firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 02:52:47 GMT
Expires: Sun, 23 Oct 2022 03:04:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Toz6ObpgU5jdS03Z8dhwtDLgbgqqp705E1ks-l1LIdaLPOBkSXsS3w==
Age: 1343
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15461
Expires: Sun, 23 Oct 2022 07:32:51 GMT
Date: Sun, 23 Oct 2022 03:15:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2698
Expires: Sun, 23 Oct 2022 04:00:08 GMT
Date: Sun, 23 Oct 2022 03:15:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y6tD4iCQIRnqnK74bNPHLC60PtIVrg4kTqc5D1Ky5FRg8firXf65eS4dy9Hj1oJ2ml7SkDVya7c=
x-amz-request-id: 1GPEA7X8VVSBKE9H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 02:37:48 GMT
age: 2242
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
iift2.com/
23.81.162.101301 Moved Permanently 0 B IP 23.81.162.101:0
ASN #7203 LEASEWEB-USA-SFO-12
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 23 Oct 2022 03:14:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.iift2.com/index.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 02:43:40 GMT
Expires: Sun, 23 Oct 2022 03:17:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WUHj0pzRqd8RF4ro-mvaZtC7BhhQlrFWbSgPTI_a8daLoemAX2dYig==
Age: 1890
www.iift2.com/index.php
23.81.162.101200 OK 785 B IP 23.81.162.101:0
ASN #7203 LEASEWEB-USA-SFO-12
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 8a849857fddf67c5568dacc44ccdb1a2
0f57da0cc1532ad794baca02d0b3412f4364bc7e
55cf5a499ebd750dd9155ad2f4f2ecbed68bf46b5b484f0fe5523e320e5593c2
GET /index.php HTTP/1.1
Host: www.iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 03:14:57 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6121
Cache-Control: max-age=110016
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:10 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:48:46 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.iift2.com/tj.js
23.81.162.101200 OK 520 B IP 23.81.162.101:0
ASN #7203 LEASEWEB-USA-SFO-12
File type ASCII text, with CRLF line terminators
Hash d251afdf67cad8d670b3b27263c761ae
f94dd6cca51247e052f8fb972f3d4b26a52d315d
9d09fa601221b8a8d123a70233abdefb7b398c154803635f173620777246ba33
GET /tj.js HTTP/1.1
Host: www.iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 03:14:57 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oshGtcGJU4dPdkd4lJY7hA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zxdeAfF/vbvVn/mm9JWQ4lRd8rs=
www.iift2.com/common.js
23.81.162.101200 OK 1.1 kB IP 23.81.162.101:0
ASN #7203 LEASEWEB-USA-SFO-12
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e
GET /common.js HTTP/1.1
Host: www.iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 03:14:57 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
151.101.86.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.86.133:0
Hash 8d9f5a676a34b2ebf4f6dfc3b7044bce
2cffc675f602d34dd00ffcbaeea4515075a31a47
e4b08a8c8a8321f6c727269131717bbc27ed9a3b941b1358b8c031f58ba737fe
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 27 Oct 2022 01:03:33 GMT
ETag: "2cffc675f602d34dd00ffcbaeea4515075a31a47"
Last-Modified: Sun, 23 Oct 2022 01:03:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 03:15:11 GMT
Age: 671
X-Served-By: cache-qpg1274-QPG, cache-bma1643-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 1
X-Timer: S1666494912.855717,VS0,VE0
ocsp.globalsign.com/gsrsaovsslca2018
151.101.86.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.86.133:0
Hash 8d9f5a676a34b2ebf4f6dfc3b7044bce
2cffc675f602d34dd00ffcbaeea4515075a31a47
e4b08a8c8a8321f6c727269131717bbc27ed9a3b941b1358b8c031f58ba737fe
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 27 Oct 2022 01:03:33 GMT
ETag: "2cffc675f602d34dd00ffcbaeea4515075a31a47"
Last-Modified: Sun, 23 Oct 2022 01:03:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 03:15:11 GMT
Age: 671
X-Served-By: cache-qpg1274-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 1
X-Timer: S1666494912.862763,VS0,VE1
www.iift2.com/favicon.ico
23.81.162.101200 OK 785 B URL HTTP/1.1 www.iift2.com/favicon.ico
IP 23.81.162.101:0
ASN #7203 LEASEWEB-USA-SFO-12
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 8a849857fddf67c5568dacc44ccdb1a2
0f57da0cc1532ad794baca02d0b3412f4364bc7e
55cf5a499ebd750dd9155ad2f4f2ecbed68bf46b5b484f0fe5523e320e5593c2
GET /favicon.ico HTTP/1.1
Host: www.iift2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 03:14:58 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 77c9125b7ec8f0b59874f52496786867
aa423d0ab692e5d211351e09d406c811e56f7ce0
c27c57df120776ad92ece250dfe487d2278435552593b51d264957d42fc6c81b
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:12 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 03:46:19 GMT
Expires: Thu, 27 Oct 2022 03:46:18 GMT
Etag: "aa423d0ab692e5d211351e09d406c811e56f7ce0"
Cache-Control: max-age=346865,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74e903fe50b51-OSL
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 23 Oct 2022 03:15:12 GMT
Etag: "4078521116"
Expires: Mon, 23 Oct 2023 03:15:12 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=9F11C61D6782CE7DF91E6153B1FC754F:FG=1; max-age=31536000; expires=Mon, 23-Oct-23 03:15:12 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
api.share.baidu.com/s.gif?l=http://www.iift2.com/index.php
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.iift2.com/index.php
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.iift2.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.iift2.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 23 Oct 2022 03:15:12 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16091
Expires: Sun, 23 Oct 2022 07:43:23 GMT
Date: Sun, 23 Oct 2022 03:15:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16091
Expires: Sun, 23 Oct 2022 07:43:23 GMT
Date: Sun, 23 Oct 2022 03:15:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16091
Expires: Sun, 23 Oct 2022 07:43:23 GMT
Date: Sun, 23 Oct 2022 03:15:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda6a073-f00e-40b8-bbff-eeeffe03083d.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda6a073-f00e-40b8-bbff-eeeffe03083d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab395803138af2f1c4a95b643a69fcd0
004c737da6827867b87a78f7f8d92699468b050b
7a1806038d98d478ec019ff97356b3255afbbea70a74180fdacd4958fe62b807
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda6a073-f00e-40b8-bbff-eeeffe03083d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9565
x-amzn-requestid: 84c51ee2-64f1-4236-a8c7-278a6e28b24a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRJaGUBIAMFcRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354623c-36a42ee364025d0270960976;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:35:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s0bwoRJ0cmtAkh-hR2PqFqcrthu7VTBiSdEN3ai8410XKLqkqF7yJg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
age: 19896
etag: "004c737da6827867b87a78f7f8d92699468b050b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3c188b6071e2e3725d0eafc38e0a97a
894517b00535a08a4750510a8c74cd7bff5ce3a6
2b06cd431d93eb12fccc7061bd5a5be4e50b47c4410762034937584d8a8d06a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11582
x-amzn-requestid: 20307063-f434-4fb9-8cf8-d8c93b8fc3c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqFmeoAMF5EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-76156e37226bff5674a219e9;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: k3Dk91gOozMKKg38TkOGdPtPjfIEtHpHCvg1u3dJURco32kNiHJMQg==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:45:32 GMT
age: 19780
etag: "894517b00535a08a4750510a8c74cd7bff5ce3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d707e0f-487e-4d60-9095-919220ac939a.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d707e0f-487e-4d60-9095-919220ac939a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ae6442b63de1e40cf33df80434401ad
e9b1889e93d17e11aec51d610b38cbea22937eb3
5caa6653896a6444c22f4b560de7df98be23c1b97d8dbc950095a53fc778ab35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d707e0f-487e-4d60-9095-919220ac939a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5702
x-amzn-requestid: f59514ec-7e53-4f36-a8c2-3db852d24681
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aO4E_F4ooAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f6d52-45f71e5f22c0e7377e3b5f44;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 03:21:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFtlPyJXGd2uWLahfdlQTTdj7FIoddYUmOfBaIpt89yIQlRPxSabkA==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 09:19:29 GMT
age: 64543
etag: "e9b1889e93d17e11aec51d610b38cbea22937eb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0675dc4be3e7a62f7083f4b34e5959
f6c43d035774306f3622029fb6a2c9d44086a3f8
56153c1a09bbf2a2d0079fe15ee54733460bbce7572d6b1b66972a0e00123b1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7588
x-amzn-requestid: b6a2786a-7863-49b7-b96f-09b94c44dcdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRm0GRfIAMFVcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635462f8-58ef725d7c9a71fc0c90a86d;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jtZFCDkxgLwr6JRka5OuVuFcxmZH4sNWrhT_kx1DkFTSN3NQ9NUu0Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
etag: "f6c43d035774306f3622029fb6a2c9d44086a3f8"
content-type: image/jpeg
age: 19896
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 208445a6f07a7259b8a420c062a81998
50d9f1642c3c47504fb2d4086a40ae8fb9479b50
607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12031
x-amzn-requestid: b15d6e4e-4880-4686-80c1-ba49f705631c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFgJtHZHoAMFsMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bad71-3ef572702125f3b32ceece12;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:06:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3XZCGkKRjdtuIJ9Zp6WCsnBEuV7XimonJLAIL6OIFzYw1zPxBZOv_g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 08:04:17 GMT
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
content-type: image/jpeg
age: 69055
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85de0c3844ed8f109992d7c37cc5db1b
454136ba1c69e33ae3ba4fcfe4963bd492991e07
c8d2f6fabb976cc65c2029b102fee589b639c0f18110f1c2502733903da73d0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3518
x-amzn-requestid: 8b13ebbd-b086-4007-a17d-d8ab307e2575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFhSdGtEoAMFajw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634baf42-0ca66cd74f79dbfa54f3613b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:14:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xW8lD02LEzgVvUNKqXck7eMr2CXbt_xdVzN4H1M7qj4qQJpvXLFy5Q==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:48:55 GMT
age: 19577
etag: "454136ba1c69e33ae3ba4fcfe4963bd492991e07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash f78bf8cf1aef94a434341631d1b2ca12
c21ae96ea433b807b75213f7bad0c671c8c3e022
6f920d35eae5386eb71e37a458b70b9f0ff3e3b7f4d247e249f404d2ead7f1ee
GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:12 GMT
Etag: 1454ffe3467ca66fa9642776c64a9e37
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0424DAFBC8DE33FE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?722bcf82d448b292cb72eeee90377ca2
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?722bcf82d448b292cb72eeee90377ca2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 34587c67afb34ec2612200a223d8e592
b133fbea68aa4fc6eb1d2d53e98079006fbeb738
d9c45cbe384d7babfcdf376c22051956a8962b0defdb61a54b4da6807ffeea91
GET /hm.js?722bcf82d448b292cb72eeee90377ca2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:12 GMT
Etag: 86e8da131b652b22dcba4e80d69809bd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=802DAE0A8520FB69; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 506f7a4ca0cb4363f74ffbdc125f0510
e83bdf3f7bd99bed24105da4913835ccd3d671d2
18ce3cdf9a66f714e9b5d03fa5cb1222e3b627a33d18a9cfb21e3556d4564204
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18CE3CDF9A66F714E9B5D03FA5CB1222E3B627A33D18A9CFB21E3556D4564204"
Last-Modified: Sat, 22 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5445
Expires: Sun, 23 Oct 2022 04:45:58 GMT
Date: Sun, 23 Oct 2022 03:15:13 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=993855914&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=993855914&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=993855914&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F56CD832FFFF3658; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1824768231&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1824768231&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1824768231&si=722bcf82d448b292cb72eeee90377ca2&v=1.2.97&lv=1&sn=5414&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.iift2.com%2Findex.php&tt=%E6%B2%88%E9%98%B3%E7%88%B8%E8%AF%BF%E6%9C%BA%E6%A2%B0%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7886722E7156D4C2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.pgurw.xyz/template/pgysvip/css/honglou.png
173.231.17.179200 OK 19 kB URL HTTP/2 www.pgurw.xyz/template/pgysvip/css/honglou.png
IP 173.231.17.179:0
File type PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e
GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Tue, 22 Nov 2022 03:15:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgurw.xyz/template/pgysvip/images/1.gif
173.231.17.179200 OK 254 B URL HTTP/2 www.pgurw.xyz/template/pgysvip/images/1.gif
IP 173.231.17.179:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Tue, 22 Nov 2022 03:15:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
pg.doitalie.com/news/index.php
20.247.116.64200 OK 662 B URL HTTP/2 pg.doitalie.com/news/index.php
IP 20.247.116.64:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 22e45b926396d11c28c16a21ac9d3bb6
e5a3840aa14171234a8e881ad41c811f7988f655
1854cf8a37cc82b6efc034e2d0e756400d38a439ab5d88e629a0848d136c14fc
GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.iift2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Sun, 23 Oct 2022 03:15:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f56bdb13ff03ca3d0f4a35beaca36d7d
b50216b789b0d644c66b35e66af3dc903c71d665
7c13e11314fd897bcf44e15b9cafde64fbe4bf02edc75e368c2cbecaba4bb9eb
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 23 Oct 2022 03:15:14 GMT
Last-Modified: Sat, 22 Oct 2022 11:36:57 GMT
ETag: "6353d5d9-1d7"
Expires: Mon, 24 Oct 2022 11:36:57 GMT
Cache-Control: max-age=116503
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1666494914
Via: cache21.l2de2[473,473,200-0,M], cache21.l2de2[474,0], cache7.se1[494,494,200-0,M], cache7.se1[495,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 23 Oct 2022 03:15:14 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16664949144561447e
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Sat, 22 Oct 2022 04:56:02 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: -scAAABffxk3SyAX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1666414562
Via: cache15.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[1,0]
Content-Encoding: gzip
Age: 80352
X-Cache: HIT TCP_MEM_HIT dirn:5:289962451
X-Swift-SaveTime: Sat, 22 Oct 2022 04:56:13 GMT
X-Swift-CacheTime: 86389
Timing-Allow-Origin: *
EagleId: 2ff62c9b16664949149621819e
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14150
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14150
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/fsfufevfozo0820fsfufevfozo041535.jpg
172.67.28.138200 OK 5.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/fsfufevfozo0820fsfufevfozo041535.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 696efdbefba8e9baa38d6f5cfdc593bd
cddcf347d0236408206937e54495136173633ee8
115b41842bac6d6bd6c2587ea0f17db1218964959386be340ab38f4b24099b60
GET /upload/vod/2022/10-23/08/fsfufevfozo0820fsfufevfozo041535.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 5342
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7398
content-disposition: inline; filename="fsfufevfozo0820fsfufevfozo041535.webp"
etag: "635488b4-1ce6"
last-modified: Sun, 23 Oct 2022 00:20:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aa7b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg
172.67.28.138200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4f8fa1b3af9723b191da1db636e3d15
e7a8d7afa1f1420b519f2b6a303a1473e47f0ce4
e8916db0ebdacd0720dd618601ffb77cb97ba62ab5f7a8638029ece3b1fe0abd
GET /upload/vod/2020/03-27/03/zmftmj4szbu0349zmftmj4szbu2175.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9852
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10333
content-disposition: inline; filename="zmftmj4szbu0349zmftmj4szbu2175.webp"
etag: "5e7d0741-285d"
last-modified: Thu, 26 Mar 2020 19:49:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aa8b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/obvvv2ouqde0821obvvv2ouqde141613.jpg
172.67.28.138200 OK 9.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/obvvv2ouqde0821obvvv2ouqde141613.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe5c51c1f50e0866b87d3b858fcd0f1e
53239b065d18f7724ce762391270b680e2e82e6f
0de2ab6829c059d400ce1b201ddb4ddea5b32063e0c075dd397b6b8b09dd0980
GET /upload/vod/2022/10-23/08/obvvv2ouqde0821obvvv2ouqde141613.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9492
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10068
content-disposition: inline; filename="obvvv2ouqde0821obvvv2ouqde141613.webp"
etag: "635488fa-2754"
last-modified: Sun, 23 Oct 2022 00:21:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aaeb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/cwez4wsoj3o0821cwez4wsoj3o161617.jpg
172.67.28.138200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/cwez4wsoj3o0821cwez4wsoj3o161617.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c125709f0aed78588ba1832652cae19b
bfc703852aa684b3152a58bdac15acea9b0f4ea0
7b3c381d68236b6e93c2ea41339fbac215340cd25640acd6aca03c8113644059
GET /upload/vod/2022/10-23/08/cwez4wsoj3o0821cwez4wsoj3o161617.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 8106
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10487
content-disposition: inline; filename="cwez4wsoj3o0821cwez4wsoj3o161617.webp"
etag: "635488fc-28f7"
last-modified: Sun, 23 Oct 2022 00:21:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab0b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/rpqocm2rua10349rpqocm2rua12479.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/rpqocm2rua10349rpqocm2rua12479.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0895ffa46d6813dff59a1d1f485a1872
05e16f64a632df05e841a70a198f2bd8e863f9a4
262383fe39918945cd0725f45f3d299824829abc9bcb216e139808ac8ab7722d
GET /upload/vod/2020/03-27/03/rpqocm2rua10349rpqocm2rua12479.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 11248
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13084
content-disposition: inline; filename="rpqocm2rua10349rpqocm2rua12479.webp"
etag: "5e7d0744-331c"
last-modified: Thu, 26 Mar 2020 19:49:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aaab4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/qhux4qbebx00349qhux4qbebx02581.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/qhux4qbebx00349qhux4qbebx02581.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash cfd92ac22fac04ce33101f02895438a4
a41c40596edce605b6b98ee201f1fa41d902d345
fa8b9c76dfb397b3bd5b725cda2b6de1cb0ccc0cf1054d13ce0776d2b0bc35b2
GET /upload/vod/2020/03-27/03/qhux4qbebx00349qhux4qbebx02581.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 12516
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13115, status=webp_bigger
etag: "5e7d0745-333b"
last-modified: Thu, 26 Mar 2020 19:49:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea37aabb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/x3ce11jy1ya0820x3ce11jy1ya261569.jpg
172.67.28.138200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/x3ce11jy1ya0820x3ce11jy1ya261569.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash db7282368f8ddb26d26bb7dc027ea9df
8196fc73d58d2006f8c96a00226a8a01ee789c96
ba7668d6854074b95b36c307a42aad6eb65ab6174a56fbbfc25456f973dfd43e
GET /upload/vod/2022/10-23/08/x3ce11jy1ya0820x3ce11jy1ya261569.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 7992
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8780
content-disposition: inline; filename="x3ce11jy1ya0820x3ce11jy1ya261569.webp"
etag: "635488ca-224c"
last-modified: Sun, 23 Oct 2022 00:20:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab3b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/o2zmsb5xrww0820o2zmsb5xrww281573.jpg
172.67.28.138200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/o2zmsb5xrww0820o2zmsb5xrww281573.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f543318959c31cd63765b62700751ccc
38a48ad13afac5eb13cd432c885282d700921d5b
432348ed96867efaf81d57a2e5e98a29809f8272a55984b8f05d0dfa640071e2
GET /upload/vod/2022/10-23/08/o2zmsb5xrww0820o2zmsb5xrww281573.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6388
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7644
content-disposition: inline; filename="o2zmsb5xrww0820o2zmsb5xrww281573.webp"
etag: "635488cc-1ddc"
last-modified: Sun, 23 Oct 2022 00:20:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab6b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg
172.67.28.138200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 71dec45bc6414d35446f7b790ff28ee8
72f4cc5b08787080d7fc88ca40b18b3367229357
dd1b2b89536b324193371d89e9b369eeaec653f1a3f147d328187d765e4d0681
GET /upload/vod/2020/03-27/03/kogdazm0urj0349kogdazm0urj2889.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9840
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10669
content-disposition: inline; filename="kogdazm0urj0349kogdazm0urj2889.webp"
etag: "5e7d0748-29ad"
last-modified: Thu, 26 Mar 2020 19:49:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aadb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a6dfda9781e7f2478f79c9d23d658925
a93fbfcc561ea4d6590ee85fd944df26017a7deb
b35ab1bb702249af67552525a8af28c21654a999c82afc3aadf0da1484ee5e53
GET /upload/vod/2020/03-27/03/f135ecdlpt50349f135ecdlpt52785.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9956
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11708
content-disposition: inline; filename="f135ecdlpt50349f135ecdlpt52785.webp"
etag: "5e7d0747-2dbc"
last-modified: Thu, 26 Mar 2020 19:49:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37aacb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg
172.67.28.138200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1033d39eb09b7476cfb4e073ae246f77
77369d24234edf66d8dac9355862c31b32c1d357
de486fbcd4e0aa09f55d40946ef298341cf811918d8aa51dcfdd3b88d9214416
GET /upload/vod/2022/10-23/08/h1n2yo2x3vo0821h1n2yo2x3vo171619.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6932
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9123
content-disposition: inline; filename="h1n2yo2x3vo0821h1n2yo2x3vo171619.webp"
etag: "635488fd-23a3"
last-modified: Sun, 23 Oct 2022 00:21:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab1b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/52wtjm5rz25082052wtjm5rz25511575.jpg
172.67.28.138200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/52wtjm5rz25082052wtjm5rz25511575.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81659c3902f40c66717ea9e5c13a12c2
175987eb3794c8a8e06f9ae1b3d9e443eb2af68a
a8800e8491fe9e3025c254e9d0aaa97c3b04900195f926aae019752951b7b871
GET /upload/vod/2022/10-23/08/52wtjm5rz25082052wtjm5rz25511575.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6206
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8536
content-disposition: inline; filename="52wtjm5rz25082052wtjm5rz25511575.webp"
etag: "635488e3-2158"
last-modified: Sun, 23 Oct 2022 00:20:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6360
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab7b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/u3ivpqbkzfd0820u3ivpqbkzfd271571.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/u3ivpqbkzfd0820u3ivpqbkzfd271571.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a287ef67d7da5e3a54b34108b75b550d
f7c9cf669a57d000b7218a0e55bf0bb7a89a1d43
6e5c43d35644b2fe98a27540ea73c94835051112e77698834b8037333d339ed8
GET /upload/vod/2022/10-23/08/u3ivpqbkzfd0820u3ivpqbkzfd271571.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 13018
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13306
content-disposition: inline; filename="u3ivpqbkzfd0820u3ivpqbkzfd271571.webp"
etag: "635488cb-33fa"
last-modified: Sun, 23 Oct 2022 00:20:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab5b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/qwq5nu4qcwb0820qwq5nu4qcwb081543.jpg
172.67.28.138200 OK 5.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/qwq5nu4qcwb0820qwq5nu4qcwb081543.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8429e59d1b30a9d98fdd6e7661935606
3b949ac7391182596a03b82c4416c4dfb3d60773
ebafb2e18c2edc99bd684b1082fef74f4feb35b0d68b90ccaf407a689f465da3
GET /upload/vod/2022/10-23/08/qwq5nu4qcwb0820qwq5nu4qcwb081543.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 5900
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7108
content-disposition: inline; filename="qwq5nu4qcwb0820qwq5nu4qcwb081543.webp"
etag: "635488b8-1bc4"
last-modified: Sun, 23 Oct 2022 00:20:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37ab9b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rlov2obgwah0820rlov2obgwah071541.jpg
172.67.28.138200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rlov2obgwah0820rlov2obgwah071541.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ff5b2b64b7a650626d558f0bf72cb100
75c05c09b0d2decdcc19aa6227ed8f62f5159488
5a3f23192d5a67c9229e5830ee52a2c55497476fd11ca68aca037163c36024e5
GET /upload/vod/2022/10-23/08/rlov2obgwah0820rlov2obgwah071541.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6642
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8889
content-disposition: inline; filename="rlov2obgwah0820rlov2obgwah071541.webp"
etag: "635488b7-22b9"
last-modified: Sun, 23 Oct 2022 00:20:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea37abdb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/jzyvcmqquba0820jzyvcmqquba061539.jpg
172.67.28.138200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/jzyvcmqquba0820jzyvcmqquba061539.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a7fd725de331f7e79ac646938f74809
d976191b6032a1eb695df345f5ab4fcc74cb30ef
fca3f7d2fbd58ab27c5e3fad818162d00d6c22fb4f20d513fd9f7f332d2828bf
GET /upload/vod/2022/10-23/08/jzyvcmqquba0820jzyvcmqquba061539.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9802
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10625
content-disposition: inline; filename="jzyvcmqquba0820jzyvcmqquba061539.webp"
etag: "635488b6-2981"
last-modified: Sun, 23 Oct 2022 00:20:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac1b4fd-OSL
X-Firefox-Spdy: h2
www.pgurw.xyz/template/pgysvip/js/jquery.config.js
173.231.17.179200 OK 2.2 kB URL HTTP/2 www.pgurw.xyz/template/pgysvip/js/jquery.config.js
IP 173.231.17.179:0
Hash 87e21dc7aac5097121c5dcf47d3d76c9
af120f0174212687eb8dd0948cb8e43ff7570190
ead446e0829391770ae2ce4788d088f6b1cfb272d1c2e389c452985938e45ea3
GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Sun, 23 Oct 2022 15:15:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a64492ca7d0ee6d3b8376a726b4ace86
9dd52b378d95d35ca1cf82f324c3f38e807f70cd
98311b316bbf6c9dbe0c9dc5002666e64a4e9f1ec15c376a0019c46fcb6db48b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 15:51:43 GMT
Expires: Fri, 28 Oct 2022 15:51:42 GMT
Etag: "9dd52b378d95d35ca1cf82f324c3f38e807f70cd"
Cache-Control: max-age=476786,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea36a1d0b55-OSL
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg
172.67.28.138200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e7deb92a6462e5739d3bd76d10f5400
2abf1828f46cebb31c90c5cd909cd1f846e14613
ef57ccb9f1602e96ab71543fa3e3e296603af4178cb6b03416fb5b99e16347a3
GET /upload/vod/2022/10-23/08/rmgjvugi1db0820rmgjvugi1db051537.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 7564
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8660
content-disposition: inline; filename="rmgjvugi1db0820rmgjvugi1db051537.webp"
etag: "635488b5-21d4"
last-modified: Sun, 23 Oct 2022 00:20:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac4b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg
172.67.28.138200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8cc194f43fba2b6cd8e1f944d9e03f2e
cf03d4e990b84d945cff0a886496cf94dd7ecefe
8db0e38a95e5d6e09b3ab9c6337567e81157f17a8df742c5f18a993ab90285a3
GET /upload/vod/2022/10-23/08/4ec1ypeomhd08174ec1ypeomhd451353.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 5990
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8287
content-disposition: inline; filename="4ec1ypeomhd08174ec1ypeomhd451353.webp"
etag: "63548829-205f"
last-modified: Sun, 23 Oct 2022 00:17:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac5b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rpkt1tsf12u0817rpkt1tsf12u441351.jpg
172.67.28.138200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/rpkt1tsf12u0817rpkt1tsf12u441351.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f13d4934c193baeb4b00d5bebf0957d0
7adadc0bd4084797ba3cb4fe73912b8e315c7585
46558a41f5a4bae0150ddcfccbeaa755d475a956bc120a92aea32596067e469f
GET /upload/vod/2022/10-23/08/rpkt1tsf12u0817rpkt1tsf12u441351.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 9936
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10863
content-disposition: inline; filename="rpkt1tsf12u0817rpkt1tsf12u441351.webp"
etag: "63548828-2a6f"
last-modified: Sun, 23 Oct 2022 00:17:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac6b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xp5i22btamz0821xp5i22btamz151615.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xp5i22btamz0821xp5i22btamz151615.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash e7efed6e197242447b3b861b2f5ab378
e6d85224ab77b54d71876ec8e58ac9e925476ddf
03a40ed6ab25a245738fc82a7422feaac16500834f2d80ed615aee79391d4a0f
GET /upload/vod/2022/10-23/08/xp5i22btamz0821xp5i22btamz151615.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 11914
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=12052, status=webp_bigger
etag: "635488fb-2f14"
last-modified: Sun, 23 Oct 2022 00:21:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea37aafb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/yoowdh0qihg0817yoowdh0qihg401343.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/yoowdh0qihg0817yoowdh0qihg401343.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 1281-3, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, maximum point enabled, calibration: offset 0.000000, slope 11.070587\012- data
Hash 792d36c301c6b70caf2a964edb78da34
d573c993f4fd0d901b607b594f4e65d20872c6bf
4721daca9001cb897fe32e82b01e24f8ed61811f1888a65f476fac7d29572851
GET /upload/vod/2022/10-23/08/yoowdh0qihg0817yoowdh0qihg401343.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 10687
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11186, status=webp_bigger
etag: "63548824-2bb2"
last-modified: Sun, 23 Oct 2022 00:17:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea37ab8b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/spgflvzqc4v0817spgflvzqc4v431349.jpg
172.67.28.138200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/spgflvzqc4v0817spgflvzqc4v431349.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ebcbe23673f463e0905bae2c31f3a63
c35b39d33b7be8debfb1f1665ad950ab83055867
a067fd3f0b3d858a35c2031d58fff8aa02555ce81d7cc059de3529a009eb1931
GET /upload/vod/2022/10-23/08/spgflvzqc4v0817spgflvzqc4v431349.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 5806
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8413
content-disposition: inline; filename="spgflvzqc4v0817spgflvzqc4v431349.webp"
etag: "63548827-20dd"
last-modified: Sun, 23 Oct 2022 00:17:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6522
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea38ac9b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/d45exooekot0817d45exooekot421347.jpg
172.67.28.138200 OK 8.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/d45exooekot0817d45exooekot421347.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 62c04a12d4ee8d605984adf05dbd085e
1cdbb36bd8531eb59fbda12555230bd9affc3882
7bdc489af44d48c04509c422de1fbdc16e023160c4bcf601d1d50fc321443784
GET /upload/vod/2022/10-23/08/d45exooekot0817d45exooekot421347.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 8778
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9616
content-disposition: inline; filename="d45exooekot0817d45exooekot421347.webp"
etag: "63548826-2590"
last-modified: Sun, 23 Oct 2022 00:17:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea39acbb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 896230a4a9c83d8bc5be2fbbf3052eb9
0f78d4292a7b2066a887061f0d712d2fdb67d85a
7096d95456835e2bdc761af6a7eacfc3c27a702d9b6f049c29589f745da52a53
GET /upload/vod/2022/10-23/08/xg0mjarlcav0817xg0mjarlcav411345.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 11072
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11983
content-disposition: inline; filename="xg0mjarlcav0817xg0mjarlcav411345.webp"
etag: "63548825-2ecf"
last-modified: Sun, 23 Oct 2022 00:17:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea39accb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/0zy3mbrnldo08170zy3mbrnldo461357.jpg
172.67.28.138200 OK 8.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/0zy3mbrnldo08170zy3mbrnldo461357.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd04cf9079f535220c9332fceb1b65a7
38eca27f30bb889486c3eba44a3003174a96db14
e96957a73187b81f74aa009510681a0391984b2a12f3e26c2b7eacb81d433827
GET /upload/vod/2022/10-23/08/0zy3mbrnldo08170zy3mbrnldo461357.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 8836
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10088
content-disposition: inline; filename="0zy3mbrnldo08170zy3mbrnldo461357.webp"
etag: "6354882a-2768"
last-modified: Sun, 23 Oct 2022 00:17:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6534
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea39acfb4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/2at2lqodr0p08172at2lqodr0p451355.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/2at2lqodr0p08172at2lqodr0p451355.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 4f1111ecb8ae8da60fa17311fc3f8e66
95366cf5e5000ae8139259c869431bf73c096a88
94b9c6990d9614a6c14e95d6048e27967f683597fd8750d3b983027b0530579d
GET /upload/vod/2022/10-23/08/2at2lqodr0p08172at2lqodr0p451355.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 12314
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13000, status=webp_bigger
etag: "6354882a-32c8"
last-modified: Sun, 23 Oct 2022 00:17:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea3aad2b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/x4hjb32tl0g0820x4hjb32tl0g031533.jpg
172.67.28.138200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/x4hjb32tl0g0820x4hjb32tl0g031533.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 242fe4e2c8539ce8bff4485df0443272
8a23c9ac443e1ed7ca91a67872c61d538a8d6179
1e1211e396b5a1183d0afc7c7e01622059e6995c02316633d70b5d767d2432d1
GET /upload/vod/2022/10-23/08/x4hjb32tl0g0820x4hjb32tl0g031533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6700
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7770
content-disposition: inline; filename="x4hjb32tl0g0820x4hjb32tl0g031533.webp"
etag: "635488b3-1e5a"
last-modified: Sun, 23 Oct 2022 00:20:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea3aad3b4fd-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 074eb53d2e811aa51788eae39dfa8985
ee09927a7c63d07f170b973fe255ead328109aa2
0cdf25f926e207632ebb360eee05772eade654db84e90cadb2dc6b52f1ccfa8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0CDF25F926E207632EBB360EEE05772EADE654DB84E90CADB2DC6B52F1CCFA8C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14150
Expires: Sun, 23 Oct 2022 07:11:05 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/hyo2yuj3h1d0820hyo2yuj3h1d521579.jpg
172.67.28.138200 OK 6.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/hyo2yuj3h1d0820hyo2yuj3h1d521579.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a48cbede8f059dfa48ac3f70286c341
b2197c5ed6c318bb14a6b3bdbd46f8d5037b0a7c
c6ae4bc8ab6fe4aa1999a46521cc9a24c310f326922541289fb10c719c4147c4
GET /upload/vod/2022/10-23/08/hyo2yuj3h1d0820hyo2yuj3h1d521579.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6790
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7940
content-disposition: inline; filename="hyo2yuj3h1d0820hyo2yuj3h1d521579.webp"
etag: "635488e4-1f04"
last-modified: Sun, 23 Oct 2022 00:20:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea3bad9b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/ivswieror1m0821ivswieror1m171621.jpg
172.67.28.138200 OK 5.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/ivswieror1m0821ivswieror1m171621.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5da64fbd0cbfe828418b78f3205213b1
d1abc22c63a9b349cf808f1b2ca1990dc56c8976
e52153efc0102c7f3c27c1521f6e50f99d03679231853c70bc3df76caf876565
GET /upload/vod/2022/10-23/08/ivswieror1m0821ivswieror1m171621.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 4982
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6392
content-disposition: inline; filename="ivswieror1m0821ivswieror1m171621.webp"
etag: "635488fd-18f8"
last-modified: Sun, 23 Oct 2022 00:21:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea3dae1b4fd-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/gnmtrxjapcj0821gnmtrxjapcj181623.jpg
172.67.28.138200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/gnmtrxjapcj0821gnmtrxjapcj181623.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash 80d3486be77227f94a47f4d913797feb
7fe10e427fe496e7e5107a90775efd35da390fa3
19705834db3b7a3193503f61665c472080fc1619bae7d098229ab3656d4c1786
GET /upload/vod/2022/10-23/08/gnmtrxjapcj0821gnmtrxjapcj181623.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/jpeg
content-length: 9789
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10310, status=webp_bigger
etag: "635488fe-2846"
last-modified: Sun, 23 Oct 2022 00:21:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6359
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea3eaeab4fd-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d607096796fae9041f3725b09948ae7
3299439fe1cac50c70d9e3222ff0b65e97e41971
caceda500017d14bb3abb20f7806b3cab8d818dad5f13b240b572606370af20c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CACEDA500017D14BB3ABB20F7806B3CAB8D818DAD5F13B240B572606370AF20C"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Sun, 23 Oct 2022 04:46:01 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/10-23/08/poixomjmfao0820poixomjmfao511577.jpg
172.67.28.138200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-23/08/poixomjmfao0820poixomjmfao511577.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c0f03458e8487149e9c046aa520c2be
5c8b696ec0f464090108e627bcf4d5277875c291
00af42e28870430c31c2cf88acb1a5c676023433648169d31359efb51f0fd0b0
GET /upload/vod/2022/10-23/08/poixomjmfao0820poixomjmfao511577.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/webp
content-length: 6400
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7459
content-disposition: inline; filename="poixomjmfao0820poixomjmfao511577.webp"
etag: "635488e4-1d23"
last-modified: Sun, 23 Oct 2022 00:20:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
server: cloudflare
cf-ray: 75e74ea3faedb4fd-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b137c5e0bd47d360dc35db83d3bdcbf8
07833f7d24daf7e5a49b94cb751ffcfdc3d73fdf
9c3d2671a330a1e49ab6df130538d6ba283df13a0405f1902349d367282a24e9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 04:29:50 GMT
Expires: Thu, 27 Oct 2022 04:29:49 GMT
Etag: "07833f7d24daf7e5a49b94cb751ffcfdc3d73fdf"
Cache-Control: max-age=349473,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea3ea420b55-OSL
www.pgurw.xyz/template/pgysvip/images/video-mask.png
173.231.17.179200 OK 107 B URL HTTP/2 www.pgurw.xyz/template/pgysvip/images/video-mask.png
IP 173.231.17.179:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Tue, 22 Nov 2022 03:15:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgurw.xyz/template/pgysvip/images/video-play.png
173.231.17.179200 OK 1.6 kB URL HTTP/2 www.pgurw.xyz/template/pgysvip/images/video-play.png
IP 173.231.17.179:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/pgysvip/images/video-play.png HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Tue, 22 Nov 2022 03:15:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d607096796fae9041f3725b09948ae7
3299439fe1cac50c70d9e3222ff0b65e97e41971
caceda500017d14bb3abb20f7806b3cab8d818dad5f13b240b572606370af20c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CACEDA500017D14BB3ABB20F7806B3CAB8D818DAD5F13B240B572606370AF20C"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Sun, 23 Oct 2022 04:46:01 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
104.21.234.200200 OK 1.0 MB URL HTTP/2 acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
IP 104.21.234.200:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /3acd6109c1789c68133976726c0d3a33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/gif
content-length: 1024160
last-modified: Fri, 21 Jan 2022 10:02:31 GMT
etag: "61ea84b7-fa0a0"
expires: Sun, 20 Nov 2022 05:17:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 165494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvggYulYvl%2FKnKT7%2BjVPD98Q7Y4WqmLIE%2Bm7tvjG1tFLIJNGx2CayDME0OT%2FTMCf66wgBlQ%2Blwieov8T8t7beGdRY8UYrb0TSBtnDhqLMOabjrwVVGS6gjOhBW748w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea41826406b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.pgurw.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2003:15:30%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.179200 OK 3.1 kB URL HTTP/2 www.pgurw.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2003:15:30%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.179:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 3b6c8b9e8a7e5cdee1f0b1638b9fb274
b04f56ee536ccdafe6a9d6eda184d5bb7aee28f9
36a6130a458cece7a2b24f3c9c556007c7812d352887fca91a4ead152d748b7e
GET /template/pgysvip/html9/advertised/advertised.json?refresh=20221023Sun%20Oct%2023%202022%2003:15:30%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: application/json
content-length: 3123
last-modified: Fri, 07 Oct 2022 10:18:44 GMT
etag: "633ffd04-c33"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c36ddbf075c84655d4b726f7d2978d93
8f349e2a24d6c607c3de864ebdafe65afb9e46bb
d7c1b2d1ff34b9249351defb407c781530a9294696d0d5285db0fa1e28f1a966
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163308
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: "63548caf-116"
Expires: Tue, 25 Oct 2022 00:37:03 GMT
Last-Modified: Sun, 23 Oct 2022 00:37:03 GMT
Server: nginx
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e537467902bf9c8955e71593fff47e5
e559a3706b6c34672588a234de3f7ec64e9e2ab4
a223ab32a14db069d49eb1ca33797eddd90c5c13b96b126508ae8b576cddfc00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A223AB32A14DB069D49EB1CA33797EDDD90C5C13B96B126508AE8B576CDDFC00"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17620
Expires: Sun, 23 Oct 2022 08:08:55 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 720416fea3a7100d6babeaebd277a300
c152912ecda2c5940c2efcc315ee5a5ef67da816
3423cba3230802c3db3f0e732ebcc999a4b211eb2f11f0d4776b7cb8c7afa4d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 14:36:05 GMT
Expires: Thu, 27 Oct 2022 14:36:04 GMT
Etag: "c152912ecda2c5940c2efcc315ee5a5ef67da816"
Cache-Control: max-age=385848,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea41819fac0-OSL
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 4a1b35561254de62fedfb80c9ddb2ccd
b291ac505e72f251e47abd47b32bad6b7f247c63
beb53f3ab8eec04a952bddda83daeeb1cee52ba53480eeaceb6a536a00fa0de2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=732
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
X-N: S
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
104.21.63.42200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 104.21.63.42:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Fri, 04 Nov 2022 02:11:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1559001
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddwGWB%2BF%2BRr1I4cQ%2FpATDYZ%2FlCH%2FvjoiHyE6WmpbuiGG4nBJO4MF%2BsZiJwUtzWSvaiXwW3hnZ6OIAIewp6uopOL6HdpgfM1n4YlufDlF6BaVtJxXj93dNNCAQHUwh%2FxYfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea54e6ab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 4a1b35561254de62fedfb80c9ddb2ccd
b291ac505e72f251e47abd47b32bad6b7f247c63
beb53f3ab8eec04a952bddda83daeeb1cee52ba53480eeaceb6a536a00fa0de2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=768
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 4a1b35561254de62fedfb80c9ddb2ccd
b291ac505e72f251e47abd47b32bad6b7f247c63
beb53f3ab8eec04a952bddda83daeeb1cee52ba53480eeaceb6a536a00fa0de2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=821
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 4a1b35561254de62fedfb80c9ddb2ccd
b291ac505e72f251e47abd47b32bad6b7f247c63
beb53f3ab8eec04a952bddda83daeeb1cee52ba53480eeaceb6a536a00fa0de2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=821
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c36ddbf075c84655d4b726f7d2978d93
8f349e2a24d6c607c3de864ebdafe65afb9e46bb
d7c1b2d1ff34b9249351defb407c781530a9294696d0d5285db0fa1e28f1a966
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=163308
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: "63548caf-116"
Expires: Tue, 25 Oct 2022 00:37:03 GMT
Last-Modified: Sun, 23 Oct 2022 00:37:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
66.150.130.123301 Moved Permanently 162 B URL HTTP/2 kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 66.150.130.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: text/html
content-length: 162
location: https://kvkbbb.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4166f8a3d951ed202e826d6d5c5429a
1749c1e4a3833ebf3723c053b80b54d61fdd5661
6b0b796dd3120da995118d6b37e0c3e34dbfdb939d6bea76c84d612999a991bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B0B796DD3120DA995118D6B37E0C3E34DBFDB939D6BEA76C84D612999A991BB"
Last-Modified: Fri, 21 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7051
Expires: Sun, 23 Oct 2022 05:12:46 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8b3d366ab895876de1d3bd8ae3c3b418
03f5af52745eed9d277efcb728a35820805bfa49
e4e0ff5992ed6135faa976eea43bbcfabb41788f48b376e0b5e4debd100e2ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=162190
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: "63548851-116"
Expires: Tue, 25 Oct 2022 00:18:25 GMT
Last-Modified: Sun, 23 Oct 2022 00:18:25 GMT
Server: nginx
Content-Length: 278
ttsetupian.cc/lm/cstggspk01.gif
172.67.200.154200 OK 246 kB URL HTTP/2 ttsetupian.cc/lm/cstggspk01.gif
IP 172.67.200.154:0
File type GIF image data, version 89a, 320 x 190\012- data
Size 246 kB (246207 bytes)
Hash e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318
GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Tue, 15 Nov 2022 22:43:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 494375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRYTY873f0sYMvpwLNYjX5Mu4zj2YOx%2FrQBI82m1d2N%2Bv9Wa5lUOJd8tpWZxnmGPjPdws2B38XngSC3VenaSD7TUd1v7IA4bYOlxUcJnZ8ofkxFIMSueQl6AGKMxogKy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea6acd4b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8b3d366ab895876de1d3bd8ae3c3b418
03f5af52745eed9d277efcb728a35820805bfa49
e4e0ff5992ed6135faa976eea43bbcfabb41788f48b376e0b5e4debd100e2ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=162190
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: "63548851-116"
Expires: Tue, 25 Oct 2022 00:18:25 GMT
Last-Modified: Sun, 23 Oct 2022 00:18:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9e3a4e35ac9d7f505a7704dad11efa5e
855bc515d50be14ff5706b9fcb0886f394ed35c9
51daa7132e7bff0e7ba441d30d466ba17c5fc34ceba0a8414b0ce1ccc10ca5d1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 06:21:32 GMT
Expires: Thu, 27 Oct 2022 06:21:31 GMT
Etag: "855bc515d50be14ff5706b9fcb0886f394ed35c9"
Cache-Control: max-age=356175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea5bacc0b55-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
151.101.86.133200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 151.101.86.133:0
Hash 36ee59b4047af6dbd398723d665dcdae
ffed26d94a24f3a820f2bf0e8a45a55857aa9d41
6407f226636391813816f24439a8d4491874b6f6ad112858ae813918ddd7254d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 27 Oct 2022 00:59:42 GMT
ETag: "ffed26d94a24f3a820f2bf0e8a45a55857aa9d41"
Last-Modified: Sun, 23 Oct 2022 00:59:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 03:15:15 GMT
Age: 503
X-Served-By: cache-qpg1239-QPG, cache-bma1670-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 6, 1
X-Timer: S1666494916.708447,VS0,VE1
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 831f227b79682eb91acab7f6590916f0
35bb66e440e5641b38aecd3909a1c762aaa51883
41dd811e3d73fd7292e1a79a4a045d4406e315f236e07990eac47e5d391de4cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "41DD811E3D73FD7292E1A79A4A045D4406E315F236E07990EAC47E5D391DE4CC"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14973
Expires: Sun, 23 Oct 2022 07:24:48 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ef75d36925bf696e792d649223ed675e
f009d5acd569610a1f6db65c4f830aa0869155b2
35ca52dd3c1396b400c304a0c4be9a3004fce98f0acc0b9fc06bc716c09fbc8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CA52DD3C1396B400C304A0C4BE9A3004FCE98F0ACC0B9FC06BC716C09FBC8D"
Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10844
Expires: Sun, 23 Oct 2022 06:15:59 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 552e61fc059bb81ae37bc3555985cd6f
061294cb4c79c3a8b4e907621fb2ebecb8d59f8a
3dcf96624e2396156b770659d75d326319c09c5fb6896aaa84d82fd9cb1c3e42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DCF96624E2396156B770659D75D326319C09C5FB6896AAA84D82FD9CB1C3E42"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=287
Expires: Sun, 23 Oct 2022 03:20:02 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
kvkbbb.top/1a182b41455cd11a06b7a6c90623f9cc.gif
104.21.45.17200 OK 832 kB URL HTTP/2 kvkbbb.top/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 104.21.45.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 832 kB (832544 bytes)
Hash 8a1b22cb6be2662f8c75ace7480ea0e6
380d85b1d74b702a780ee04965fdb9908ab73171
928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kvkbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurw.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: image/gif
content-length: 832544
last-modified: Thu, 30 Jun 2022 12:03:43 GMT
etag: "62bd911f-cb420"
expires: Wed, 16 Nov 2022 15:56:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 472754
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3uUBiil2bp%2Bd7Qu9rAMX86bMJXnTPOJhzMjdgTzSRdauzwJbimOwDjBIIouWykUdVbs49ZmV%2FLdbhdKfb%2FQjMZzlPQMSaiyO9s0uVXWXXuRvye1lg3jl68UouuX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea76a690b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 03:15:15 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 831f227b79682eb91acab7f6590916f0
35bb66e440e5641b38aecd3909a1c762aaa51883
41dd811e3d73fd7292e1a79a4a045d4406e315f236e07990eac47e5d391de4cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "41DD811E3D73FD7292E1A79A4A045D4406E315F236E07990EAC47E5D391DE4CC"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14973
Expires: Sun, 23 Oct 2022 07:24:48 GMT
Date: Sun, 23 Oct 2022 03:15:15 GMT
Connection: keep-alive
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 44e6287094621e41325dee4cd377abc3
b7f086992627269425084682f83a41dc8ed3cb8e
c24b28e27b40379b18ac13609762dae3e5991835fbd690b739242bc51927c0df
GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: a1deaac45292578131c7e4670014dce2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9DDA874B3AD2E2A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash c33c92b57e8dfb01aedd91ed7eff842f
329b3bdb070dbb0dc0c21d4cb0301b03c0eac5db
e7bf8c5b0e7815f7dccaa35a313421449e0f04be008d800e47cdb3db501f4423
GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: cbb213ece286a7da96ddc5c750848670
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=774D9E0EE3F0A394; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash c9092514e73567a9adb4d3545a43724d
278e5418390694fab1037e991d3f2e2dfeac6d20
37ee314307fe27bbe4970e04fa383b96cf58edc25749c1001523fa5d4a2211d9
GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: a712c094fe8ef04895a2c9c607c97118
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=72381DC11B9C129B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
pg.doitalie.com/news/data.php
20.247.116.64200 OK 143 kB URL HTTP/2 pg.doitalie.com/news/data.php
IP 20.247.116.64:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 143 kB (143000 bytes)
Hash 5ab61fbf85aa54aaff67920f7cb54752
c396e57da1f63e35b1a49e739f4cddea7321271e
260e641dd93ae43cc73df56ec885c0b552980953ed253c5b4ea00bc3b4210b6e
GET /news/data.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sun, 23 Oct 2022 03:15:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c89daa928a160401b01e586356acb68b
bf0bf9b951f911fb08fa17742fb31cba6c3d4d87
b9b0aa065a2b7e642f1e6224f34e7fd606c9b5aba54674e51ab9a2e912e12617
GET /upload/vod/2020/03-27/03/dufs1uah5140349dufs1uah5142277.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: image/jpeg
content-length: 13120
last-modified: Thu, 26 Mar 2020 19:49:23 GMT
etag: "5e7d0743-3340"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea37aa9b4fd-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4835c48f4652b65faac0f6174d499d9d
20e92c4af6df75008d24fa768c30b191bf4bebdb
c197fd23a8c3bd972d95924c9d1f802bb7842f6667835966b4b1a8ab4e772d1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C197FD23A8C3BD972D95924C9D1F802BB7842F6667835966B4B1A8AB4E772D1F"
Last-Modified: Sat, 22 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9346
Expires: Sun, 23 Oct 2022 05:51:02 GMT
Date: Sun, 23 Oct 2022 03:15:16 GMT
Connection: keep-alive
79151879798.com/b8ca9e8def054d5284828d03b701ef43.gif
103.170.15.77200 OK 654 kB URL HTTP/1.1 79151879798.com/b8ca9e8def054d5284828d03b701ef43.gif
IP 103.170.15.77:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
Analyzer Verdict Alert quad9 Sinkholed
GET /b8ca9e8def054d5284828d03b701ef43.gif HTTP/1.1
Host: 79151879798.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62d16582-9f991"
Date: Sat, 15 Oct 2022 19:29:40 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 15 Jul 2022 13:02:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-07
Content-Length: 653713
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7812e5da97c7cb67a88ac756ef58aa71
d3d2bb0940804c3912f773ed6f8091b9220df170
8180b81a2a1f07b4917f5efe9faaa83b3d78affb519b38fed99cc4e0dccac634
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124040
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:16 GMT
Etag: "6353f34c-117"
Expires: Mon, 24 Oct 2022 13:42:36 GMT
Last-Modified: Sat, 22 Oct 2022 13:42:36 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56ede933a61d19a6c735384b2e588306
81938e9fa9baeda8a3c696d833dfbea35bf24214
8e5669dc9a2cbbd7ea251ebda8fd8fb6dea98e82aee4fb3d3d3dfeed47117e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E5669DC9A2CBBD7EA251EBDA8FD8FB6DEA98E82AEE4FB3D3D3DFEED47117E4B"
Last-Modified: Sat, 22 Oct 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5468
Expires: Sun, 23 Oct 2022 04:46:24 GMT
Date: Sun, 23 Oct 2022 03:15:16 GMT
Connection: keep-alive
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
104.21.55.74200 OK 524 kB URL HTTP/2 nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 325 x 143\012- data
Size 524 kB (523775 bytes)
Hash 2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurw.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Wed, 16 Nov 2022 14:41:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 477205
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEhnvVy%2BkN3GEiTbQYPkI7V8XtUMuyh4gBNr5Fo76MLGpupVSbiYn3FpvxuwusHMEN3lZyR4ZdWrwGx%2BAS6mlUZPYjjAJjr3P0QdkwiNNOyUuB%2Fe5VI1%2Bdk2of2m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e74ea9ecfeb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 9e85c93601e3492752a8504becacb2eb
ac2e63659bab786d8bf3f9da3956aecccc41cdc0
91516b98ab03efed14b7b4d53de9f81d32c1702e7112ba5f71b57328fe7eeb94
GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Sun, 23 Oct 2022 03:15:15 GMT
Etag: 787938fc3ab0bf39df167063104d92f9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=605155233BD5B581; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
93533557591.com/109e604a3c6249d594c56004b700f28c.gif
103.170.15.101200 OK 720 kB URL HTTP/1.1 93533557591.com/109e604a3c6249d594c56004b700f28c.gif
IP 103.170.15.101:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 720 kB (719745 bytes)
Hash a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
Analyzer Verdict Alert quad9 Sinkholed
GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Thu, 20 Oct 2022 20:46:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Length: 719745
kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1837756564&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1837756564&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1837756564&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6529D7A678557470; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7812e5da97c7cb67a88ac756ef58aa71
d3d2bb0940804c3912f773ed6f8091b9220df170
8180b81a2a1f07b4917f5efe9faaa83b3d78affb519b38fed99cc4e0dccac634
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=124040
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:16 GMT
Etag: "6353f34c-117"
Expires: Mon, 24 Oct 2022 13:42:36 GMT
Last-Modified: Sat, 22 Oct 2022 13:42:36 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 12cfd64f476ae1ab5d053e261d156b2f
fe9d29b820da5b83b0cc78d1f03431c09ce53056
d9f2edd0c21802264e0de924aa0492a4df2e8dcddc9eb82538a18bceb3b78d32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 05:53:24 GMT
Expires: Sat, 29 Oct 2022 05:53:23 GMT
Etag: "fe9d29b820da5b83b0cc78d1f03431c09ce53056"
Cache-Control: max-age=527286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea9c945fac0-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1844609368&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1844609368&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1844609368&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9B12E77AA0F2966A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 91164b7133c6e7ac3e9110319081a03d
dda10682cb0d10fb8eac57c9bbc23817e06d3856
c7442a21e979bbe1382f86aca274544bbf6a945a6dec45da0e4fe222b81fbc29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 07:10:51 GMT
Expires: Fri, 28 Oct 2022 07:10:50 GMT
Etag: "dda10682cb0d10fb8eac57c9bbc23817e06d3856"
Cache-Control: max-age=445533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74ea9ec210b55-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2066174615&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2066174615&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2066174615&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5416&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6F963DD5863C5C65; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 64041e03ea46bd5edeb78fe8744daf8f
b6a3c7cd621d194fa4298ed0bf9e023cd9408030
b1bb46114dd0dd9f05c11d6b206a021e69a0f1a322048093d3b972bedea7b769
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 15:45:42 GMT
Expires: Fri, 28 Oct 2022 15:45:41 GMT
Etag: "b6a3c7cd621d194fa4298ed0bf9e023cd9408030"
Cache-Control: max-age=476424,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e74eaafee2b517-OSL
65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
45.61.212.227200 OK 580 kB URL HTTP/1.1 65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
IP 45.61.212.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
Analyzer Verdict Alert quad9 Sinkholed
GET /53218c3090e04eccae534334cb03ed4a.gif HTTP/1.1
Host: 65686232255.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630cc146-8dadb"
Date: Tue, 30 Aug 2022 03:37:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 29 Aug 2022 13:38:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-27
Content-Length: 580315
vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
103.170.15.42200 OK 259 kB URL HTTP/2 vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
IP 103.170.15.42:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (259280 bytes)
Hash 53d090335e8e78b28c5a51a7bcd9f866
42c109960113d98371ae8b95c216ffd7ef1a2fcd
66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc
GET /6218a3c2db7446fb906b0de97f74ff22.gif HTTP/1.1
Host: vcwzfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456f4-3f4d0"
server: nginx
date: Fri, 16 Sep 2022 14:50:52 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:59:00 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-32
content-length: 259280
X-Firefox-Spdy: h2
taiwtp1.com/xin/96060.gif
220.128.218.220200 OK 69 kB URL HTTP/2 taiwtp1.com/xin/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:13:13 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Tue, 22 Nov 2022 03:13:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 704799ae6c5ecf38cb79e16d967e1e3a
8f09db05102c95925c9a6a970f8b4f6c7e424080
b4b825bb582701507a14a12fb56079b9499f01024d3f665719461ace208e9396
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157870
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:16 GMT
Etag: "63547772-117"
Expires: Mon, 24 Oct 2022 23:06:26 GMT
Last-Modified: Sat, 22 Oct 2022 23:06:26 GMT
Server: nginx
Content-Length: 279
img.x969.xyz/images/633d1a785373951e7c36e4d1.gif
23.225.222.2302 Found 45 kB URL HTTP/2 img.x969.xyz/images/633d1a785373951e7c36e4d1.gif
IP 23.225.222.2:0
File type GIF image data, version 89a, 300 x 250\012- data
Hash 27a2817f52fee59d33a011663237afdc
e7d0b357438c2865cebc6c484e5d59bc1f048593
646c480e9b32d6623a25cb02951e9e2be603ff3926511754c6994f29857626fd
GET /images/633d1a785373951e7c36e4d1.gif HTTP/1.1
Host: img.x969.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 704799ae6c5ecf38cb79e16d967e1e3a
8f09db05102c95925c9a6a970f8b4f6c7e424080
b4b825bb582701507a14a12fb56079b9499f01024d3f665719461ace208e9396
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=157870
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 03:15:16 GMT
Etag: "63547772-117"
Expires: Mon, 24 Oct 2022 23:06:26 GMT
Last-Modified: Sat, 22 Oct 2022 23:06:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1884138167&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5417&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1884138167&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5417&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1884138167&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=5417&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurw.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 03:15:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8B5588CE824E6016; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
20.24.200.53200 OK 37 kB URL HTTP/1.1 33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
IP 20.24.200.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7ded2042a95c6c192a2c06e07075236e
1fc93212b6c5296bb2e0b403884c9b37e93c27a6
8095fedc5bd55fab27f9e37eed655234aab58b2925ea2494b04dcf5ae089f699
GET /83ba7e533208445fa097e17c23a48e1c.gif HTTP/1.1
Host: 33869213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Jul 2022 07:53:43 GMT
ETag: W/"62dcfa87-b269"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
20.24.101.60200 OK 37 kB URL HTTP/1.1 u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
IP 20.24.101.60:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 910f18fdc66120d774b5e52a309b0cfd
cf303808e3664ff87c387824d6f32df1df8af56c
01c54f3caed68e21a22c348b63a3e13e26a36ae0625f12d30d704f6d5d49db41
GET /ee2552e0433e4f19ab771ef923ba5299.gif HTTP/1.1
Host: u0053.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 03:15:16 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:58 GMT
ETag: W/"629365a2-92cd"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:13:13 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Tue, 22 Nov 2022 03:13:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
151.101.86.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.86.133:0
Hash 2e1f1a562b5399adcee6268859c97788
5d3350df29df8f68f09da97eff6c34b7695f5995
ab98c1e39eb2c010293df9da7d0024032ad965d15d912c4d39c1b2540530d19d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 27 Oct 2022 02:41:47 GMT
ETag: "5d3350df29df8f68f09da97eff6c34b7695f5995"
Last-Modified: Sun, 23 Oct 2022 02:41:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 03:15:16 GMT
Age: 2008
X-Served-By: cache-qpg1257-QPG, cache-bma1643-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 7, 0
X-Timer: S1666494917.727011,VS0,VE196
unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
103.170.15.107200 OK 112 kB URL HTTP/1.1 unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
IP 103.170.15.107:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 112 kB (112447 bytes)
Hash 41a695940d0c5bd9d1f0ad33ab681ccf
f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6
GET /1000c6da2a3c4746b97daa78f8f1b65f.gif HTTP/1.1
Host: unpfqc9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62935fa0-1b73f"
Date: Sun, 16 Oct 2022 22:11:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 29 May 2022 11:57:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-37
Content-Length: 112447
vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
103.189.108.93200 OK 32 kB URL HTTP/2 vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
IP 103.189.108.93:0
File type GIF image data, version 89a, 320 x 240\012- data
Hash 8e006882641a7a80a721cc7067dcf340
f45892ae4a2e8fccd1aa806c478c8311e9b13bf1
c031c60fa1e0afe9efaa02b19c928f634aaa26a52363b1ba5da0d1c23b4f23ae
GET /7f743b72ee5144caa28f7e1d8a8b2ab9.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456dc-7be1"
server: nginx
date: Mon, 26 Sep 2022 00:05:51 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:58:36 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-083
content-length: 31713
X-Firefox-Spdy: h2
ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg
47.246.44.229200 OK 824 kB URL HTTP/1.1 ali2.a.yximgs.com/udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 824 kB (824465 bytes)
Hash 83a0fbbc5111aed24a0cc5c8de39e8ec
b255f9c8851c05cabf151fd8f2d73c4ff2a071cf
259f28148b6b90e52934d8deafbb2b59f3f0c0df235132b2d3e1fb631e7223ba
GET /udata/music/music_e8632d6b8266409f8a422bac077bba060.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 824465
Connection: keep-alive
Date: Thu, 20 Oct 2022 13:31:47 GMT
Cache-Control: max-age=2592000
Expires: Thu, 27 Oct 2022 13:31:46 GMT
Last-Modified: Wed, 05 Oct 2022 05:47:42 GMT
x-amz-request-id: 11f5c22b3c934910885b0bdfd398d663
x-amz-id-2: fGBhaN0tH5VnuPNHQ9xDmYKsiLe5h0O7KcnDUmN/bfIcoxMhcRLb+YBZMOoV8ps=
Accept-Ranges: bytes
ETag: "83A0FBBC5111AED24A0CC5C8DE39E8EC"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 666272707357587182
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.229
X-Kimg: egae
Ali-Swift-Global-Savetime: 1666272707
Via: cache66.l2nu20-8[0,0,200-0,H], cache8.l2nu20-8[1,0], cache25.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache4.se1[0,0,200-0,H], cache5.se1[2,0]
Age: 222209
X-Cache: HIT TCP_MEM_HIT dirn:2:195548164
X-Swift-SaveTime: Fri, 21 Oct 2022 04:36:31 GMT
X-Swift-CacheTime: 31049716
kwaisign: null
X-Ks-Request-ID: 2ff62c9916664949169108073e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9916664949169108073e
6655cy.com/cdn/ashkad.gif
154.197.15.81200 OK 311 kB URL HTTP/2 6655cy.com/cdn/ashkad.gif
IP 154.197.15.81:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 311 kB (311408 bytes)
Hash 99ed707e8993e93bff73dbb369e89b3e
21d1ef9c09316253b35c31df246c4cef8766df62
99d1c91a54ee659b7055b38390708fb6405f9b8e8f4d70a20616ced03adbfb62
GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: image/gif
content-length: 311408
last-modified: Mon, 15 Aug 2022 08:53:58 GMT
etag: "62fa09a6-4c070"
expires: Tue, 22 Nov 2022 02:10:12 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0
43.129.255.47200 OK 246 kB URL HTTP/2 p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 120\012- data
Size 246 kB (245730 bytes)
Hash e7c9418cc4b1db452845d03cb45877a6
d0706feced92a11abc2cb112d7f031238fd614e9
6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b
GET /qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 23 Oct 2022 03:15:16 GMT
content-type: image/gif
content-length: 245730
vary: Accept,Origin
last-modified: Sun, 02 Oct 2022 13:04:42 GMT
cache-control: max-age=2592000
x-delay: 30878 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 245730
chid: 0
fid: 0
x-nws-log-uuid: 0936e48f-8677-4682-ac04-3f077264f250
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a1a125e5ddf3e2808aeefc17cc93a3a
b62bb2b3019adceb85ec05183201cf1442b0da97
5d60ae79f9d810fc84f09be8b03a702460b1ea2fbea7a3423378590e3b0ce406
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 23 Oct 2022 03:15:17 GMT
Last-Modified: Sat, 22 Oct 2022 23:18:51 GMT
ETag: "63547a5b-1d7"
Expires: Mon, 24 Oct 2022 23:18:51 GMT
Cache-Control: max-age=158614
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1666494917
Via: cache3.l2de2[504,504,200-0,M], cache3.l2de2[520,0], cache7.se1[541,540,200-0,M], cache7.se1[541,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 23 Oct 2022 03:15:17 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16664949170023225e
si1.go2yd.com/get-image/0wut3IuOIN0
58.254.180.65200 OK 51 kB URL HTTP/2 si1.go2yd.com/get-image/0wut3IuOIN0
IP 58.254.180.65:0
ASN #136958 China Unicom Guangdong IP network
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7a02a69b00eebfc2977f6d8417cf8141
2203e026eacda489b6e3aa673d5c14bb1526a6dd
e994a6c450acbc20fdca555a5a30d15af3af102f608bbd8a6a5bd295a1ee41ac
GET /get-image/0wut3IuOIN0 HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 23 Oct 2022 03:15:17 GMT
content-type: image/gif
content-length: 50826
last-modified: Sun, 09 Jan 2022 13:06:09 GMT
etag: "7a02a69b00eebfc2977f6d8417cf8141"
age: 306636
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80ha4obs6l5hib1npolkgidlol
content-md5: egKmmwDuv8KXf22EF8+BQQ==
timing-allow-origin: *
ohc-cache-hit: gz3un50 [2], zhuzuncache50 [4], bdix189 [1]
ohc-file-size: 50826
x-cache-status: HIT
X-Firefox-Spdy: h2
www.pgurw.xyz/template/pgysvip/css/zui.css
173.231.17.179200 OK 0 B URL HTTP/2 www.pgurw.xyz/template/pgysvip/css/zui.css
IP 173.231.17.179:0
GET /template/pgysvip/css/zui.css HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 03:05:22 GMT
vary: Accept-Encoding
etag: W/"62621b72-16462"
expires: Sun, 23 Oct 2022 15:15:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.pgurw.xyz/template/pgysvip/css/ate.css
173.231.17.179200 OK 0 B URL HTTP/2 www.pgurw.xyz/template/pgysvip/css/ate.css
IP 173.231.17.179:0
GET /template/pgysvip/css/ate.css HTTP/1.1
Host: www.pgurw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurw.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 03:15:14 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Sun, 23 Oct 2022 15:15:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2