Report - ineedf.com/

Report Overview

Submitted URL
ineedf.com/
IP
67.201.6.200
ASN
#3257 GTT Communications Inc.
Submitted
2022-12-07 18:40:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ttsetupian.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	247 kB	188.114.97.1
8499483.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	331 kB	172.247.109.207
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.9 kB	104.18.32.68
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	696 B	3.7 kB	95.100.107.173
cdn.staticfile.org	46426	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	81 kB	47.246.44.211
lbfm.lbpictupian.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	220 kB	104.22.12.214
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	73 kB	103.235.46.191
www.pgsje.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	621 kB	173.231.17.179
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	284 B	750 B	39.156.68.163
p3.douyinpic.com	23536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	569 kB	47.246.44.229
8499683.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	421 kB	172.247.109.205
cdn.jsjsjs.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	407 kB	104.21.63.42
www.yssydh.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	48 kB	104.21.23.48
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.3 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.49.154
fmlb.netlbtu.com	187701	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	559 kB	172.247.77.90
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
taiwtp1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	278 kB	220.128.218.220
6655cy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	314 B	154.197.16.179
8499583.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	91 kB	23.224.101.34
ineedf.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	195 B	67.201.6.200
www.ineedf.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	4.4 kB	67.201.6.200
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	114 B	182.61.201.94
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	23.36.77.32
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	3.7 kB	104.18.32.68
362728tdg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	720 kB	45.61.212.46
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.digicert.cn	37572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	1.1 kB	47.246.44.205
kveww.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	422 B	104.143.94.110
2588qq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	785 kB	103.170.15.94
img.1202555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	833 kB	185.239.226.87
img.1203555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	182 B	185.239.226.87
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	3.8 kB	104.18.21.226
ocsp.buypass.com	157566	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.2 kB	23.36.76.129
pg.doitalie.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	869 B	2.5 kB	20.187.123.222

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	2588qq.com	Sinkholed
2022-12-07	medium	2588qq.com	Sinkholed
2022-12-07	medium	362728tdg.com	Sinkholed

JavaScript (25)

	URL	Size	First Seen	Last Seen
	www.ineedf.com/tj.js	520 B	2023-03-07	2023-03-17
Pretty URL www.ineedf.com/tj.js IP 67.201.6.200 ASN #3257 GTT Communications Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-17 09:25:02 Times Seen1 Hash 29ae705b67845821aeb5514a7bc73371 f4367767b44e9011d41e29176ac25ac30d813fbd 1b01cb5c7ea41436d9f4707b1289b4152033dae5d5a89089d348fcc6f7bf3e80 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-19
Pretty URL push.zhanzhang.baidu.com/push.js IP 39.156.68.163 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 20:46:59 Times Seen18960 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	www.pgsje.xyz/template/pgysvip/html9/ad/zxf88.js	614 B	2023-03-07	2023-03-17
Pretty URL www.pgsje.xyz/template/pgysvip/html9/ad/zxf88.js IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-17 12:53:52 Times Seen1 Hash 5544a44cad5faf09138fde07c5d2ff1a b435357e5621bc4c023c289943638f84c560f644 e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8 Loading...

	hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:06:21 Last Seen2023-03-08 21:06:21 Times Seen1 Hash 8278fcaf8da1274a59f4003c2c1a4210 3ed545198cabd81b0fca6d39928c4900f1498c7d ba140e01df7248ca094b9a30d65fb067eb0fc24c90a2f1f84f45413d4e5f4e66 Loading...

	hm.baidu.com/hm.js?c1479d5915918e835700b15c96ba2372	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?c1479d5915918e835700b15c96ba2372 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:06:21 Last Seen2023-03-08 21:06:21 Times Seen1 Hash 959dca4cc3aad93dd016049985b55498 c187295f44aed4b5ef627d0c2b5014ff062ba3fa fd78ed80fa1bf8408b46f6f5c41496d63dec56fdd4405ce71020487ecbacadce Loading...

	cdn.staticfile.org/jquery/1.9.1/jquery.js	268 kB	2023-03-07	2024-04-19
Pretty URL cdn.staticfile.org/jquery/1.9.1/jquery.js IP 47.246.44.211 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:57 Last Seen2024-04-19 07:08:13 Times Seen43935 Hash 08c235d357750c657ac1db7d1cf656a9 9257afd2d46c3a189ec0d40a45722701d47e9ca5 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40 Loading...

	www.pgsje.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgsje.xyz/ IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash a6e45831c0e5008c704b8f06607d4693 22369aa571a9d1bbeb8bc6245b9a44f70a52c7a8 9f6afe3289f88072053e3911de6b95100b3e4b51470dfb073989034e7f2dd707 Loading...

	hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:06:21 Last Seen2023-03-08 21:06:21 Times Seen1 Hash 2191e6138b5037513b55ee1230b1be74 97dc76197b18bfcee03574343a6d52cfae8d02f5 5218317fd59efb011a61e573a9b224f06d57fb1ee350eebe12802f203b9577c5 Loading...

	hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:06:21 Last Seen2023-03-08 21:06:21 Times Seen1 Hash 03e723a7aac1010685c4fbe5700ad50c de4eaa6909b151d8af8bc8aaacbeb52cfc80e7c9 f8e5d9a99ba945253eadf07cfc12078a4b7b61eb6c5ca9ec1ae2736d7ee1aa86 Loading...

	pg.doitalie.com/news/data.php	304 B	2023-03-08	2023-03-11
Pretty URL pg.doitalie.com/news/data.php IP 20.187.123.222 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:58 Last Seen2023-03-11 22:26:38 Times Seen1 Hash e39b76f440cbbda3a1f133991131ff97 bb4f486c21b8394af2b92344de33cb398c011b8e ef84352e81c6452457b0f557d6053c8854d19726f5a38b6ad869e0a4f7a7cac2 Loading...

	www.pgsje.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgsje.xyz/ IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 28c1ae84e70f33425fd999c791ee3dbf 2dec8b0a53819d07f33169d7cc52870499686150 d57c7ad00a438cf92657799ee14adc23a172f9ae57e897dd08aaa278fdd9f5c9 Loading...

	www.pgsje.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgsje.xyz/ IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 7b57b693d764afd14b850e634ceb4dc5 1babd76f0725a7d134c882ed8a8b9aa2f7d91455 438193789ec9443d24e904f4032802401361c5aee6e8537afc301a4af5cff5af Loading...

	hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:06:21 Last Seen2023-03-08 21:06:21 Times Seen1 Hash a1094f11e8c8f179434a9a3ec9bb6f57 c19c782eafb36ca1c8ada031926224230e8d5146 426c870c9f4255dc030a889bb07fdbe563a9b5c2c732482aa0e8aaca43fd08f7 Loading...

	www.ineedf.com/index.php	404 B	2023-03-07	2024-04-18
Pretty URL www.ineedf.com/index.php IP 67.201.6.200 ASN #3257 GTT Communications Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 08:01:19 Times Seen2975 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.ineedf.com/common.js	3.1 kB	2023-03-07	2023-04-16
Pretty URL www.ineedf.com/common.js IP 67.201.6.200 ASN #3257 GTT Communications Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-04-16 14:51:12 Times Seen7 Hash 33649c66b9a6a9b9891a3e24deec2e3f e3740e085b436cd76dd7fe301db043d236c9ede3 16dcb8ce59dfa9e474a91736c1d9ff7b4ee1830f165e517b3d5b4e110236d186 Loading...

	www.pgsje.xyz/template/pgysvip/js/jquery.config.js	5.2 kB	2023-03-07	2023-07-10
Pretty URL www.pgsje.xyz/template/pgysvip/js/jquery.config.js IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-07-10 06:46:32 Times Seen30 Hash 242f88320e2fab8358422f78a0ba3513 079ab5ea8453c12cd23d7893c2cf4f2bf3f973e5 3307ac2d9b16148f210070834055add1db4b8e0fd046fa3045ef1d9eee64cdd4 Loading...

	www.pgsje.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgsje.xyz/ IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 6c6c25f97b8fb687803d97c0e38848bc e2b22fee96d32254461606df4b3141f5111401c0 e502f6b7667b4baaf00ea8661e9542ab781f926ad85e56b9dfa6b280a3b5eeda Loading...

	hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:06:21 Last Seen2023-03-08 21:06:21 Times Seen1 Hash 07f67b75470208236d2a930a6a76f55d 00b62d48a7fc73f2d620bee6cab787317f5baa79 fa32948418e712609461ecf6fbb4ea1d5a35aa461698d444263952ec6b89d122 Loading...

		Size	First Seen	Last Seen
	#1 Write - 541fdbf27fee487a6a7abc7bea135420	87 B	2023-03-07	2024-04-03
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-03 10:05:58 Times Seen1031 Hash 541fdbf27fee487a6a7abc7bea135420 25b31600313f8e557d0c9c863dc9bdec7cf69ff8 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9 Loading...

	#2 Write - 47f289a5cafd63d486ff2559f067731b	182 B	2023-03-07	2023-04-16
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2023-04-16 14:51:12 Times Seen5 Hash 47f289a5cafd63d486ff2559f067731b 0660b615f9c2ef7f49bc0702530e99fc825b5b10 d11ba4e523ac4988ae751c55dd6429af48a06e3cf158a7f5a4115a3676778a14 Loading...

	#3 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 22:58:45 Times Seen11422 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#4 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-19 06:49:25 Times Seen3761 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#5 Write - f354e4723d6f8a8c55507076f1ede231	318 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-17 12:53:52 Times Seen1 Hash f354e4723d6f8a8c55507076f1ede231 0c65fe89c03b5054ef4b052d320b3bb1b2f0298f 7e04099921ecc9c0597e2fba4001c974fe4dd405733b40ab6a5a85397d4fd2be Loading...

	#6 Write - 78ac2aa5ccc29c90a345c90aab40b442	103 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-19 17:37:58 Times Seen2026 Hash 78ac2aa5ccc29c90a345c90aab40b442 cac604932faa4add2955602b41de8a8bff362ebd 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e Loading...

	#7 Write - 59cf81439a8bf9b569e5577fe5aa0de8	77 B	2023-03-07	2024-04-03
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-03 10:05:58 Times Seen1648 Hash 59cf81439a8bf9b569e5577fe5aa0de8 7310f3ea09ddff6601e9da7bf0665b0edd6d1435 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4 Loading...

HTTP Transactions (128)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2630c6482aef4e822d6634e417f65ab6
6bd1264568eb9647d1665e51521b3bfc15d4df4a
e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8913
Expires: Wed, 07 Dec 2022 21:08:57 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6214
Expires: Wed, 07 Dec 2022 20:23:58 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive

ineedf.com/

67.201.6.200

301 Moved Permanently

0 B

URL HTTP/1.1
ineedf.com/
IP
67.201.6.200:0
ASN
#3257 GTT Communications Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Dec 2022 18:40:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.ineedf.com/index.php

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 18:08:04 GMT
content-type: application/json
age: 1940
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Wed, 07 Dec 2022 19:30:43 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: l2ZDTZdpxSlSIP55W5WK6OLd1UWGxbYiJcoObjo81TirddEzbGHKYmxGR6y9Hg1odmt0SSW2P7Ho8dTvFqee8A==
x-amz-request-id: 67G7C90HQ2KVD57F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 17:49:27 GMT
age: 3057
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 18:07:55 GMT
age: 1950
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.ineedf.com/index.php

67.201.6.200

200 OK

785 B

URL HTTP/1.1
www.ineedf.com/index.php
IP
67.201.6.200:0
ASN
#3257 GTT Communications Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
785 B (785 bytes)
Hash
87a932dbaf0eee1bfb6df690ed7b9aed
092d744a2884eb7c4d2c7c32fc040aa6a9f73731
fbde109ffd915e449d89b4b70f062e63dcae86396ff37134094798575833b1f8

HTTP Headers

GET /index.php HTTP/1.1
Host: www.ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 18:40:24 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2888
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:25 GMT
Last-Modified: Wed, 07 Dec 2022 17:52:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

www.ineedf.com/tj.js

67.201.6.200

200 OK

520 B

URL HTTP/1.1
www.ineedf.com/tj.js
IP
67.201.6.200:0
ASN
#3257 GTT Communications Inc.

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
29ae705b67845821aeb5514a7bc73371
f4367767b44e9011d41e29176ac25ac30d813fbd
1b01cb5c7ea41436d9f4707b1289b4152033dae5d5a89089d348fcc6f7bf3e80

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

push.services.mozilla.com/

35.163.49.154

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.49.154:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8m6V0KjaYbwPYDbG4BPslA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J+WKE02tDZuZwYWW/s32meNsph4=

www.ineedf.com/common.js

67.201.6.200

200 OK

1.1 kB

URL HTTP/1.1
www.ineedf.com/common.js
IP
67.201.6.200:0
ASN
#3257 GTT Communications Inc.

File type
HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Size
1.1 kB (1093 bytes)
Hash
b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e

HTTP Headers

GET /common.js HTTP/1.1
Host: www.ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.ineedf.com/favicon.ico

67.201.6.200

200 OK

1.2 kB

URL HTTP/1.1
www.ineedf.com/favicon.ico
IP
67.201.6.200:0
ASN
#3257 GTT Communications Inc.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 12 Dec 2022 18:40:25 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

push.zhanzhang.baidu.com/push.js

39.156.68.163

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
39.156.68.163:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 07 Dec 2022 18:40:26 GMT
Etag: "4078521116"
Expires: Thu, 07 Dec 2023 18:40:26 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=DA85BA4AA3F447D39E8ED86B3FE0C414:FG=1; max-age=31536000; expires=Thu, 07-Dec-23 18:40:26 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
07a4d97841cf6c4d06d7ac0d333f3e68
4d297351f346dc84af86524a1e313fc45e88f7dd
fd3cf4a7ac9b4326441493cdc8e200d3ed721efe9a02f380e326a3c48251f8ea

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:42:44 GMT
ETag: "4d297351f346dc84af86524a1e313fc45e88f7dd"
Last-Modified: Wed, 07 Dec 2022 17:42:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1296
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775f63c5ddcb09a4-ARN

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
07a4d97841cf6c4d06d7ac0d333f3e68
4d297351f346dc84af86524a1e313fc45e88f7dd
fd3cf4a7ac9b4326441493cdc8e200d3ed721efe9a02f380e326a3c48251f8ea

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:42:44 GMT
ETag: "4d297351f346dc84af86524a1e313fc45e88f7dd"
Last-Modified: Wed, 07 Dec 2022 17:42:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1296
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775f63c5fdf709a4-ARN

api.share.baidu.com/s.gif?l=http://www.ineedf.com/index.php

182.61.201.94

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.ineedf.com/index.php
IP
182.61.201.94:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.ineedf.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 07 Dec 2022 18:40:26 GMT

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1701 bytes)
Hash
65e7308aafaf8e4dfa840cf187e7ff1a
c4f212696299f03bae63e2e2ad9f5f7ffe8142f8
939853dce868cd0b88b6327a10df63c921c2d00eef820e6668522a297dd4f493

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 4493ba1d-7484-489e-b600-634bf93419fa
Content-Length: 1701
Date: Wed, 07 Dec 2022 18:40:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4892
Expires: Wed, 07 Dec 2022 20:01:58 GMT
Date: Wed, 07 Dec 2022 18:40:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8701 bytes)
Hash
604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 74313
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 78652
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
22e3174edbfe337cc29266cc38abb51e
80283cb298a1b2326620be406ee3daa42ee0b3ef
520858a9d9540d5768988d0ebb04f0162ded5eb9cd8f4718989b033d04702111

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 3b64a1cf-0ad7-4ecf-a25e-ca65c06330ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVFcECMoAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6889-42dde2da60f083383ab06b82;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qRfO2pJfTDGteBczJUQoyy49rrUyN5BYhJuadhIbwxyoAR2Vjl6x6A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 15:56:10 GMT
age: 9856
etag: "80283cb298a1b2326620be406ee3daa42ee0b3ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 36455
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KkP8o_5GoqAukEAUkPrvsHE0v_36vO0wI7_97kvnUkqYc4ziC7UPpw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 16:47:32 GMT
age: 6774
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7392 bytes)
Hash
c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 55485
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11255 bytes)
Hash
006b9d6298379b784fda06d6edfdc28a
b036669b31294bc343df140e765eb39e1d143f7a
0c5299dd64d6a2a1374c13f0604b39a039f1916d95486c525c65d0523cdf2525

HTTP Headers

GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:26 GMT
Etag: af6e1ead49b663dd61b44064ab25fcf3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=92810A5477037C1C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?c1479d5915918e835700b15c96ba2372

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?c1479d5915918e835700b15c96ba2372
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
1ae74f90d75c4c6f94ce5ce62413b733
18a804c2c5a52c58c81385c3fb240b4d9eaa6ca8
6800186ab19218de3f59fe76d26ab1775550225e757246c1b5553911ab9bbf71

HTTP Headers

GET /hm.js?c1479d5915918e835700b15c96ba2372 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:27 GMT
Etag: 4fb7a56baccaa11f64fbb556b2b1953d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=041B7C34877AA240; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108497757&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108497757&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108497757&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:27 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D60B54B682FCA65D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692289395&si=c1479d5915918e835700b15c96ba2372&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692289395&si=c1479d5915918e835700b15c96ba2372&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692289395&si=c1479d5915918e835700b15c96ba2372&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:27 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EAFFFB723842F9D4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
315b53cfa6e9348ca664ca68604a1361
7d86d4ccd0a4844b05a3c8e336b1cd3254619c57
e225cf1f518ee34ab02d7d3fb657f577e812288effe64138a4de20d69814ce14

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E225CF1F518EE34AB02D7D3FB657F577E812288EFFE64138A4DE20D69814CE14"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Thu, 08 Dec 2022 00:39:49 GMT
Date: Wed, 07 Dec 2022 18:40:28 GMT
Connection: keep-alive

www.pgsje.xyz/template/pgysvip/css/honglou.png

173.231.17.179

200 OK

19 kB

URL HTTP/2
www.pgsje.xyz/template/pgysvip/css/honglou.png
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Size
19 kB (19004 bytes)
Hash
d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e

HTTP Headers

GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Fri, 06 Jan 2023 18:40:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pgsje.xyz/template/pgysvip/images/1.gif

173.231.17.179

200 OK

254 B

URL HTTP/2
www.pgsje.xyz/template/pgysvip/images/1.gif
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Fri, 06 Jan 2023 18:40:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pgsje.xyz/template/pgysvip/html9/ad/zxf88.js

173.231.17.179

200 OK

614 B

URL HTTP/2
www.pgsje.xyz/template/pgysvip/html9/ad/zxf88.js
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
614 B (614 bytes)
Hash
5544a44cad5faf09138fde07c5d2ff1a
b435357e5621bc4c023c289943638f84c560f644
e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8

HTTP Headers

GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: application/javascript
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e78abbd1369275e84f9035979c8c3215
dd6ddd82cbc956f53598dcfb9df0a740359f5b84
dfbf0f08619fffa9a1ccf4265dd6edeedcc8593b3186c309a559908fda813698

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 07 Dec 2022 18:40:30 GMT
Last-Modified: Wed, 07 Dec 2022 12:37:08 GMT
ETag: "639088f4-1d7"
Expires: Fri, 09 Dec 2022 12:37:08 GMT
Cache-Control: max-age=150998
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670438430
Via: cache5.l2de2[277,276,200-0,M], cache5.l2de2[279,0], cache5.se1[299,299,200-0,M], cache5.se1[300,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 07 Dec 2022 18:40:30 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916704384297972138e

cdn.staticfile.org/jquery/1.9.1/jquery.js

47.246.44.211

200 OK

80 kB

URL HTTP/1.1
cdn.staticfile.org/jquery/1.9.1/jquery.js
IP
47.246.44.211:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
ASCII text
Size
80 kB (80123 bytes)
Hash
a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab

HTTP Headers

GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Wed, 07 Dec 2022 06:32:46 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: uxsAAADmCKgwby4X
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1670394766
Via: cache15.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[2,0]
Content-Encoding: gzip
Age: 43664
X-Cache: HIT TCP_MEM_HIT dirn:3:180680166
X-Swift-SaveTime: Wed, 07 Dec 2022 06:32:51 GMT
X-Swift-CacheTime: 86395
Timing-Allow-Origin: *
EagleId: 2ff62c9b16704384301067928e

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2019/11-08/03/v3hlukecolc0314v3hlukecolc473777.jpg

104.22.12.214

200 OK

6.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/v3hlukecolc0314v3hlukecolc473777.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.8 kB (6788 bytes)
Hash
2637db754435102a2a11e539b6640522
2f5f8ba4fc91107bf39efab51c8cb40cd80ea4d6
c19bac8bd022c0383ba12005e2a320627aa99c6e6957ddfcdc362d720e305175

HTTP Headers

GET /upload/vod/2019/11-08/03/v3hlukecolc0314v3hlukecolc473777.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 6788
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9158
content-disposition: inline; filename="v3hlukecolc0314v3hlukecolc473777.webp"
etag: "5dc46d27-23c6"
last-modified: Thu, 07 Nov 2019 19:14:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791009ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/b5uqymlwqc0.jpg

104.22.12.214

200 OK

7.0 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/b5uqymlwqc0.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.0 kB (6964 bytes)
Hash
f17c01b7a000ae82ef361d65c9ec3676
c1818b252f1cbb7353d8bcfb8972b291bebd444b
37ed0f00ff16a64489f133ae2994cc1056398fd31905232ca2b53eb75f5fc6d8

HTTP Headers

GET /upload/vod/2022/12/b5uqymlwqc0.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 6964
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8407
content-disposition: inline; filename="b5uqymlwqc0.webp"
etag: "639048a5-20d7"
last-modified: Wed, 07 Dec 2022 08:02:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1403
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791b09ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/rxehrkxkynl.jpg

104.22.12.214

200 OK

3.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/rxehrkxkynl.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.8 kB (3758 bytes)
Hash
e5c4f2270898ac2fb03b770bd0b94e19
e5d525cbfb67643cc52a4769eaf2b40b49615691
38ad5080df98b6f687bf6720c932da1ec8bb68bcc41967f8805a3557413ee389

HTTP Headers

GET /upload/vod/2022/12/rxehrkxkynl.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 3758
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5502
content-disposition: inline; filename="rxehrkxkynl.webp"
etag: "63904904-157e"
last-modified: Wed, 07 Dec 2022 08:04:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791409ad-ARN
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2022/12/hzzmm3jijcm.jpg

104.22.12.214

200 OK

7.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/hzzmm3jijcm.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.9 kB (7868 bytes)
Hash
9d57ee133d46e7fd1f6a03397a628106
fa95f42275eaf04330b56e16706fff443c09c7e5
4fedc41f81bdbb0e8c0ff3cf4ffdd081c6e69a7486e8975fa5a21012dcdc95e1

HTTP Headers

GET /upload/vod/2022/12/hzzmm3jijcm.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7868
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9038
content-disposition: inline; filename="hzzmm3jijcm.webp"
etag: "638e4250-234e"
last-modified: Mon, 05 Dec 2022 19:11:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4730
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791c09ad-ARN
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2019/11-08/03/3eqxjuqqdih03123eqxjuqqdih043495.jpg

104.22.12.214

200 OK

9.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/3eqxjuqqdih03123eqxjuqqdih043495.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.2 kB (9232 bytes)
Hash
659989567c92d5ec315a971732d72fbe
197de010efd20293afc87eece430b1b90d743855
89b15c020599e788920a8ea26ce904d37ba66440c7abc9d320b08ff4a426977c

HTTP Headers

GET /upload/vod/2019/11-08/03/3eqxjuqqdih03123eqxjuqqdih043495.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 9232
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10033
content-disposition: inline; filename="3eqxjuqqdih03123eqxjuqqdih043495.webp"
etag: "5dc46c84-2731"
last-modified: Thu, 07 Nov 2019 19:12:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3755
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791209ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/04-23/00/5ikyvjaoxjk00055ikyvjaoxjk2710025.jpg

104.22.12.214

200 OK

7.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/5ikyvjaoxjk00055ikyvjaoxjk2710025.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.5 kB (7544 bytes)
Hash
b224ad1be5bc5cdab2eb67adf52bea55
a831809fe9e9cc0c461ce80f418e09201d473896
e4026e466d04f689c039a3a2c86939e17725f6b308c061cf132a2368fa3b8413

HTTP Headers

GET /upload/vod/2020/04-23/00/5ikyvjaoxjk00055ikyvjaoxjk2710025.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7544
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8685
content-disposition: inline; filename="5ikyvjaoxjk00055ikyvjaoxjk2710025.webp"
etag: "5ea06b47-21ed"
last-modified: Wed, 22 Apr 2020 16:05:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd790e09ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/iipfdukawpu.jpg

104.22.12.214

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/iipfdukawpu.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10814 bytes)
Hash
11b3f7703959afbb922c030d1d878838
747715a70edfd513315ce008e9696404a7d106b7
0d4252ab4c32d2fca92bd17789de006d0ca634b8575ce948048aa8f9199c8194

HTTP Headers

GET /upload/vod/2022/12/iipfdukawpu.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 10814
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12137
content-disposition: inline; filename="iipfdukawpu.webp"
etag: "6390489d-2f69"
last-modified: Wed, 07 Dec 2022 08:02:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 202
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791709ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/zy0cmbbpyip.jpg

104.22.12.214

200 OK

5.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/zy0cmbbpyip.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.7 kB (5728 bytes)
Hash
9ee8142d610194fd43b3a6252e7a1f26
c0cbbc52895f7c757cb3f864b72588fc9e1f32e9
6957799e8581bfe03bcd7a10a0248cf13dfef01fd8f7a3db038d001219eae619

HTTP Headers

GET /upload/vod/2022/12/zy0cmbbpyip.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 5728
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8150
content-disposition: inline; filename="zy0cmbbpyip.webp"
etag: "6390490e-1fd6"
last-modified: Wed, 07 Dec 2022 08:04:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791609ad-ARN
X-Firefox-Spdy: h2

www.pgsje.xyz/template/pgysvip/js/jquery.config.js

173.231.17.179

200 OK

2.2 kB

URL HTTP/2
www.pgsje.xyz/template/pgysvip/js/jquery.config.js
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
data
Size
2.2 kB (2213 bytes)
Hash
7476f03daa075d6adfb3818bc25980d9
78b587fda39562fa2f781d67cc793ef473ba0ce3
a8a4828feb3091a307e635fa3d82ff6ef02f8413394b0b4bdd2f5c1e2ab0713e

HTTP Headers

GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/2vrrwgkceag.jpg

104.22.12.214

200 OK

5.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/2vrrwgkceag.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.5 kB (5474 bytes)
Hash
7307b6cfea1824e98c9eba784ea2ecd8
953fd7ffa450d7d99060c8ea513a5bed40bc93e4
1953822f05054fcf7d6b255b4bcf7263855ad0681b915dfba523979ca3f1b8ff

HTTP Headers

GET /upload/vod/2022/12/2vrrwgkceag.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 5474
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7478
content-disposition: inline; filename="2vrrwgkceag.webp"
etag: "639048a0-1d36"
last-modified: Wed, 07 Dec 2022 08:02:40 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6302
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791809ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/g01i4bae5ec.jpg

104.22.12.214

200 OK

9.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/g01i4bae5ec.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
9.4 kB (9442 bytes)
Hash
b9eca6a709520b4c0e1b34ed604ce0b0
850e9977393158d29c1458b51541972e7d5e0799
d213083dcea99c84b9120a365fdb2ddbf801059c11b779250e827f0d4a730da3

HTTP Headers

GET /upload/vod/2022/12/g01i4bae5ec.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/jpeg
content-length: 9442
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10089, status=webp_bigger
etag: "638e4255-2769"
last-modified: Mon, 05 Dec 2022 19:11:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63dd791e09ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/04-23/00/nb203afryap0005nb203afryap3010033.jpg

104.22.12.214

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/nb203afryap0005nb203afryap3010033.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10896 bytes)
Hash
213f5162016be70eb1ee8fabeadba21f
062927411aedeec5c68b2d3cadcaa3786dc2ddc7
ffb3892f3b16724d41831a552b113344930eb18ea9429b1d86e579b9dc830d82

HTTP Headers

GET /upload/vod/2020/04-23/00/nb203afryap0005nb203afryap3010033.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 10896
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12120
content-disposition: inline; filename="nb203afryap0005nb203afryap3010033.webp"
etag: "5ea06b4a-2f58"
last-modified: Wed, 22 Apr 2020 16:05:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd792109ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/04-23/00/s5tkhrc2j3e0005s5tkhrc2j3e3110035.jpg

104.22.12.214

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/s5tkhrc2j3e0005s5tkhrc2j3e3110035.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (11464 bytes)
Hash
55dc2c777bdf2d628f26a3453158b358
51e56e9e4d9642ea8058c7b3be7fcd4e49467772
30bd2c77455764e18bfef16e9f5f7d5faed9c905ed155b12428267280493c6f8

HTTP Headers

GET /upload/vod/2020/04-23/00/s5tkhrc2j3e0005s5tkhrc2j3e3110035.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 11464
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12182
content-disposition: inline; filename="s5tkhrc2j3e0005s5tkhrc2j3e3110035.webp"
etag: "5ea06b4b-2f96"
last-modified: Wed, 22 Apr 2020 16:05:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893a09ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/04-23/00/oedcgnlwu1k0005oedcgnlwu1k2810027.jpg

104.22.12.214

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/oedcgnlwu1k0005oedcgnlwu1k2810027.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
11 kB (11026 bytes)
Hash
68c7192904436b0cfe3c55eae2273cc7
a17bcb0b04c6232509c8aac59ed7e450361d9d97
1d0149ab6edbe20effab89bd0a82f36093ac3b19f0bd8fe1b4a4009b7f6c394a

HTTP Headers

GET /upload/vod/2020/04-23/00/oedcgnlwu1k0005oedcgnlwu1k2810027.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/jpeg
content-length: 11026
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11628, status=webp_bigger
etag: "5ea06b48-2d6c"
last-modified: Wed, 22 Apr 2020 16:05:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63dd792009ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/4ra1u1y3you.jpg

104.22.12.214

200 OK

6.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/4ra1u1y3you.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.8 kB (6778 bytes)
Hash
9dc325bef23f430a1792f83c9b45fe96
985814aea3020b6cb8335246ee0105cf720abb39
1ab3eae93d9793ca292ed8caad7c84dec63312a1bd43eecbc1d260e6c5b7b183

HTTP Headers

GET /upload/vod/2022/12/4ra1u1y3you.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 6778
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8915
content-disposition: inline; filename="4ra1u1y3you.webp"
etag: "63904909-22d3"
last-modified: Wed, 07 Dec 2022 08:04:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791509ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/piswl1bs31h.jpg

104.22.12.214

200 OK

7.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/piswl1bs31h.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.4 kB (7390 bytes)
Hash
50e2a68979361aea20f4764f266d8b11
dfe9f88aabe2ac74f3fabe0178c1ab774c9987d9
1b995b540a6fafe4e9ed8402cd19a3d36b6ee30e9a134467f0f6d1c90f40970c

HTTP Headers

GET /upload/vod/2022/12/piswl1bs31h.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7390
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8775
content-disposition: inline; filename="piswl1bs31h.webp"
etag: "639040fd-2247"
last-modified: Wed, 07 Dec 2022 07:30:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4855
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893e09ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/nrk4mgwava0.jpg

104.22.12.214

200 OK

8.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/nrk4mgwava0.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.3 kB (8338 bytes)
Hash
c253a3c1b45c9fc022351a34f9210eb0
75407c5538f2a5ce3286f38804a787a1d998daed
e7b415f10b40e4973ad698384cd859c80c07a6c699588feac6f23774188d3134

HTTP Headers

GET /upload/vod/2022/12/nrk4mgwava0.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 8338
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9696
content-disposition: inline; filename="nrk4mgwava0.webp"
etag: "63904102-25e0"
last-modified: Wed, 07 Dec 2022 07:30:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd894009ad-ARN
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3894248ea576b69eee1462b4a4b58489
82794005696c6f5ecba30f740739c1691efe97a3
3a0709907a646c47c86479890366a272efa5fd4c737269b5b551e8b09a0c3f51

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=111396
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fee42-117"
Expires: Fri, 09 Dec 2022 01:37:06 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:06 GMT
Server: nginx
Content-Length: 279

www.pgsje.xyz/template/pgysvip/images/video-mask.png

173.231.17.179

200 OK

107 B

URL HTTP/2
www.pgsje.xyz/template/pgysvip/images/video-mask.png
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

HTTP Headers

GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Fri, 06 Jan 2023 18:40:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/04-23/00/ws20ohbtb2l0005ws20ohbtb2l3210037.jpg

104.22.12.214

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/ws20ohbtb2l0005ws20ohbtb2l3210037.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (11988 bytes)
Hash
ca1850273b2019ba4750730ddfc46164
c0d85a72f1a136a9aa7699cfa55637b9d613b705
5a135eae6e03db79d28d42e43378153a70dc6ac1969106f9464309041392c4d3

HTTP Headers

GET /upload/vod/2020/04-23/00/ws20ohbtb2l0005ws20ohbtb2l3210037.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 11988
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12513
content-disposition: inline; filename="ws20ohbtb2l0005ws20ohbtb2l3210037.webp"
etag: "5ea06b4c-30e1"
last-modified: Wed, 22 Apr 2020 16:05:32 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893c09ad-ARN
X-Firefox-Spdy: h2

pg.doitalie.com/news/data.php

20.187.123.222

200 OK

1.8 kB

URL HTTP/2
pg.doitalie.com/news/data.php
IP
20.187.123.222:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1765 bytes)
Hash
c8aec4934cf635a28bef050087663e0c
543b8f896914b26bd82c2c7f6bb8da723c6cca82
19f0fba4a256ff4b4abff99b044ca5d7523b5b01bb0df7505bd1af51cdf7e9ce

HTTP Headers

GET /news/data.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 07 Dec 2022 18:40:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000g
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/123fmbnmpw5.jpg

104.22.12.214

200 OK

7.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/123fmbnmpw5.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.1 kB (7106 bytes)
Hash
12935d934cdee2344911386d168319b6
8e5074c84f5aab77b0ee5255a889da51a3fd0389
955247681b29e43e3ff3f79aabce36c016ce9d6e3bd33a445da703a8b25b0473

HTTP Headers

GET /upload/vod/2022/12/123fmbnmpw5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7106
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8017
content-disposition: inline; filename="123fmbnmpw5.webp"
etag: "6390410e-1f51"
last-modified: Wed, 07 Dec 2022 07:30:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2397
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63ddb97509ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/g1uh0pvcelo.jpg

104.22.12.214

200 OK

5.0 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/g1uh0pvcelo.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.0 kB (5012 bytes)
Hash
5f6e1b41c7bb13486437b3da906849a0
de4414176347d774c4b4b8c13983438538afe57e
2f0949040c2d3256ce3dcfdc77aa4d665d6f75ded280387d343ea8db2d91d650

HTTP Headers

GET /upload/vod/2022/12/g1uh0pvcelo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 5012
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6448
content-disposition: inline; filename="g1uh0pvcelo.webp"
etag: "63904106-1930"
last-modified: Wed, 07 Dec 2022 07:30:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6894
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dda95f09ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/34dmfsbsqtp.jpg

104.22.12.214

200 OK

9.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/34dmfsbsqtp.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
9.6 kB (9550 bytes)
Hash
442f19611a728b9d76be082fd98dbd33
b1a79e9186eb8c703617b0655d0c21445c8475f1
ebac1777f10ed8619ea585747eebc7381ffb83e4c447f176e8413ce6202c9cd6

HTTP Headers

GET /upload/vod/2022/12/34dmfsbsqtp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/jpeg
content-length: 9550
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10033, status=webp_bigger
etag: "6390410a-2731"
last-modified: Wed, 07 Dec 2022 07:30:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6893
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63ddb97409ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/ochi4dingp1.jpg

104.22.12.214

200 OK

8.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/ochi4dingp1.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.3 kB (8310 bytes)
Hash
b9de16762930eb1bb3a92efb4e3ddc2c
5993d824a900f1d6ba08f4dad98e21ec915f6936
97ec10802dc91d4c1c40a6cac51e10c70c4058e0bf6e79e382cc1042a9b5b971

HTTP Headers

GET /upload/vod/2022/12/ochi4dingp1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 8310
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9073
content-disposition: inline; filename="ochi4dingp1.webp"
etag: "638e425d-2371"
last-modified: Mon, 05 Dec 2022 19:11:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63ddf9cc09ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/0hus0t2jxcu.jpg

104.22.12.214

200 OK

7.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/0hus0t2jxcu.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.8 kB (7792 bytes)
Hash
7b4bebbabcfcde64a9e5ea72a2db7666
0fc43033299c5a4b7842480c4edaa024d0ecc783
be39af4760bcff77b7575741d3220e9034e27696358a22c84540a5bae5597fb2

HTTP Headers

GET /upload/vod/2022/12/0hus0t2jxcu.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7792
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8292
content-disposition: inline; filename="0hus0t2jxcu.webp"
etag: "638e4266-2064"
last-modified: Mon, 05 Dec 2022 19:11:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de09e709ad-ARN
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/zdx1ns5l3xa.jpg

104.22.12.214

200 OK

9.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/zdx1ns5l3xa.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.9 kB (9924 bytes)
Hash
5f77b8c3638a92f75eb1968208e2c03e
cdd6095e46593420e649beb40dd7d58ea0930cf5
17a0d741f8d43d62e96818c6638c61ff09dd6540ec54dde9fb696d0b095fb05b

HTTP Headers

GET /upload/vod/2022/12/zdx1ns5l3xa.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 9924
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10780
content-disposition: inline; filename="zdx1ns5l3xa.webp"
etag: "638e4259-2a1c"
last-modified: Mon, 05 Dec 2022 19:11:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de5a4009ad-ARN
X-Firefox-Spdy: h2

pg.doitalie.com/news/index.php

20.187.123.222

200 OK

287 B

URL HTTP/2
pg.doitalie.com/news/index.php
IP
20.187.123.222:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
287 B (287 bytes)
Hash
79dc7886043139bacf9733d01622c09a
f272a7f468c77df513a42f3c6c45441b33d399b5
f37e1524f8d5d464b2aba4caa5ae049931661e2f56d52f427d2b53a4bccd4169

HTTP Headers

GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 07 Dec 2022 18:40:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000g
X-Firefox-Spdy: h2

fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg

172.247.77.90

301 Moved Permanently

239 B

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
239 B (239 bytes)
Hash
67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164

HTTP Headers

GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg

fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg

172.247.77.90

301 Moved Permanently

239 B

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
239 B (239 bytes)
Hash
67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164

HTTP Headers

GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg

fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg

172.247.77.90

301 Moved Permanently

239 B

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
239 B (239 bytes)
Hash
67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164

HTTP Headers

GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg

lbfm.lbpictupian.com/upload/vod/2022/12/dz2ysnspkua.jpg

104.22.12.214

200 OK

6.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/dz2ysnspkua.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.7 kB (6712 bytes)
Hash
2c0c5b277889b2b71aa641178987bf02
1688c8f1c97dc5bc7ddd090737b30cdf865fe60e
570f2e1bd4660b71b9b29d5f73d68a8a4b536e0a286564c2b58cde70a378163c

HTTP Headers

GET /upload/vod/2022/12/dz2ysnspkua.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 6712
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8369
content-disposition: inline; filename="dz2ysnspkua.webp"
etag: "638e4261-20b1"
last-modified: Mon, 05 Dec 2022 19:11:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de5a4709ad-ARN
X-Firefox-Spdy: h2

www.pgsje.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=2022127Wed%20Dec%2007%202022%2018:40:29%20GMT+0000%20(Coordinated%20Universal%20Time)

173.231.17.179

200 OK

2.9 kB

URL HTTP/2
www.pgsje.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=2022127Wed%20Dec%2007%202022%2018:40:29%20GMT+0000%20(Coordinated%20Universal%20Time)
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size
2.9 kB (2925 bytes)
Hash
dd6427411d473ebd845ede96c90be252
80d57d4872f01b0a4714e611b589ccad020635ba
85fccc047da48e7f16223e2ad883064db5345efbc011d2ca78c10659bb4b095b

HTTP Headers

GET /template/pgysvip/html9/advertised/advertised.json?refresh=2022127Wed%20Dec%2007%202022%2018:40:29%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: application/json
content-length: 2925
last-modified: Tue, 06 Dec 2022 13:19:35 GMT
etag: "638f4167-b6d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3894248ea576b69eee1462b4a4b58489
82794005696c6f5ecba30f740739c1691efe97a3
3a0709907a646c47c86479890366a272efa5fd4c737269b5b551e8b09a0c3f51

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=111396
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fee42-117"
Expires: Fri, 09 Dec 2022 01:37:06 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif

104.21.63.42

200 OK

406 kB

URL HTTP/2
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP
104.21.63.42:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
406 kB (406419 bytes)
Hash
91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507

HTTP Headers

GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Mon, 19 Dec 2022 22:27:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1541561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HKkzxWjaZrSFdq0jAtNxX8xftcY6POMiFUmD5p3e8RCCxQfFfUvSzF%2BeUwJfiptuI%2FscUd6ClUzDpfkWA1Fzfk%2BtITmj2mcBOV9a%2BzlRc2Tm5ypqa7krodxWByjUjy1yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63de5ab5773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
92095ecfd5b2c852c465a74a9b009d2c
91209179920d81f8b4ba1084b4a57f2b39883cf5
4521efe332c9a09cffa7fce3f33b6806260fab711727d6c8a4c8bad814c4f0d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4521EFE332C9A09CFFA7FCE3F33B6806260FAB711727D6C8A4C8BAD814C4F0D3"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15773
Expires: Wed, 07 Dec 2022 23:03:23 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
166ce1f293435f64c3b05e6aa3f56227
7291347796d9dde6b322577d050fc88d8327c6dc
5fec57e3a991e812f876d8a4f8c290228150bb0ddd2390b0ef86ea5e69968344

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 03:05:06 GMT
Expires: Tue, 13 Dec 2022 03:05:05 GMT
Etag: "7291347796d9dde6b322577d050fc88d8327c6dc"
Cache-Control: max-age=461674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63dffc720d2e-ARN

kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif

104.143.94.110

301 Moved Permanently

162 B

URL HTTP/2
kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
IP
104.143.94.110:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: text/html
content-length: 162
location: https://kvhqqq.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
870297c53111e48331371df0ee3a1e7d
062832114a906e78cbb218ed329de7e99ee28e22
94677a4305d0ae6090eb32d3f9e3df202975e215328c5132df63a992090c9a41

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 08:52:34 GMT
Expires: Tue, 13 Dec 2022 08:52:33 GMT
Etag: "062832114a906e78cbb218ed329de7e99ee28e22"
Cache-Control: max-age=482522,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63de685b0a35-ARN

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
166ce1f293435f64c3b05e6aa3f56227
7291347796d9dde6b322577d050fc88d8327c6dc
5fec57e3a991e812f876d8a4f8c290228150bb0ddd2390b0ef86ea5e69968344

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 03:05:06 GMT
Expires: Tue, 13 Dec 2022 03:05:05 GMT
Etag: "7291347796d9dde6b322577d050fc88d8327c6dc"
Cache-Control: max-age=461674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e029c50a33-ARN

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
84bc44d3ea7ce4ec75e9110007fe8976
cbc617d13e8344408f218879ac5afb1ef3ddbba2
b19901b055fa533d199d4e77e47f656a17cc3afea4ce3e912693a65ad97903e1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 18:22:18 GMT
Expires: Tue, 13 Dec 2022 18:22:17 GMT
Etag: "cbc617d13e8344408f218879ac5afb1ef3ddbba2"
Cache-Control: max-age=516706,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e04d1898f6-ARN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc4947265eb0418d58c516275efa486c
ebc19b237f4554f46d348e2232c21440b35bda70
dc64bf4b5d01cc44d13d8a8d90dc08cda22e27f245e5b7f023fe0120d9388d6c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC64BF4B5D01CC44D13D8A8D90DC08CDA22E27F245E5B7F023FE0120D9388D6C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5145
Expires: Wed, 07 Dec 2022 20:06:15 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
710dfe68329c218c79a52e7343129894
347cad9911e95e6f0377130f58b85240d0707ed2
6688d23b9eec93cf214ee22f555a310ae33faa8c72975b38c64b94c2989aaee7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6688D23B9EEC93CF214EE22F555A310AE33FAA8C72975B38C64B94C2989AAEE7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11470
Expires: Wed, 07 Dec 2022 21:51:40 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11255 bytes)
Hash
6d7a1cbc423fb9285e5001085fb32e9f
af8e347a7cf3cf1c53bf87a062626acd909ab4c5
52d5288b6a1d88080688c5746339bbba27673891c911975418c2fcdf44fdde77

HTTP Headers

GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 8559361c44a31ec84ee22dbdf5cb6ffc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=47A59871AF11DFB7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
f29688e67210cf64876c86f05f4c8d25
7c9a1ff984dcad3c7dd04ee28e6628afd4e24266
cf09c668eee0aa62ced09173311b6311fc1eb592123f4c193b971503b77c7d6a

HTTP Headers

GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 4a296a34211523018062c5f310144dae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9D4F5D2FBA4B13A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

dvcasha2.ocsp-certum.com/

95.100.107.173

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.100.107.173:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
299694b726259de82b63c2ab6eebc0ee
9048c562f1217506bca38af7cbd60222b70ee0b0
82d15defe0b8e42378f9ed2357c4b915abd65b7886204b299b734202b87fe453

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=433
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
X-N: S

www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif

104.21.23.48

200 OK

48 kB

URL HTTP/2
www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif
IP
104.21.23.48:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 150 x 150\012- data
Size
48 kB (47538 bytes)
Hash
238e06fae36a60963dd217adc895c9e4
feb1b8c405b5e162fb23a7727aedb83eae0a9e9f
321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce

HTTP Headers

GET /upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif HTTP/1.1
Host: www.yssydh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/gif
content-length: 47538
last-modified: Wed, 27 Jul 2022 08:34:24 GMT
etag: "62e0f890-b9b2"
expires: Wed, 04 Jan 2023 06:07:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 217969
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INTGcdpjsEH2b03t6C8cG4zLwWJVu0x040p0cVI7m3b9WGZE%2BuVYkiORXMSsxKiRw2RSeY%2FMzI03EcEJw4mo7vBk8X1kFEbJDZRfgWgIWuh8CsDs%2F2%2ByboMG2xcz%2FJ1eEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63e0bf8a2401-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11255 bytes)
Hash
ffc1fa230c774b6abed13b3e08595ac0
f8d484f9bed88fb8fd45bc4a9fcf2b20cbfc9813
183efb47c6684246b6773792062ab6a262a7dd73eebfa5035bf7b213a10f981b

HTTP Headers

GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 9c64da0c02358187dcc54b790f81e899
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C1CF528EF0D58970; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
853dbec9937f0a572cef3297cbf66520
8a27ab226f84e46795bc10d95714e5b075878f04
4e5ade82281820e652ac0b8af16258f5061386f7b9926ce41dbc376f82072a8d

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:09:48 GMT
Expires: Mon, 12 Dec 2022 23:09:47 GMT
Etag: "8a27ab226f84e46795bc10d95714e5b075878f04"
Cache-Control: max-age=447556,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e0b99e0a30-ARN

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
ac42b66f8eed5be3d6bc7a5f517e7ca4
ab436b2a48df3d77e5b9943048e8f6e959b04d2e
e971705586bc6523e6f42ba1ea01923a06c380f719977e2c7e8cfd035a6de915

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 23:13:52 GMT
Expires: Sun, 11 Dec 2022 23:13:51 GMT
Etag: "ab436b2a48df3d77e5b9943048e8f6e959b04d2e"
Cache-Control: max-age=361400,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e0beef0a3f-ARN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a9def6e498bf70853b30ade485c98ba0
016f613a0d190f63c2ba8425f22cbcf97db8326a
7bbc46a32f2074aa65f847f57b3e5cd00a838e166b96ff019e16b6d52b056caa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110277
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fe9e3-117"
Expires: Fri, 09 Dec 2022 01:18:27 GMT
Last-Modified: Wed, 07 Dec 2022 01:18:27 GMT
Server: nginx
Content-Length: 279

dvcasha2.ocsp-certum.com/

95.100.107.173

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.100.107.173:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
8ff5ece8e32f3bccadbc8cf44b9f917c
0ce683a7af84e2733d431b6789534be22c9ac224
9461a9230e8664513e12b5b3ca97bb54ee58599fa6efc04cae813a1b12e2e220

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
X-N: S

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
710dfe68329c218c79a52e7343129894
347cad9911e95e6f0377130f58b85240d0707ed2
6688d23b9eec93cf214ee22f555a310ae33faa8c72975b38c64b94c2989aaee7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6688D23B9EEC93CF214EE22F555A310AE33FAA8C72975B38C64B94C2989AAEE7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11470
Expires: Wed, 07 Dec 2022 21:51:40 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2020/04-23/00/gvqgoagplci0005gvqgoagplci3310039.jpg

104.22.12.214

200 OK

13 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/gvqgoagplci0005gvqgoagplci3310039.jpg
IP
104.22.12.214:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
13 kB (12920 bytes)
Hash
441d23c6512d93b1bc83bf89f3aeb54f
c185e9ed609c1bb11824063eeccb851045d6d340
37b48fa84091d7664bbc76262a905fc9516108c7952e08e95825aa8d3bbba781

HTTP Headers

GET /upload/vod/2020/04-23/00/gvqgoagplci0005gvqgoagplci3310039.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/jpeg
content-length: 12920
last-modified: Wed, 22 Apr 2020 16:05:33 GMT
etag: "5ea06b4d-3278"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63de5a3f09ad-ARN
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a9def6e498bf70853b30ade485c98ba0
016f613a0d190f63c2ba8425f22cbcf97db8326a
7bbc46a32f2074aa65f847f57b3e5cd00a838e166b96ff019e16b6d52b056caa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=110277
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "638fe9e3-117"
Expires: Fri, 09 Dec 2022 01:18:28 GMT
Last-Modified: Wed, 07 Dec 2022 01:18:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

ttsetupian.cc/lm/cstggspk01.gif

188.114.97.1

200 OK

246 kB

URL HTTP/2
ttsetupian.cc/lm/cstggspk01.gif
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 320 x 190\012- data
Size
246 kB (246207 bytes)
Hash
e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318

HTTP Headers

GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Tue, 03 Jan 2023 06:08:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 304306
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOgoWOeJluzXnfU6xIPd9zjBAxW4AlgiUMKxQ5DeJhsechp8m682TlZHKlksfmEJ6wY2ZW2dDiGZjLWOk81YGQufRCA1hx5Q3Z8ZduE2OiHKk5zPCU14GB9pt1kg4Mc6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63e18e3f76fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (621)
Size
11 kB (11259 bytes)
Hash
b15195492aa840f9ab136d29c0480b33
660ba22fc4f45f5baee71d436b6202f05a43c9d5
a30bba8b4a03174585c9a98b7cf4a64ba1e18f08d3b5d592c34896ed017a0b18

HTTP Headers

GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 7b07bf020775d70c57b2f5587858209e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0ACC3722D9E23D1B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
33f7461c8e88d484bbd02b2b60fe1bef
84907f56230bd6f991fdb38a0adb912cd5164742
3921bf64ece504574fe8a3748596f383a5f591468d616ad99ca0675ef03d57f6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3921BF64ECE504574FE8A3748596F383A5F591468D616AD99CA0675EF03D57F6"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16760
Expires: Wed, 07 Dec 2022 23:19:51 GMT
Date: Wed, 07 Dec 2022 18:40:31 GMT
Connection: keep-alive

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=758930084&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=758930084&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=758930084&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=31A970D0CD2B5837; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1074639336&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1074639336&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1074639336&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9BE2F367913CE524; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1197077524&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1197077524&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1197077524&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A0F216CB86FF146A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
89f9da4ae3f9c008a5790f4b3cde9fae
c7b4f875b0f50b0ab76cacc496a5e055fb0d321f
3071f00a764e3be6df86cd9fd2214f6349dcfb4874f8393e9d12e747d36bd54b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129375
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "6390347e-117"
Expires: Fri, 09 Dec 2022 06:36:46 GMT
Last-Modified: Wed, 07 Dec 2022 06:36:46 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
0f16558350cdc0791ab380ce4cd55636
7a1654c58ed6498272e499839d14aa99909199e8
6162272254439de90561c9a5529ea309b8d2dbd2522299ec26ca6fed6afe4532

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=98076
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "638fba3b-2d7"
Expires: Thu, 08 Dec 2022 21:55:07 GMT
Last-Modified: Tue, 06 Dec 2022 21:55:07 GMT
Server: nginx
Content-Length: 727

p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9

47.246.44.229

200 OK

460 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
460 kB (459882 bytes)
Hash
9755d798f1df0ff90ff281daf889c27e
6684c546dc5b1e65c84786cf929562e4bf5a4854
86943358042194179070f2e3fa41e8296cd53999c5d025fdcaf6ddff98714f87

HTTP Headers

GET /obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 459882
date: Mon, 05 Dec 2022 11:57:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:29:24 GMT
nw-session-id: 202212051929240102090950660FC6D0DCgkhk903dy
nw-session-trace: 2022-12-05T19:29:24.652328753+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 459882
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:29:24 GMT
x-tt-logid: 202212051929240102090950660FC6D0DC
via: n132-078-099, cache9.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e53d331f021ee346a4a71cd251f620c397b4785e133000e4fcc6a1414827e76105afaf9318ee148ff06afa2468c0c77cf2a1905b0e38acce52cf9db0363cd74a65d3a109f76bc5c653c18372cd8b87f98cdbbed705c989cbdb2708cf3e5eac60
x-response-lb: image
ali-swift-global-savetime: 1670241457
age: 196974
x-cache: HIT TCP_MEM_HIT dirn:2:442320201
x-swift-savetime: Mon, 05 Dec 2022 12:00:14 GMT
x-swift-cachetime: 31535843
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616704384313965291e
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
89f9da4ae3f9c008a5790f4b3cde9fae
c7b4f875b0f50b0ab76cacc496a5e055fb0d321f
3071f00a764e3be6df86cd9fd2214f6349dcfb4874f8393e9d12e747d36bd54b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: max-age=133752
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "6390347e-117"
Expires: Fri, 09 Dec 2022 07:49:43 GMT
Last-Modified: Wed, 07 Dec 2022 06:36:46 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1601971801&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16816&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1601971801&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16816&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1601971801&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16816&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F7914D3B459FD19F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

2588qq.com/c866c2012aab41d8b0720af0164eca09.gif

103.170.15.94

200 OK

359 kB

URL HTTP/1.1
2588qq.com/c866c2012aab41d8b0720af0164eca09.gif
IP
103.170.15.94:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
359 kB (358672 bytes)
Hash
668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /c866c2012aab41d8b0720af0164eca09.gif HTTP/1.1
Host: 2588qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637aff15-57910"
Date: Mon, 21 Nov 2022 08:26:09 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 21 Nov 2022 04:31:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 358672

fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg

172.247.77.90

200 OK

122 kB

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size
122 kB (121778 bytes)
Hash
84d5b2b7d58b70cefc595589530fc731
b6369bb724b71a1c855b1569f36dc63438ba71c0
d1ed1b5c87ddb3e9a2aa3aa5cc4d6c038d87388e80af6a2058886d3f4703108d

HTTP Headers

GET /images/2021/7/24/dmm7515.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: image/jpeg
Content-Length: 121778
Last-Modified: Wed, 09 Nov 2022 12:00:59 GMT
Connection: keep-alive
ETag: "636b967b-1dbb2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.1202555.com/images/638f3fc293f8ec5e6b5c07a4.gif

185.239.226.87

302 Found

832 kB

URL HTTP/2
img.1202555.com/images/638f3fc293f8ec5e6b5c07a4.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type
GIF image data, version 89a, 960 x 60\012- data
Size
832 kB (832544 bytes)
Hash
8a1b22cb6be2662f8c75ace7480ea0e6
380d85b1d74b702a780ee04965fdb9908ab73171
928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0

HTTP Headers

GET /images/638f3fc293f8ec5e6b5c07a4.gif HTTP/1.1
Host: img.1202555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
X-Firefox-Spdy: h2

fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg

172.247.77.90

200 OK

139 kB

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size
139 kB (138685 bytes)
Hash
e9cefc544ae32631f400fb8b3ef0f6fe
4faf7d1b3d4c61774cb17b44b6283b1b14785601
0a5ac49f96a8234348f2acc182e5ab43d6cb5aa426d69a81e161e7181231248b

HTTP Headers

GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: image/jpeg
Content-Length: 138685
Last-Modified: Wed, 09 Nov 2022 11:58:45 GMT
Connection: keep-alive
ETag: "636b95f5-21dbd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg

172.247.77.90

200 OK

134 kB

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size
134 kB (133978 bytes)
Hash
796a9665a4fbbdb3640a7750c6f07b90
7f07a9f7b1263ba79c6da5b504078c3484ec7c97
47b2c8af58f3213cc952170d1ac97e6de93346c3fa7e3710fc3d32311c833715

HTTP Headers

GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: image/jpeg
Content-Length: 133978
Last-Modified: Wed, 09 Nov 2022 11:58:25 GMT
Connection: keep-alive
ETag: "636b95e1-20b5a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

2588qq.com/5886d307b86340af836eeb4ef109ba59.gif

103.170.15.94

200 OK

426 kB

URL HTTP/1.1
2588qq.com/5886d307b86340af836eeb4ef109ba59.gif
IP
103.170.15.94:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
426 kB (425642 bytes)
Hash
05224c1ad7b782f551cbccdcf9f27fa5
c6ee7c8a6a149c7bd96c9e25ac1784fdbca84eb0
0b24fd89f9a5bbd8278bccf94b310be958f495b91597c0bf0c8faa7980ab5897

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5886d307b86340af836eeb4ef109ba59.gif HTTP/1.1
Host: 2588qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637aff83-67eaa"
Date: Mon, 21 Nov 2022 08:26:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 21 Nov 2022 04:33:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 425642

fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg

172.247.77.90

200 OK

162 kB

URL HTTP/1.1
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP
172.247.77.90:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size
162 kB (161782 bytes)
Hash
1e71477b4f330ca3b901b5d2e3948663
4fb5006efbdcff61a4f15edba423e488b40b63b0
33c443d0564af32013c9866375b08c588f952f32697ef24c5b82cc23140c8a85

HTTP Headers

GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: image/jpeg
Content-Length: 161782
Last-Modified: Wed, 09 Nov 2022 12:01:19 GMT
Connection: keep-alive
ETag: "636b968f-277f6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

www.pgsje.xyz/

173.231.17.179

200 OK

593 kB

URL HTTP/2
www.pgsje.xyz/
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
data
Size
593 kB (593180 bytes)
Hash
c97e2eb984968edca1e2d7c236450fd7
800d03e5b22d0d82d11726cfd0a86a4f30f50cc7
399eba7afde903083170a7968297cbd262f9157b83b60f7380e1140ed7fe79b9

HTTP Headers

GET / HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

taiwtp1.com/xin/96060.gif

220.128.218.220

200 OK

69 kB

URL HTTP/2
taiwtp1.com/xin/96060.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 960 x 60\012- data
Size
69 kB (68564 bytes)
Hash
1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2

HTTP Headers

GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

362728tdg.com/109e604a3c6249d594c56004b700f28c.gif

45.61.212.46

200 OK

720 kB

URL HTTP/1.1
362728tdg.com/109e604a3c6249d594c56004b700f28c.gif
IP
45.61.212.46:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 80\012- data
Size
720 kB (719745 bytes)
Hash
a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Fri, 28 Oct 2022 11:44:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 719745

6655cy.com/cdn/ashkad.gif

154.197.16.179

404 Not Found

146 B

URL HTTP/2
6655cy.com/cdn/ashkad.gif
IP
154.197.16.179:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Wed, 07 Dec 2022 18:40:31 GMT
content-type: text/html
content-length: 146
server: cdn-ddos-cc
x-cache-status: MISS
X-Firefox-Spdy: h2

8499483.com/8499/960x60.gif

172.247.109.207

200 OK

331 kB

URL HTTP/2
8499483.com/8499/960x60.gif
IP
172.247.109.207:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:31 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

8499683.com/8499/s/960x80.gif

172.247.109.205

200 OK

421 kB

URL HTTP/2
8499683.com/8499/s/960x80.gif
IP
172.247.109.205:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
421 kB (421071 bytes)
Hash
41fc4b2f1acf5b50b851104423f2d6c4
27a1bf7990c02235227ebda30ddfee1aeb4e33db
c49449d823452f844a67cda8057f6d3896f977a92a4d8de62707a9f218291ce0

HTTP Headers

GET /8499/s/960x80.gif HTTP/1.1
Host: 8499683.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:31 GMT
content-type: image/gif
content-length: 421071
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "66ccf-5ed03b0c9cba8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

taiwtp1.com/img/200200.gif

220.128.218.220

200 OK

75 kB

URL HTTP/2
taiwtp1.com/img/200200.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 200 x 200\012- data
Size
75 kB (75259 bytes)
Hash
03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

HTTP Headers

GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

taiwtp1.com/xin/200200.gif

220.128.218.220

200 OK

66 kB

URL HTTP/2
taiwtp1.com/xin/200200.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 200 x 200\012- data
Size
66 kB (65592 bytes)
Hash
f0ba60ad272f48fb7a6c94d0fff78f8c
5aa704f7f21da3ebcda26cc67adfb21a218e7c97
22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108

HTTP Headers

GET /xin/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-type: image/gif
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

taiwtp1.com/xin/225135.gif

220.128.218.220

200 OK

67 kB

URL HTTP/2
taiwtp1.com/xin/225135.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 225 x 135\012- data
Size
67 kB (67441 bytes)
Hash
81996a5d1fe46f845ff020017edba5cb
68dc488bcaf576c3c63394123998bb55ea79d121
6ee94aa6b2f278f4d4bff35da13d01e8ecc332464a23050f5a816fe18943b7aa

HTTP Headers

GET /xin/225135.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-type: image/gif
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
64e997a5b35c1d213020194ae1be4355
8ed4247fbf8080a06e69fb5e3e7ed439d7a4502e
e14f91a28cec212c468c4f9d10e5994e04a5c01db9e75ed30ebc97567fc9f771

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:32 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 09:48:55 GMT
Expires: Tue, 13 Dec 2022 09:48:54 GMT
Etag: "8ed4247fbf8080a06e69fb5e3e7ed439d7a4502e"
Cache-Control: max-age=485901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63ea9e370a30-ARN

p3.douyinpic.com/obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034

47.246.44.229

200 OK

106 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 240 x 240\012- data
Size
106 kB (106081 bytes)
Hash
aa5e4e879bac642fd12a056e2247beef
5608916b0f163c45a872aac891bb30a938e35313
51bc350473e5aaa111652dec87b45822d77411fa30855c41ab5366418319b7d7

HTTP Headers

GET /obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 106081
date: Tue, 06 Dec 2022 13:20:48 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 13:14:25 GMT
nw-session-id: 202212052114250101750890681ED9A6A2rf66p01dy
nw-session-trace: 2022-12-05T21:14:25.768740532+08:00 19
x-bdcdn-cache-status: TCP_HIT
x-length: 106081
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 21:14:25 GMT
x-tt-logid: 202212052114250101750890681ED9A6A2
via: n150-051-207, cache6.l2de2[0,0,206-0,H], cache26.l2de2[1,0], cache26.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0193c1a2d5bddbcc2280e5fd2d1589836b0b5c92f48d337624c1908e1963f816887c01dbfa049a211fec362812c086356fb0e3def8999d25ed269d033b9d801809d7c56d547e1a23871e46a1d75c816191c10951797893b6111f01124050c87e32
x-response-lb: image
ali-swift-global-savetime: 1670332848
age: 105584
x-cache: HIT TCP_MEM_HIT dirn:11:214606459
x-swift-savetime: Tue, 06 Dec 2022 14:04:44 GMT
x-swift-cachetime: 31533364
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616704384328836361e
X-Firefox-Spdy: h2

8499583.com/8499/250x250.gif

23.224.101.34

200 OK

91 kB

URL HTTP/2
8499583.com/8499/250x250.gif
IP
23.224.101.34:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 300 x 300\012- data
Size
91 kB (90667 bytes)
Hash
4aefaea31d0c466c9bcd256f9a80c528
de0d04d2279d18ed3673c8cf3bb5300f2cfe41b3
2a2e16800bb9ea5a162165bf7cac230582531a333cd229021cb027fcb5e6c945

HTTP Headers

GET /8499/250x250.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:32 GMT
content-type: image/gif
content-length: 90667
last-modified: Tue, 15 Nov 2022 13:01:06 GMT
etag: "1622b-5ed81f2f18e30"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

img.1203555.com/images/638f3fcf93f8ec5e6b5c07a5.gif

185.239.226.87

302 Found

0 B

URL HTTP/2
img.1203555.com/images/638f3fcf93f8ec5e6b5c07a5.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638f3fcf93f8ec5e6b5c07a5.gif HTTP/1.1
Host: img.1203555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034
X-Firefox-Spdy: h2

www.pgsje.xyz/template/pgysvip/css/ate.css

173.231.17.179

200 OK

0 B

URL HTTP/2
www.pgsje.xyz/template/pgysvip/css/ate.css
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/pgysvip/css/ate.css HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.pgsje.xyz/template/pgysvip/css/zui.css

173.231.17.179

200 OK

0 B

URL HTTP/2
www.pgsje.xyz/template/pgysvip/css/zui.css
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/pgysvip/css/zui.css HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 03:05:22 GMT
vary: Accept-Encoding
etag: W/"62621b72-16462"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations