires: Mon, 24 Oct 2022 23:06:26 GMT
Last-Modified: Sat, 22 Oct 2022 23:06:26 GMT
Server: nginx
Content-Length: 279

img.x969.xyz/images/633d1a785373951e7c36e4d1.gif

23.225.222.2

302 Found

45 kB

URL HTTP/2
img.x969.xyz/images/633d1a785373951e7c36e4d1.gif
IP
23.225.222.2:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 300 x 250\012- data
Size
45 kB (44685 bytes)
Hash
27a2817f52fee59d33a011663237afdc
e7d0b357438c2865cebc6c484e5d59bc1f048593
646c480e9b32d6623a25cb02951e9e2be603ff3926511754c6994f29857626fd

HTTP Headers

GET /images/633d1a785373951e7c36e4d1.gif HTTP/1.1
Host: img.x969.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
704799ae6c5ecf38cb79e16d967e1e3a
8f09db05102c95925c9a6a970f8b4f6c7e424080
b4b825bb582701507a14a12fb56079b9499f01024d3f665719461ace208e9396

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=157870
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:16 GMT
Etag: "63547772-117"
Expires: Mon, 24 Oct 2022 23:06:26 GMT
Last-Modified: Sat, 22 Oct 2022 23:06:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1884138167&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5417&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1884138167&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5417&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1884138167&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5417&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8B5588CE824E6016; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

33869213.com/83ba7e533208445fa097e17c23a48e1c.gif

20.24.200.53

200 OK

37 kB

URL HTTP/1.1
33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
IP
20.24.200.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 320 x 240\012- data
Size
37 kB (36943 bytes)
Hash
7ded2042a95c6c192a2c06e07075236e
1fc93212b6c5296bb2e0b403884c9b37e93c27a6
8095fedc5bd55fab27f9e37eed655234aab58b2925ea2494b04dcf5ae089f699

HTTP Headers

GET /83ba7e533208445fa097e17c23a48e1c.gif HTTP/1.1
Host: 33869213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Jul 2022 07:53:43 GMT
ETag: W/"62dcfa87-b269"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif

20.24.101.60

200 OK

37 kB

URL HTTP/1.1
u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
IP
20.24.101.60:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 320 x 240\012- data
Size
37 kB (37225 bytes)
Hash
910f18fdc66120d774b5e52a309b0cfd
cf303808e3664ff87c387824d6f32df1df8af56c
01c54f3caed68e21a22c348b63a3e13e26a36ae0625f12d30d704f6d5d49db41

HTTP Headers

GET /ee2552e0433e4f19ab771ef923ba5299.gif HTTP/1.1
Host: u0053.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:58 GMT
ETag: W/"629365a2-92cd"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

taiwtp1.com/img/200200.gif

220.128.218.220

200 OK

75 kB

URL HTTP/2
taiwtp1.com/img/200200.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 200 x 200\012- data
Size
75 kB (75259 bytes)
Hash
03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

HTTP Headers

GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:13:13 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Tue, 22 Nov 2022 03:13:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

151.101.86.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
2e1f1a562b5399adcee6268859c97788
5d3350df29df8f68f09da97eff6c34b7695f5995
ab98c1e39eb2c010293df9da7d0024032ad965d15d912c4d39c1b2540530d19d

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 27 Oct 2022 02:41:47 GMT
ETag: "5d3350df29df8f68f09da97eff6c34b7695f5995"
Last-Modified: Sun, 23 Oct 2022 02:41:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 03:15:16 GMT
Age: 2008
X-Served-By: cache-qpg1257-QPG, cache-bma1643-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 7, 0
X-Timer: S1666494917.727011,VS0,VE196

unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif

103.170.15.107

200 OK

112 kB

URL HTTP/1.1
unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
IP
103.170.15.107:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
112 kB (112447 bytes)
Hash
41a695940d0c5bd9d1f0ad33ab681ccf
f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6

HTTP Headers

GET /1000c6da2a3c4746b97daa78f8f1b65f.gif HTTP/1.1
Host: unpfqc9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62935fa0-1b73f"
Date: Sun, 16 Oct 2022 22:11:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 29 May 2022 11:57:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-37
Content-Length: 112447

vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif

103.189.108.93

200 OK

32 kB

URL HTTP/2
vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
IP
103.189.108.93:0
ASN
#0

File type
GIF image data, version 89a, 320 x 240\012- data
Size
32 kB (31713 bytes)
Hash
8e006882641a7a80a721cc7067dcf340
f45892ae4a2e8fccd1aa806c478c8311e9b13bf1
c031c60fa1e0afe9efaa02b19c928f634aaa26a52363b1ba5da0d1c23b4f23ae

HTTP Headers

GET /7f743b72ee5144caa28f7e1d8a8b2ab9.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456dc-7be1"
server: nginx
date: Mon, 26 Sep 2022 00:05:51 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:58:36 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-083
content-length: 31713
X-Firefox-Spdy: h2

ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg

47.246.44.229

200 OK

824 kB

URL HTTP/1.1
ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 70\012- data
Size
824 kB (824465 bytes)
Hash
83a0fbbc5111aed24a0cc5c8de39e8ec
b255f9c8851c05cabf151fd8f2d73c4ff2a071cf
259f28148b6b90e52934d8deafbb2b59f3f0c0df235132b2d3e1fb631e7223ba

HTTP Headers

GET /udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 824465
Connection: keep-alive
Date: Thu, 20 Oct 2022 13:31:47 GMT
Cache-Control: max-age=2592000
Expires: Thu, 27 Oct 2022 13:31:46 GMT
Last-Modified: Wed, 05 Oct 2022 05:47:42 GMT
x-amz-request-id: 11f5c22b3c934910885b0bdfd398d663
x-amz-id-2: fGBhaN0tH5VnuPNHQ9xDmYKsiLe5h0O7KcnDUmN/bfIcoxMhcRLb+YBZMOoV8ps=
Accept-Ranges: bytes
ETag: "83A0FBBC5111AED24A0CC5C8DE39E8EC"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 666272707357587182
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.229
X-Kimg: egae
Ali-Swift-Global-Savetime: 1666272707
Via: cache66.l2nu20-8[0,0,200-0,H], cache8.l2nu20-8[1,0], cache25.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache4.se1[0,0,200-0,H], cache5.se1[2,0]
Age: 222209
X-Cache: HIT TCP_MEM_HIT dirn:2:195548164
X-Swift-SaveTime: Fri, 21 Oct 2022 04:36:31 GMT
X-Swift-CacheTime: 31049716
kwaisign: null
X-Ks-Request-ID: 2ff62c9916664949169108073e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9916664949169108073e

6655cy.com/cdn/ashkad.gif

154.197.15.81

200 OK

311 kB

URL HTTP/2
6655cy.com/cdn/ashkad.gif
IP
154.197.15.81:0
ASN
#0

File type
GIF image data, version 89a, 200 x 200\012- data
Size
311 kB (311408 bytes)
Hash
99ed707e8993e93bff73dbb369e89b3e
21d1ef9c09316253b35c31df246c4cef8766df62
99d1c91a54ee659b7055b38390708fb6405f9b8e8f4d70a20616ced03adbfb62

HTTP Headers

GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: image/gif
content-length: 311408
last-modified: Mon, 15 Aug 2022 08:53:58 GMT
etag: "62fa09a6-4c070"
expires: Tue, 22 Nov 2022 02:10:12 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0

43.129.255.47

200 OK

246 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0
IP
43.129.255.47:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 120\012- data
Size
246 kB (245730 bytes)
Hash
e7c9418cc4b1db452845d03cb45877a6
d0706feced92a11abc2cb112d7f031238fd614e9
6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b

HTTP Headers

GET /qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: image/gif
content-length: 245730
vary: Accept,Origin
last-modified: Sun, 02 Oct 2022 13:04:42 GMT
cache-control: max-age=2592000
x-delay: 30878 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 245730
chid: 0
fid: 0
x-nws-log-uuid: 0936e48f-8677-4682-ac04-3f077264f250
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
2a1a125e5ddf3e2808aeefc17cc93a3a
b62bb2b3019adceb85ec05183201cf1442b0da97
5d60ae79f9d810fc84f09be8b03a702460b1ea2fbea7a3423378590e3b0ce406

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 23 Oct 2022 03:15:17 GMT
Last-Modified: Sat, 22 Oct 2022 23:18:51 GMT
ETag: "63547a5b-1d7"
Expires: Mon, 24 Oct 2022 23:18:51 GMT
Cache-Control: max-age=158614
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1666494917
Via: cache3.l2de2[504,504,200-0,M], cache3.l2de2[520,0], cache7.se1[541,540,200-0,M], cache7.se1[541,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 23 Oct 2022 03:15:17 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16664949170023225e

si1.go2yd.com/get-image/0wut3IuOIN0

58.254.180.65

200 OK

51 kB

URL HTTP/2
si1.go2yd.com/get-image/0wut3IuOIN0
IP
58.254.180.65:0
ASN
#136958 China Unicom Guangdong IP network

File type
GIF image data, version 89a, 320 x 240\012- data
Size
51 kB (50826 bytes)
Hash
7a02a69b00eebfc2977f6d8417cf8141
2203e026eacda489b6e3aa673d5c14bb1526a6dd
e994a6c450acbc20fdca555a5a30d15af3af102f608bbd8a6a5bd295a1ee41ac

HTTP Headers

GET /get-image/0wut3IuOIN0 HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 23 Oct 2022 03:15:17 GMT
content-type: image/gif
content-length: 50826
last-modified: Sun, 09 Jan 2022 13:06:09 GMT
etag: "7a02a69b00eebfc2977f6d8417cf8141"
age: 306636
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80ha4obs6l5hib1npolkgidlol
content-md5: egKmmwDuv8KXf22EF8+BQQ==
timing-allow-origin: *
ohc-cache-hit: gz3un50 [2], zhuzuncache50 [4], bdix189 [1]
ohc-file-size: 50826
x-cache-status: HIT
X-Firefox-Spdy: h2

www.pgurw.xyz/template/pgysvip/css/zui.css

173.231.17.179

200 OK

0 B

URL HTTP/2
www.pgurw.xyz/template/pgysvip/css/zui.css
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/pgysvip/css/zui.css HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 03:05:22 GMT
vary: Accept-Encoding
etag: W/"62621b72-16462"
expires: Sun, 23 Oct 2022 15:15:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.pgurw.xyz/template/pgysvip/css/ate.css

173.231.17.179

200 OK

0 B

URL HTTP/2
www.pgurw.xyz/template/pgysvip/css/ate.css
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/pgysvip/css/ate.css HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Sun, 23 Oct 2022 15:15:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations