Overview

URLineedf.com/
IP 67.201.6.200 (United States)
ASN#3257 GTT Communications Inc.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-07 18:40:36 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (39)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-06 17:19:43 UTC 35.163.49.154
zerossl.ocsp.sectigo.com (3) 4049 2020-05-09 19:05:29 UTC 2022-12-06 17:13:11 UTC 104.18.32.68
push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-12-06 04:21:46 UTC 39.156.68.163
api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2022-12-06 12:55:01 UTC 182.61.201.94
362728tdg.com (1) 0 2022-10-28 15:16:40 UTC 2022-12-06 19:04:34 UTC 45.61.212.46 Unknown ranking
cdn.staticfile.org (1) 46426 2013-08-23 08:51:19 UTC 2022-12-06 22:11:11 UTC 47.246.44.211
taiwtp1.com (4) 0 2022-04-08 07:06:08 UTC 2022-12-06 17:52:44 UTC 220.128.218.220 Unknown ranking
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-12-06 21:45:35 UTC 93.184.220.29
ocsp.buypass.com (1) 157566 2017-01-30 04:59:29 UTC 2022-12-06 22:09:11 UTC 23.36.76.129
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-06 17:31:54 UTC 34.120.237.76
hm.baidu.com (12) 8254 2012-05-26 08:38:45 UTC 2022-12-06 17:40:26 UTC 103.235.46.191
ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-12-06 21:32:26 UTC 104.18.32.68
6655cy.com (1) 0 2022-08-10 12:25:13 UTC 2022-12-05 08:53:36 UTC 154.197.16.179 Unknown ranking
p3.douyinpic.com (2) 23536 2020-12-18 11:20:50 UTC 2022-12-06 16:24:07 UTC 47.246.44.229
r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-12-06 17:12:17 UTC 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-06 17:12:34 UTC 35.241.9.150
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-06 17:13:17 UTC 34.117.237.239
www.pgsje.xyz (9) 0 2022-05-26 01:39:35 UTC 2022-12-04 10:30:55 UTC 173.231.17.179 Unknown ranking
ocsp.digicert.cn (1) 37572 2020-03-20 17:45:56 UTC 2022-12-06 18:17:15 UTC 47.246.44.205
ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-12-06 21:32:26 UTC 172.64.155.188
ttsetupian.cc (1) 0 2022-06-07 08:00:54 UTC 2022-12-07 00:41:59 UTC 188.114.97.1 Unknown ranking
2588qq.com (2) 0 2022-11-21 08:56:56 UTC 2022-12-06 23:49:03 UTC 103.170.15.94 Unknown ranking
fmlb.netlbtu.com (7) 187701 2021-09-14 11:57:06 UTC 2022-12-07 00:27:03 UTC 172.247.77.90
kveww.com (1) 0 2021-10-19 07:57:06 UTC 2022-12-06 23:27:49 UTC 104.143.94.110 Unknown ranking
img.1202555.com (1) 0 2022-11-11 15:03:22 UTC 2022-12-07 00:23:33 UTC 185.239.226.87 Unknown ranking
8499483.com (1) 0 2022-10-27 05:23:31 UTC 2022-12-07 00:44:22 UTC 172.247.109.207 Unknown ranking
8499583.com (1) 0 2022-10-27 05:16:30 UTC 2022-12-07 00:44:22 UTC 23.224.101.34 Unknown ranking
img.1203555.com (1) 0 2022-11-11 15:02:47 UTC 2022-12-06 23:28:00 UTC 185.239.226.87 Unknown ranking
www.ineedf.com (4) 0 2022-10-11 10:18:40 UTC 2022-10-11 10:18:40 UTC 67.201.6.200 Unknown ranking
ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-12-06 17:12:20 UTC 104.18.21.226
e1.o.lencr.org (6) 6159 2021-08-20 07:36:30 UTC 2022-12-06 17:12:18 UTC 23.36.77.32
cdn.jsjsjs.xyz (1) 0 2022-02-22 21:30:27 UTC 2022-12-06 23:44:04 UTC 104.21.63.42 Unknown ranking
www.yssydh.top (1) 0 2022-08-05 15:26:13 UTC 2022-12-05 08:53:27 UTC 104.21.23.48 Unknown ranking
ineedf.com (1) 0 2022-10-19 00:11:08 UTC 2022-12-07 18:40:19 UTC 67.201.6.200 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-06 17:17:39 UTC 34.160.144.191
lbfm.lbpictupian.com (25) 0 2022-10-09 16:47:38 UTC 2022-12-06 17:52:45 UTC 104.22.12.214 Unknown ranking
pg.doitalie.com (2) 0 2022-06-06 07:45:55 UTC 2022-12-05 08:53:23 UTC 20.187.123.222 Unknown ranking
dvcasha2.ocsp-certum.com (2) 71753 2014-11-27 08:04:42 UTC 2022-12-06 14:39:22 UTC 95.100.107.173
8499683.com (1) 0 2022-10-27 05:16:04 UTC 2022-12-07 05:59:25 UTC 172.247.109.205 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-07 2 2588qq.com Sinkholed
2022-12-07 2 2588qq.com Sinkholed
2022-12-07 2 362728tdg.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 67.201.6.200
Date UQ / IDS / BL URL IP
2023-01-21 22:04:03 +0000 0 - 0 - 1 ineedf.com/ 67.201.6.200
2022-12-07 18:40:36 +0000 0 - 0 - 3 ineedf.com/ 67.201.6.200


Last 5 reports on ASN: GTT Communications Inc.
Date UQ / IDS / BL URL IP
2023-02-02 01:01:36 +0000 8 - 0 - 4 creativecombat.com/wp-admin/network/acct/logi (...) 208.67.17.71
2023-02-01 15:35:25 +0000 8 - 0 - 4 creativecombat.com/wp-admin/network/acct/logi (...) 208.67.17.71
2023-02-01 12:27:38 +0000 0 - 1 - 0 dl05.magix.net/2012/Vita/DLV_Content/Vita_2_a (...) 195.214.216.59
2023-02-01 11:30:35 +0000 8 - 1 - 4 creativecombat.com/wp-admin/network/acct/?ema (...) 208.67.17.71
2023-02-01 08:43:52 +0000 8 - 1 - 4 creativecombat.com/wp-admin/network/acct/?ema (...) 208.67.17.71


Last 2 reports on domain: ineedf.com
Date UQ / IDS / BL URL IP
2023-01-21 22:04:03 +0000 0 - 0 - 1 ineedf.com/ 67.201.6.200
2022-12-07 18:40:36 +0000 0 - 0 - 3 ineedf.com/ 67.201.6.200


No other reports with similar screenshot

JavaScript

Executed Scripts (18)

Executed Evals (0)

Executed Writes (7)
#1 JavaScript::Write (size: 87) - SHA256: 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9
< div style = "width:100%;height:100%;position:absolute;top:0;left:0;z-index:2147483647;" >
#2 JavaScript::Write (size: 182) - SHA256: d11ba4e523ac4988ae751c55dd6429af48a06e3cf158a7f5a4115a3676778a14
< iframe src = " https://pg.doitalie.com/news/index.php"
frameborder = "0"
style = "border:0;width: 100%; text-align: center; border: medium none; height:100%;max-height: 4000px;" > < /iframe>
#3 JavaScript::Write (size: 6) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23
< /div>
#4 JavaScript::Write (size: 201) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca
< style > # o63092 {
    animation - duration: 10000 ms;
    animation - iteration - count: infinite;
    animation - timing - function: linear;
}@
keyframes spin {
    from {
        transform: rotate(0 deg);
    }
    to {
        transform: rotate(360 deg);
    }
} < /style>
#5 JavaScript::Write (size: 318) - SHA256: 7e04099921ecc9c0597e2fba4001c974fe4dd405733b40ab6a5a85397d4fd2be
< div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 52%; z-index: 19999 !important; right: 2px;" > < a target = "_blank"
href = "/template/pgysvip/html9/ad/ad1.html" > < img src = "https://6655cy.com/cdn/ashkad.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>
#6 JavaScript::Write (size: 103) - SHA256: 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e
< meta id = "viewport"
name = "viewport"
content = "user-scalable=no,width=device-width, initial-scale=1.0" / >
#7 JavaScript::Write (size: 77) - SHA256: 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4
< style > html, body {
    widht: 100 % ;height: 100 % ;overflow: hidden;clear: both;
} < /style>


HTTP Transactions (128)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8913
Expires: Wed, 07 Dec 2022 21:08:57 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6214
Expires: Wed, 07 Dec 2022 20:23:58 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: ineedf.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         67.201.6.200
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 07 Dec 2022 18:40:24 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.ineedf.com/index.php

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 18:08:04 GMT
age: 1940
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Wed, 07 Dec 2022 19:30:43 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: l2ZDTZdpxSlSIP55W5WK6OLd1UWGxbYiJcoObjo81TirddEzbGHKYmxGR6y9Hg1odmt0SSW2P7Ho8dTvFqee8A==
x-amz-request-id: 67G7C90HQ2KVD57F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 17:49:27 GMT
age: 3057
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:24 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 18:07:55 GMT
age: 1950
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /index.php HTTP/1.1 
Host: www.ineedf.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         67.201.6.200
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 07 Dec 2022 18:40:24 GMT
Content-Length: 785
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   785
Md5:    87a932dbaf0eee1bfb6df690ed7b9aed
Sha1:   092d744a2884eb7c4d2c7c32fc040aa6a9f73731
Sha256: fbde109ffd915e449d89b4b70f062e63dcae86396ff37134094798575833b1f8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2888
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 18:40:25 GMT
Last-Modified: Wed, 07 Dec 2022 17:52:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tj.js HTTP/1.1 
Host: www.ineedf.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php

search
                                         67.201.6.200
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Content-Length: 520
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   520
Md5:    29ae705b67845821aeb5514a7bc73371
Sha1:   f4367767b44e9011d41e29176ac25ac30d813fbd
Sha256: 1b01cb5c7ea41436d9f4707b1289b4152033dae5d5a89089d348fcc6f7bf3e80
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8m6V0KjaYbwPYDbG4BPslA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.49.154
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J+WKE02tDZuZwYWW/s32meNsph4=

                                        
                                            GET /common.js HTTP/1.1 
Host: www.ineedf.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php

search
                                         67.201.6.200
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Size:   1093
Md5:    b3756430558b9abf41edbf97e2585631
Sha1:   9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
Sha256: d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.ineedf.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php

search
                                         67.201.6.200
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 12 Dec 2022 18:40:25 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/

search
                                         39.156.68.163
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Wed, 07 Dec 2022 18:40:26 GMT
Etag: "4078521116"
Expires: Thu, 07 Dec 2023 18:40:26 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=DA85BA4AA3F447D39E8ED86B3FE0C414:FG=1; max-age=31536000; expires=Thu, 07-Dec-23 18:40:26 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:26 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:42:44 GMT
ETag: "4d297351f346dc84af86524a1e313fc45e88f7dd"
Last-Modified: Wed, 07 Dec 2022 17:42:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1296
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775f63c5ddcb09a4-ARN


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    07a4d97841cf6c4d06d7ac0d333f3e68
Sha1:   4d297351f346dc84af86524a1e313fc45e88f7dd
Sha256: fd3cf4a7ac9b4326441493cdc8e200d3ed721efe9a02f380e326a3c48251f8ea
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:26 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:42:44 GMT
ETag: "4d297351f346dc84af86524a1e313fc45e88f7dd"
Last-Modified: Wed, 07 Dec 2022 17:42:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1296
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775f63c5fdf709a4-ARN


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    07a4d97841cf6c4d06d7ac0d333f3e68
Sha1:   4d297351f346dc84af86524a1e313fc45e88f7dd
Sha256: fd3cf4a7ac9b4326441493cdc8e200d3ed721efe9a02f380e326a3c48251f8ea
                                        
                                            GET /s.gif?l=http://www.ineedf.com/index.php HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/

search
                                         182.61.201.94
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Wed, 07 Dec 2022 18:40:26 GMT

                                        
                                            POST / HTTP/1.1 
Host: ocsp.buypass.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.129
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 4493ba1d-7484-489e-b600-634bf93419fa
Content-Length: 1701
Date: Wed, 07 Dec 2022 18:40:26 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1701
Md5:    65e7308aafaf8e4dfa840cf187e7ff1a
Sha1:   c4f212696299f03bae63e2e2ad9f5f7ffe8142f8
Sha256: 939853dce868cd0b88b6327a10df63c921c2d00eef820e6668522a297dd4f493
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4892
Expires: Wed, 07 Dec 2022 20:01:58 GMT
Date: Wed, 07 Dec 2022 18:40:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 74313
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8701
Md5:    604a4132da78a0c013b5818644adb121
Sha1:   ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
Sha256: eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 78652
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8659
x-amzn-requestid: 3b64a1cf-0ad7-4ecf-a25e-ca65c06330ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVFcECMoAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6889-42dde2da60f083383ab06b82;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qRfO2pJfTDGteBczJUQoyy49rrUyN5BYhJuadhIbwxyoAR2Vjl6x6A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 15:56:10 GMT
age: 9856
etag: "80283cb298a1b2326620be406ee3daa42ee0b3ef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8659
Md5:    22e3174edbfe337cc29266cc38abb51e
Sha1:   80283cb298a1b2326620be406ee3daa42ee0b3ef
Sha256: 520858a9d9540d5768988d0ebb04f0162ded5eb9cd8f4718989b033d04702111
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 36455
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6557
Md5:    210b27f5f6310d8fad640acce3d9ae0e
Sha1:   08d241e56622cb900754d95bc5d58ed8826d9f32
Sha256: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KkP8o_5GoqAukEAUkPrvsHE0v_36vO0wI7_97kvnUkqYc4ziC7UPpw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 16:47:32 GMT
age: 6774
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6186
Md5:    535710165275856757bd7d1689f79de3
Sha1:   d51162b7fcba50022482b7130a556f3a7dfe822f
Sha256: c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 55485
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7392
Md5:    c9257f2e3b9bd1b3aa262b0f4bf57968
Sha1:   4bcdd6ecd63834aa1010faf19457a97f37ae99fa
Sha256: 9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
                                        
                                            GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Date: Wed, 07 Dec 2022 18:40:26 GMT
Etag: af6e1ead49b663dd61b44064ab25fcf3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=92810A5477037C1C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (617)
Size:   11255
Md5:    006b9d6298379b784fda06d6edfdc28a
Sha1:   b036669b31294bc343df140e765eb39e1d143f7a
Sha256: 0c5299dd64d6a2a1374c13f0604b39a039f1916d95486c525c65d0523cdf2525
                                        
                                            GET /hm.js?c1479d5915918e835700b15c96ba2372 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Date: Wed, 07 Dec 2022 18:40:27 GMT
Etag: 4fb7a56baccaa11f64fbb556b2b1953d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=041B7C34877AA240; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (619)
Size:   11257
Md5:    1ae74f90d75c4c6f94ce5ce62413b733
Sha1:   18a804c2c5a52c58c81385c3fb240b4d9eaa6ca8
Sha256: 6800186ab19218de3f59fe76d26ab1775550225e757246c1b5553911ab9bbf71
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108497757&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 07 Dec 2022 18:40:27 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D60B54B682FCA65D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692289395&si=c1479d5915918e835700b15c96ba2372&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 07 Dec 2022 18:40:27 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EAFFFB723842F9D4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E225CF1F518EE34AB02D7D3FB657F577E812288EFFE64138A4DE20D69814CE14"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Thu, 08 Dec 2022 00:39:49 GMT
Date: Wed, 07 Dec 2022 18:40:28 GMT
Connection: keep-alive

                                        
                                            GET /template/pgysvip/css/honglou.png HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Fri, 06 Jan 2023 18:40:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Size:   19004
Md5:    d4c105833ccca617cb46bee0056a3c41
Sha1:   a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
Sha256: a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e
                                        
                                            GET /template/pgysvip/images/1.gif HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Fri, 06 Jan 2023 18:40:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 17\012- data
Size:   254
Md5:    b013f8fa3ec997fe20dc80b82af0ad0a
Sha1:   e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
Sha256: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
                                        
                                            GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   614
Md5:    5544a44cad5faf09138fde07c5d2ff1a
Sha1:   b435357e5621bc4c023c289943638f84c560f644
Sha256: e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Wed, 07 Dec 2022 18:40:30 GMT
Last-Modified: Wed, 07 Dec 2022 12:37:08 GMT
ETag: "639088f4-1d7"
Expires: Fri, 09 Dec 2022 12:37:08 GMT
Cache-Control: max-age=150998
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670438430
Via: cache5.l2de2[277,276,200-0,M], cache5.l2de2[279,0], cache5.se1[299,299,200-0,M], cache5.se1[300,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 07 Dec 2022 18:40:30 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916704384297972138e

                                        
                                            GET /jquery/1.9.1/jquery.js HTTP/1.1 
Host: cdn.staticfile.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         47.246.44.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 80123
Connection: keep-alive
Date: Wed, 07 Dec 2022 06:32:46 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: uxsAAADmCKgwby4X
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1670394766
Via: cache15.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[2,0]
Content-Encoding: gzip
Age: 43664
X-Cache: HIT TCP_MEM_HIT dirn:3:180680166
X-Swift-SaveTime: Wed, 07 Dec 2022 06:32:51 GMT
X-Swift-CacheTime: 86395
Timing-Allow-Origin: *
EagleId: 2ff62c9b16704384301067928e


--- Additional Info ---
Magic:  ASCII text
Size:   80123
Md5:    a3932a941cb998342ce964fdd83697f1
Sha1:   1b0e6eca41925e7cd470ea29b16cea49c1ec58af
Sha256: 8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2019/11-08/03/v3hlukecolc0314v3hlukecolc473777.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 6788
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9158
content-disposition: inline; filename="v3hlukecolc0314v3hlukecolc473777.webp"
etag: "5dc46d27-23c6"
last-modified: Thu, 07 Nov 2019 19:14:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791009ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6788
Md5:    2637db754435102a2a11e539b6640522
Sha1:   2f5f8ba4fc91107bf39efab51c8cb40cd80ea4d6
Sha256: c19bac8bd022c0383ba12005e2a320627aa99c6e6957ddfcdc362d720e305175
                                        
                                            GET /upload/vod/2022/12/b5uqymlwqc0.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 6964
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8407
content-disposition: inline; filename="b5uqymlwqc0.webp"
etag: "639048a5-20d7"
last-modified: Wed, 07 Dec 2022 08:02:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1403
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791b09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6964
Md5:    f17c01b7a000ae82ef361d65c9ec3676
Sha1:   c1818b252f1cbb7353d8bcfb8972b291bebd444b
Sha256: 37ed0f00ff16a64489f133ae2994cc1056398fd31905232ca2b53eb75f5fc6d8
                                        
                                            GET /upload/vod/2022/12/rxehrkxkynl.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 3758
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5502
content-disposition: inline; filename="rxehrkxkynl.webp"
etag: "63904904-157e"
last-modified: Wed, 07 Dec 2022 08:04:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791409ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   3758
Md5:    e5c4f2270898ac2fb03b770bd0b94e19
Sha1:   e5d525cbfb67643cc52a4769eaf2b40b49615691
Sha256: 38ad5080df98b6f687bf6720c932da1ec8bb68bcc41967f8805a3557413ee389
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2022/12/hzzmm3jijcm.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 7868
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9038
content-disposition: inline; filename="hzzmm3jijcm.webp"
etag: "638e4250-234e"
last-modified: Mon, 05 Dec 2022 19:11:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4730
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791c09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7868
Md5:    9d57ee133d46e7fd1f6a03397a628106
Sha1:   fa95f42275eaf04330b56e16706fff443c09c7e5
Sha256: 4fedc41f81bdbb0e8c0ff3cf4ffdd081c6e69a7486e8975fa5a21012dcdc95e1
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2019/11-08/03/3eqxjuqqdih03123eqxjuqqdih043495.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 9232
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10033
content-disposition: inline; filename="3eqxjuqqdih03123eqxjuqqdih043495.webp"
etag: "5dc46c84-2731"
last-modified: Thu, 07 Nov 2019 19:12:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3755
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791209ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   9232
Md5:    659989567c92d5ec315a971732d72fbe
Sha1:   197de010efd20293afc87eece430b1b90d743855
Sha256: 89b15c020599e788920a8ea26ce904d37ba66440c7abc9d320b08ff4a426977c
                                        
                                            GET /upload/vod/2020/04-23/00/5ikyvjaoxjk00055ikyvjaoxjk2710025.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 7544
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8685
content-disposition: inline; filename="5ikyvjaoxjk00055ikyvjaoxjk2710025.webp"
etag: "5ea06b47-21ed"
last-modified: Wed, 22 Apr 2020 16:05:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd790e09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7544
Md5:    b224ad1be5bc5cdab2eb67adf52bea55
Sha1:   a831809fe9e9cc0c461ce80f418e09201d473896
Sha256: e4026e466d04f689c039a3a2c86939e17725f6b308c061cf132a2368fa3b8413
                                        
                                            GET /upload/vod/2022/12/iipfdukawpu.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 10814
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12137
content-disposition: inline; filename="iipfdukawpu.webp"
etag: "6390489d-2f69"
last-modified: Wed, 07 Dec 2022 08:02:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 202
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791709ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   10814
Md5:    11b3f7703959afbb922c030d1d878838
Sha1:   747715a70edfd513315ce008e9696404a7d106b7
Sha256: 0d4252ab4c32d2fca92bd17789de006d0ca634b8575ce948048aa8f9199c8194
                                        
                                            GET /upload/vod/2022/12/zy0cmbbpyip.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 5728
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8150
content-disposition: inline; filename="zy0cmbbpyip.webp"
etag: "6390490e-1fd6"
last-modified: Wed, 07 Dec 2022 08:04:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791609ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5728
Md5:    9ee8142d610194fd43b3a6252e7a1f26
Sha1:   c0cbbc52895f7c757cb3f864b72588fc9e1f32e9
Sha256: 6957799e8581bfe03bcd7a10a0248cf13dfef01fd8f7a3db038d001219eae619
                                        
                                            GET /template/pgysvip/js/jquery.config.js HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2213
Md5:    7476f03daa075d6adfb3818bc25980d9
Sha1:   78b587fda39562fa2f781d67cc793ef473ba0ce3
Sha256: a8a4828feb3091a307e635fa3d82ff6ef02f8413394b0b4bdd2f5c1e2ab0713e
                                        
                                            GET /upload/vod/2022/12/2vrrwgkceag.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 5474
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7478
content-disposition: inline; filename="2vrrwgkceag.webp"
etag: "639048a0-1d36"
last-modified: Wed, 07 Dec 2022 08:02:40 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6302
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791809ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5474
Md5:    7307b6cfea1824e98c9eba784ea2ecd8
Sha1:   953fd7ffa450d7d99060c8ea513a5bed40bc93e4
Sha256: 1953822f05054fcf7d6b255b4bcf7263855ad0681b915dfba523979ca3f1b8ff
                                        
                                            GET /upload/vod/2022/12/g01i4bae5ec.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 9442
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10089, status=webp_bigger
etag: "638e4255-2769"
last-modified: Mon, 05 Dec 2022 19:11:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63dd791e09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size:   9442
Md5:    b9eca6a709520b4c0e1b34ed604ce0b0
Sha1:   850e9977393158d29c1458b51541972e7d5e0799
Sha256: d213083dcea99c84b9120a365fdb2ddbf801059c11b779250e827f0d4a730da3
                                        
                                            GET /upload/vod/2020/04-23/00/nb203afryap0005nb203afryap3010033.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 10896
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12120
content-disposition: inline; filename="nb203afryap0005nb203afryap3010033.webp"
etag: "5ea06b4a-2f58"
last-modified: Wed, 22 Apr 2020 16:05:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd792109ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   10896
Md5:    213f5162016be70eb1ee8fabeadba21f
Sha1:   062927411aedeec5c68b2d3cadcaa3786dc2ddc7
Sha256: ffb3892f3b16724d41831a552b113344930eb18ea9429b1d86e579b9dc830d82
                                        
                                            GET /upload/vod/2020/04-23/00/s5tkhrc2j3e0005s5tkhrc2j3e3110035.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 11464
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12182
content-disposition: inline; filename="s5tkhrc2j3e0005s5tkhrc2j3e3110035.webp"
etag: "5ea06b4b-2f96"
last-modified: Wed, 22 Apr 2020 16:05:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893a09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   11464
Md5:    55dc2c777bdf2d628f26a3453158b358
Sha1:   51e56e9e4d9642ea8058c7b3be7fcd4e49467772
Sha256: 30bd2c77455764e18bfef16e9f5f7d5faed9c905ed155b12428267280493c6f8
                                        
                                            GET /upload/vod/2020/04-23/00/oedcgnlwu1k0005oedcgnlwu1k2810027.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 11026
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11628, status=webp_bigger
etag: "5ea06b48-2d6c"
last-modified: Wed, 22 Apr 2020 16:05:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63dd792009ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size:   11026
Md5:    68c7192904436b0cfe3c55eae2273cc7
Sha1:   a17bcb0b04c6232509c8aac59ed7e450361d9d97
Sha256: 1d0149ab6edbe20effab89bd0a82f36093ac3b19f0bd8fe1b4a4009b7f6c394a
                                        
                                            GET /upload/vod/2022/12/4ra1u1y3you.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 6778
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8915
content-disposition: inline; filename="4ra1u1y3you.webp"
etag: "63904909-22d3"
last-modified: Wed, 07 Dec 2022 08:04:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791509ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6778
Md5:    9dc325bef23f430a1792f83c9b45fe96
Sha1:   985814aea3020b6cb8335246ee0105cf720abb39
Sha256: 1ab3eae93d9793ca292ed8caad7c84dec63312a1bd43eecbc1d260e6c5b7b183
                                        
                                            GET /upload/vod/2022/12/piswl1bs31h.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 7390
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8775
content-disposition: inline; filename="piswl1bs31h.webp"
etag: "639040fd-2247"
last-modified: Wed, 07 Dec 2022 07:30:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4855
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893e09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7390
Md5:    50e2a68979361aea20f4764f266d8b11
Sha1:   dfe9f88aabe2ac74f3fabe0178c1ab774c9987d9
Sha256: 1b995b540a6fafe4e9ed8402cd19a3d36b6ee30e9a134467f0f6d1c90f40970c
                                        
                                            GET /upload/vod/2022/12/nrk4mgwava0.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 8338
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9696
content-disposition: inline; filename="nrk4mgwava0.webp"
etag: "63904102-25e0"
last-modified: Wed, 07 Dec 2022 07:30:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd894009ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   8338
Md5:    c253a3c1b45c9fc022351a34f9210eb0
Sha1:   75407c5538f2a5ce3286f38804a787a1d998daed
Sha256: e7b415f10b40e4973ad698384cd859c80c07a6c699588feac6f23774188d3134
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=111396
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fee42-117"
Expires: Fri, 09 Dec 2022 01:37:06 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:06 GMT
Server: nginx
Content-Length: 279

                                        
                                            GET /template/pgysvip/images/video-mask.png HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Fri, 06 Jan 2023 18:40:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size:   107
Md5:    6a5ee87ff75437cb480df839f36004fd
Sha1:   eac66370f99601cb7febef320c9540d4593cd856
Sha256: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
                                        
                                            GET /upload/vod/2020/04-23/00/ws20ohbtb2l0005ws20ohbtb2l3210037.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 11988
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12513
content-disposition: inline; filename="ws20ohbtb2l0005ws20ohbtb2l3210037.webp"
etag: "5ea06b4c-30e1"
last-modified: Wed, 22 Apr 2020 16:05:32 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893c09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   11988
Md5:    ca1850273b2019ba4750730ddfc46164
Sha1:   c0d85a72f1a136a9aa7699cfa55637b9d613b705
Sha256: 5a135eae6e03db79d28d42e43378153a70dc6ac1969106f9464309041392c4d3
                                        
                                            GET /news/data.php HTTP/1.1 
Host: pg.doitalie.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         20.187.123.222
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.22.1
date: Wed, 07 Dec 2022 18:40:27 GMT
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000g
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1765
Md5:    c8aec4934cf635a28bef050087663e0c
Sha1:   543b8f896914b26bd82c2c7f6bb8da723c6cca82
Sha256: 19f0fba4a256ff4b4abff99b044ca5d7523b5b01bb0df7505bd1af51cdf7e9ce
                                        
                                            GET /upload/vod/2022/12/123fmbnmpw5.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 7106
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8017
content-disposition: inline; filename="123fmbnmpw5.webp"
etag: "6390410e-1f51"
last-modified: Wed, 07 Dec 2022 07:30:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2397
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63ddb97509ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7106
Md5:    12935d934cdee2344911386d168319b6
Sha1:   8e5074c84f5aab77b0ee5255a889da51a3fd0389
Sha256: 955247681b29e43e3ff3f79aabce36c016ce9d6e3bd33a445da703a8b25b0473
                                        
                                            GET /upload/vod/2022/12/g1uh0pvcelo.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 5012
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6448
content-disposition: inline; filename="g1uh0pvcelo.webp"
etag: "63904106-1930"
last-modified: Wed, 07 Dec 2022 07:30:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6894
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dda95f09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5012
Md5:    5f6e1b41c7bb13486437b3da906849a0
Sha1:   de4414176347d774c4b4b8c13983438538afe57e
Sha256: 2f0949040c2d3256ce3dcfdc77aa4d665d6f75ded280387d343ea8db2d91d650
                                        
                                            GET /upload/vod/2022/12/34dmfsbsqtp.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 9550
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10033, status=webp_bigger
etag: "6390410a-2731"
last-modified: Wed, 07 Dec 2022 07:30:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6893
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63ddb97409ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size:   9550
Md5:    442f19611a728b9d76be082fd98dbd33
Sha1:   b1a79e9186eb8c703617b0655d0c21445c8475f1
Sha256: ebac1777f10ed8619ea585747eebc7381ffb83e4c447f176e8413ce6202c9cd6
                                        
                                            GET /upload/vod/2022/12/ochi4dingp1.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 8310
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9073
content-disposition: inline; filename="ochi4dingp1.webp"
etag: "638e425d-2371"
last-modified: Mon, 05 Dec 2022 19:11:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63ddf9cc09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   8310
Md5:    b9de16762930eb1bb3a92efb4e3ddc2c
Sha1:   5993d824a900f1d6ba08f4dad98e21ec915f6936
Sha256: 97ec10802dc91d4c1c40a6cac51e10c70c4058e0bf6e79e382cc1042a9b5b971
                                        
                                            GET /upload/vod/2022/12/0hus0t2jxcu.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 7792
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8292
content-disposition: inline; filename="0hus0t2jxcu.webp"
etag: "638e4266-2064"
last-modified: Mon, 05 Dec 2022 19:11:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de09e709ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7792
Md5:    7b4bebbabcfcde64a9e5ea72a2db7666
Sha1:   0fc43033299c5a4b7842480c4edaa024d0ecc783
Sha256: be39af4760bcff77b7575741d3220e9034e27696358a22c84540a5bae5597fb2
                                        
                                            GET /upload/vod/2022/12/zdx1ns5l3xa.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 9924
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10780
content-disposition: inline; filename="zdx1ns5l3xa.webp"
etag: "638e4259-2a1c"
last-modified: Mon, 05 Dec 2022 19:11:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de5a4009ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   9924
Md5:    5f77b8c3638a92f75eb1968208e2c03e
Sha1:   cdd6095e46593420e649beb40dd7d58ea0930cf5
Sha256: 17a0d741f8d43d62e96818c6638c61ff09dd6540ec54dde9fb696d0b095fb05b
                                        
                                            GET /news/index.php HTTP/1.1 
Host: pg.doitalie.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         20.187.123.222
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.22.1
date: Wed, 07 Dec 2022 18:40:27 GMT
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000g
X-Firefox-Spdy: h2

                                        
                                            GET /images/2021/7/23/dmm7510.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         172.247.77.90
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   239
Md5:    67194376ec810b1466000b45b043ab94
Sha1:   b5b0840425f5602244750801336e7e8b9efd022f
Sha256: 39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
                                        
                                            GET /images/2021/7/23/dmm7511.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         172.247.77.90
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   239
Md5:    67194376ec810b1466000b45b043ab94
Sha1:   b5b0840425f5602244750801336e7e8b9efd022f
Sha256: 39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
                                        
                                            GET /images/2021/7/24/dmm7514.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         172.247.77.90
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   239
Md5:    67194376ec810b1466000b45b043ab94
Sha1:   b5b0840425f5602244750801336e7e8b9efd022f
Sha256: 39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
                                        
                                            GET /upload/vod/2022/12/dz2ysnspkua.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 6712
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8369
content-disposition: inline; filename="dz2ysnspkua.webp"
etag: "638e4261-20b1"
last-modified: Mon, 05 Dec 2022 19:11:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de5a4709ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6712
Md5:    2c0c5b277889b2b71aa641178987bf02
Sha1:   1688c8f1c97dc5bc7ddd090737b30cdf865fe60e
Sha256: 570f2e1bd4660b71b9b29d5f73d68a8a4b536e0a286564c2b58cde70a378163c
                                        
                                            GET /template/pgysvip/html9/advertised/advertised.json?refresh=2022127Wed%20Dec%2007%202022%2018:40:29%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 2925
last-modified: Tue, 06 Dec 2022 13:19:35 GMT
etag: "638f4167-b6d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size:   2925
Md5:    dd6427411d473ebd845ede96c90be252
Sha1:   80d57d4872f01b0a4714e611b589ccad020635ba
Sha256: 85fccc047da48e7f16223e2ad883064db5345efbc011d2ca78c10659bb4b095b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=111396
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fee42-117"
Expires: Fri, 09 Dec 2022 01:37:06 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1 
Host: cdn.jsjsjs.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.63.42
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Mon, 19 Dec 2022 22:27:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1541561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HKkzxWjaZrSFdq0jAtNxX8xftcY6POMiFUmD5p3e8RCCxQfFfUvSzF%2BeUwJfiptuI%2FscUd6ClUzDpfkWA1Fzfk%2BtITmj2mcBOV9a%2BzlRc2Tm5ypqa7krodxWByjUjy1yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63de5ab5773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   406419
Md5:    91949a67089d61d1c111d50f6e101660
Sha1:   fab540d8a71b28159836bf995e398a9569314e47
Sha256: 35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4521EFE332C9A09CFFA7FCE3F33B6806260FAB711727D6C8A4C8BAD814C4F0D3"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15773
Expires: Wed, 07 Dec 2022 23:03:23 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 03:05:06 GMT
Expires: Tue, 13 Dec 2022 03:05:05 GMT
Etag: "7291347796d9dde6b322577d050fc88d8327c6dc"
Cache-Control: max-age=461674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63dffc720d2e-ARN

                                        
                                            GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1 
Host: kveww.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.143.94.110
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 162
location: https://kvhqqq.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 08:52:34 GMT
Expires: Tue, 13 Dec 2022 08:52:33 GMT
Etag: "062832114a906e78cbb218ed329de7e99ee28e22"
Cache-Control: max-age=482522,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63de685b0a35-ARN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 03:05:06 GMT
Expires: Tue, 13 Dec 2022 03:05:05 GMT
Etag: "7291347796d9dde6b322577d050fc88d8327c6dc"
Cache-Control: max-age=461674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e029c50a33-ARN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 18:22:18 GMT
Expires: Tue, 13 Dec 2022 18:22:17 GMT
Etag: "cbc617d13e8344408f218879ac5afb1ef3ddbba2"
Cache-Control: max-age=516706,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e04d1898f6-ARN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DC64BF4B5D01CC44D13D8A8D90DC08CDA22E27F245E5B7F023FE0120D9388D6C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5145
Expires: Wed, 07 Dec 2022 20:06:15 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "6688D23B9EEC93CF214EE22F555A310AE33FAA8C72975B38C64B94C2989AAEE7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11470
Expires: Wed, 07 Dec 2022 21:51:40 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

                                        
                                            GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 8559361c44a31ec84ee22dbdf5cb6ffc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=47A59871AF11DFB7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (617)
Size:   11255
Md5:    6d7a1cbc423fb9285e5001085fb32e9f
Sha1:   af8e347a7cf3cf1c53bf87a062626acd909ab4c5
Sha256: 52d5288b6a1d88080688c5746339bbba27673891c911975418c2fcdf44fdde77
                                        
                                            GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 4a296a34211523018062c5f310144dae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9D4F5D2FBA4B13A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (618)
Size:   11256
Md5:    f29688e67210cf64876c86f05f4c8d25
Sha1:   7c9a1ff984dcad3c7dd04ee28e6628afd4e24266
Sha256: cf09c668eee0aa62ced09173311b6311fc1eb592123f4c193b971503b77c7d6a
                                        
                                            POST / HTTP/1.1 
Host: dvcasha2.ocsp-certum.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.100.107.173
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=433
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
X-N: S


--- Additional Info ---
Magic:  data
Size:   1599
Md5:    299694b726259de82b63c2ab6eebc0ee
Sha1:   9048c562f1217506bca38af7cbd60222b70ee0b0
Sha256: 82d15defe0b8e42378f9ed2357c4b915abd65b7886204b299b734202b87fe453
                                        
                                            GET /upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif HTTP/1.1 
Host: www.yssydh.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.23.48
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 47538
last-modified: Wed, 27 Jul 2022 08:34:24 GMT
etag: "62e0f890-b9b2"
expires: Wed, 04 Jan 2023 06:07:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 217969
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INTGcdpjsEH2b03t6C8cG4zLwWJVu0x040p0cVI7m3b9WGZE%2BuVYkiORXMSsxKiRw2RSeY%2FMzI03EcEJw4mo7vBk8X1kFEbJDZRfgWgIWuh8CsDs%2F2%2ByboMG2xcz%2FJ1eEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63e0bf8a2401-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 150\012- data
Size:   47538
Md5:    238e06fae36a60963dd217adc895c9e4
Sha1:   feb1b8c405b5e162fb23a7727aedb83eae0a9e9f
Sha256: 321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce
                                        
                                            GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 9c64da0c02358187dcc54b790f81e899
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C1CF528EF0D58970; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (617)
Size:   11255
Md5:    ffc1fa230c774b6abed13b3e08595ac0
Sha1:   f8d484f9bed88fb8fd45bc4a9fcf2b20cbfc9813
Sha256: 183efb47c6684246b6773792062ab6a262a7dd73eebfa5035bf7b213a10f981b
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:09:48 GMT
Expires: Mon, 12 Dec 2022 23:09:47 GMT
Etag: "8a27ab226f84e46795bc10d95714e5b075878f04"
Cache-Control: max-age=447556,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e0b99e0a30-ARN

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 23:13:52 GMT
Expires: Sun, 11 Dec 2022 23:13:51 GMT
Etag: "ab436b2a48df3d77e5b9943048e8f6e959b04d2e"
Cache-Control: max-age=361400,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e0beef0a3f-ARN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=110277
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fe9e3-117"
Expires: Fri, 09 Dec 2022 01:18:27 GMT
Last-Modified: Wed, 07 Dec 2022 01:18:27 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: dvcasha2.ocsp-certum.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.100.107.173
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
X-N: S


--- Additional Info ---
Magic:  data
Size:   1599
Md5:    8ff5ece8e32f3bccadbc8cf44b9f917c
Sha1:   0ce683a7af84e2733d431b6789534be22c9ac224
Sha256: 9461a9230e8664513e12b5b3ca97bb54ee58599fa6efc04cae813a1b12e2e220
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "6688D23B9EEC93CF214EE22F555A310AE33FAA8C72975B38C64B94C2989AAEE7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11470
Expires: Wed, 07 Dec 2022 21:51:40 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2020/04-23/00/gvqgoagplci0005gvqgoagplci3310039.jpg HTTP/1.1 
Host: lbfm.lbpictupian.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.12.214
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 12920
last-modified: Wed, 22 Apr 2020 16:05:33 GMT
etag: "5ea06b4d-3278"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63de5a3f09ad-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12920
Md5:    441d23c6512d93b1bc83bf89f3aeb54f
Sha1:   c185e9ed609c1bb11824063eeccb851045d6d340
Sha256: 37b48fa84091d7664bbc76262a905fc9516108c7952e08e95825aa8d3bbba781
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=110277
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "638fe9e3-117"
Expires: Fri, 09 Dec 2022 01:18:28 GMT
Last-Modified: Wed, 07 Dec 2022 01:18:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /lm/cstggspk01.gif HTTP/1.1 
Host: ttsetupian.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         188.114.97.1
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 18:40:30 GMT
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Tue, 03 Jan 2023 06:08:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 304306
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOgoWOeJluzXnfU6xIPd9zjBAxW4AlgiUMKxQ5DeJhsechp8m682TlZHKlksfmEJ6wY2ZW2dDiGZjLWOk81YGQufRCA1hx5Q3Z8ZduE2OiHKk5zPCU14GB9pt1kg4Mc6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63e18e3f76fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 190\012- data
Size:   246207
Md5:    e9d0b8904ffb196466d811f2eec57882
Sha1:   4da1e9b9265080e1c692414460f7e5986d9aaf3c
Sha256: 91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318
                                        
                                            GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 7b07bf020775d70c57b2f5587858209e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0ACC3722D9E23D1B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (621)
Size:   11259
Md5:    b15195492aa840f9ab136d29c0480b33
Sha1:   660ba22fc4f45f5baee71d436b6202f05a43c9d5
Sha256: a30bba8b4a03174585c9a98b7cf4a64ba1e18f08d3b5d592c34896ed017a0b18
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3921BF64ECE504574FE8A3748596F383A5F591468D616AD99CA0675EF03D57F6"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16760
Expires: Wed, 07 Dec 2022 23:19:51 GMT
Date: Wed, 07 Dec 2022 18:40:31 GMT
Connection: keep-alive

                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=758930084&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=31A970D0CD2B5837; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1074639336&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9BE2F367913CE524; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1197077524&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A0F216CB86FF146A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=129375
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "6390347e-117"
Expires: Fri, 09 Dec 2022 06:36:46 GMT
Last-Modified: Wed, 07 Dec 2022 06:36:46 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=98076
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "638fba3b-2d7"
Expires: Thu, 08 Dec 2022 21:55:07 GMT
Last-Modified: Tue, 06 Dec 2022 21:55:07 GMT
Server: nginx
Content-Length: 727

                                        
                                            GET /obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         47.246.44.229
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 459882
date: Mon, 05 Dec 2022 11:57:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:29:24 GMT
nw-session-id: 202212051929240102090950660FC6D0DCgkhk903dy
nw-session-trace: 2022-12-05T19:29:24.652328753+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 459882
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:29:24 GMT
x-tt-logid: 202212051929240102090950660FC6D0DC
via: n132-078-099, cache9.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e53d331f021ee346a4a71cd251f620c397b4785e133000e4fcc6a1414827e76105afaf9318ee148ff06afa2468c0c77cf2a1905b0e38acce52cf9db0363cd74a65d3a109f76bc5c653c18372cd8b87f98cdbbed705c989cbdb2708cf3e5eac60
x-response-lb: image
ali-swift-global-savetime: 1670241457
age: 196974
x-cache: HIT TCP_MEM_HIT dirn:2:442320201
x-swift-savetime: Mon, 05 Dec 2022 12:00:14 GMT
x-swift-cachetime: 31535843
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616704384313965291e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   459882
Md5:    9755d798f1df0ff90ff281daf889c27e
Sha1:   6684c546dc5b1e65c84786cf929562e4bf5a4854
Sha256: 86943358042194179070f2e3fa41e8296cd53999c5d025fdcaf6ddff98714f87
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4377
Cache-Control: max-age=133752
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "6390347e-117"
Expires: Fri, 09 Dec 2022 07:49:43 GMT
Last-Modified: Wed, 07 Dec 2022 06:36:46 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1601971801&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16816&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F7914D3B459FD19F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /c866c2012aab41d8b0720af0164eca09.gif HTTP/1.1 
Host: 2588qq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.170.15.94
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "637aff15-57910"
Date: Mon, 21 Nov 2022 08:26:09 GMT
Server: nginx
Last-Modified: Mon, 21 Nov 2022 04:31:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 358672


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   358672
Md5:    668143938c3bb811847d83330decd423
Sha1:   f86300da5d773b84bc65d3c901a4767fd8566c48
Sha256: a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /images/2021/7/24/dmm7515.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.247.77.90
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Length: 121778
Last-Modified: Wed, 09 Nov 2022 12:00:59 GMT
Connection: keep-alive
ETag: "636b967b-1dbb2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size:   121778
Md5:    84d5b2b7d58b70cefc595589530fc731
Sha1:   b6369bb724b71a1c855b1569f36dc63438ba71c0
Sha256: d1ed1b5c87ddb3e9a2aa3aa5cc4d6c038d87388e80af6a2058886d3f4703108d
                                        
                                            GET /images/638f3fc293f8ec5e6b5c07a4.gif HTTP/1.1 
Host: img.1202555.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.239.226.87
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   832544
Md5:    8a1b22cb6be2662f8c75ace7480ea0e6
Sha1:   380d85b1d74b702a780ee04965fdb9908ab73171
Sha256: 928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0
                                        
                                            GET /images/2021/7/23/dmm7511.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.247.77.90
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Length: 138685
Last-Modified: Wed, 09 Nov 2022 11:58:45 GMT
Connection: keep-alive
ETag: "636b95f5-21dbd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size:   138685
Md5:    e9cefc544ae32631f400fb8b3ef0f6fe
Sha1:   4faf7d1b3d4c61774cb17b44b6283b1b14785601
Sha256: 0a5ac49f96a8234348f2acc182e5ab43d6cb5aa426d69a81e161e7181231248b
                                        
                                            GET /images/2021/7/23/dmm7510.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.247.77.90
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Length: 133978
Last-Modified: Wed, 09 Nov 2022 11:58:25 GMT
Connection: keep-alive
ETag: "636b95e1-20b5a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size:   133978
Md5:    796a9665a4fbbdb3640a7750c6f07b90
Sha1:   7f07a9f7b1263ba79c6da5b504078c3484ec7c97
Sha256: 47b2c8af58f3213cc952170d1ac97e6de93346c3fa7e3710fc3d32311c833715
                                        
                                            GET /5886d307b86340af836eeb4ef109ba59.gif HTTP/1.1 
Host: 2588qq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.170.15.94
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "637aff83-67eaa"
Date: Mon, 21 Nov 2022 08:26:10 GMT
Server: nginx
Last-Modified: Mon, 21 Nov 2022 04:33:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 425642


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   425642
Md5:    05224c1ad7b782f551cbccdcf9f27fa5
Sha1:   c6ee7c8a6a149c7bd96c9e25ac1784fdbca84eb0
Sha256: 0b24fd89f9a5bbd8278bccf94b310be958f495b91597c0bf0c8faa7980ab5897

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /images/2021/7/24/dmm7514.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.247.77.90
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Length: 161782
Last-Modified: Wed, 09 Nov 2022 12:01:19 GMT
Connection: keep-alive
ETag: "636b968f-277f6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size:   161782
Md5:    1e71477b4f330ca3b901b5d2e3948663
Sha1:   4fb5006efbdcff61a4f15edba423e488b40b63b0
Sha256: 33c443d0564af32013c9866375b08c588f952f32697ef24c5b82cc23140c8a85
                                        
                                            GET / HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   593180
Md5:    c97e2eb984968edca1e2d7c236450fd7
Sha1:   800d03e5b22d0d82d11726cfd0a86a4f30f50cc7
Sha256: 399eba7afde903083170a7968297cbd262f9157b83b60f7380e1140ed7fe79b9
                                        
                                            GET /xin/96060.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   68564
Md5:    1b81020d4419f48ddf8aaa0b7ce34a5c
Sha1:   432154678099ca224ed82b2490a33e5d78f510d5
Sha256: 8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
                                        
                                            GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1 
Host: 362728tdg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.61.212.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Fri, 28 Oct 2022 11:44:33 GMT
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 719745


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   719745
Md5:    a371336a677886333a1e0e87f32df904
Sha1:   5d17beeea80b18e70073f0e54dfa9ad61e71b25f
Sha256: 18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cdn/ashkad.gif HTTP/1.1 
Host: 6655cy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         154.197.16.179
HTTP/2 404 Not Found
content-type: text/html
                                        
date: Wed, 07 Dec 2022 18:40:31 GMT
content-length: 146
server: cdn-ddos-cc
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /8499/960x60.gif HTTP/1.1 
Host: 8499483.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.247.109.207
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 18:40:31 GMT
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   331043
Md5:    09f29e56330449942571a66f47f82fb5
Sha1:   30fc3421671176f6f724f32ee910470f03661ddc
Sha256: b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
                                        
                                            GET /8499/s/960x80.gif HTTP/1.1 
Host: 8499683.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.247.109.205
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 18:40:31 GMT
content-length: 421071
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "66ccf-5ed03b0c9cba8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   421071
Md5:    41fc4b2f1acf5b50b851104423f2d6c4
Sha1:   27a1bf7990c02235227ebda30ddfee1aeb4e33db
Sha256: c49449d823452f844a67cda8057f6d3896f977a92a4d8de62707a9f218291ce0
                                        
                                            GET /img/200200.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   75259
Md5:    03c13356e00c2033df2c88cb919251eb
Sha1:   f3a334a0366ddda6a87034f7d6c889c4d159dc8d
Sha256: 0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
                                        
                                            GET /xin/200200.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   65592
Md5:    f0ba60ad272f48fb7a6c94d0fff78f8c
Sha1:   5aa704f7f21da3ebcda26cc67adfb21a218e7c97
Sha256: 22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108
                                        
                                            GET /xin/225135.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 225 x 135\012- data
Size:   67441
Md5:    81996a5d1fe46f845ff020017edba5cb
Sha1:   68dc488bcaf576c3c63394123998bb55ea79d121
Sha256: 6ee94aa6b2f278f4d4bff35da13d01e8ecc332464a23050f5a816fe18943b7aa
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 18:40:32 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 09:48:55 GMT
Expires: Tue, 13 Dec 2022 09:48:54 GMT
Etag: "8ed4247fbf8080a06e69fb5e3e7ed439d7a4502e"
Cache-Control: max-age=485901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63ea9e370a30-ARN

                                        
                                            GET /obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         47.246.44.229
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 106081
date: Tue, 06 Dec 2022 13:20:48 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 13:14:25 GMT
nw-session-id: 202212052114250101750890681ED9A6A2rf66p01dy
nw-session-trace: 2022-12-05T21:14:25.768740532+08:00 19
x-bdcdn-cache-status: TCP_HIT
x-length: 106081
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 21:14:25 GMT
x-tt-logid: 202212052114250101750890681ED9A6A2
via: n150-051-207, cache6.l2de2[0,0,206-0,H], cache26.l2de2[1,0], cache26.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0193c1a2d5bddbcc2280e5fd2d1589836b0b5c92f48d337624c1908e1963f816887c01dbfa049a211fec362812c086356fb0e3def8999d25ed269d033b9d801809d7c56d547e1a23871e46a1d75c816191c10951797893b6111f01124050c87e32
x-response-lb: image
ali-swift-global-savetime: 1670332848
age: 105584
x-cache: HIT TCP_MEM_HIT dirn:11:214606459
x-swift-savetime: Tue, 06 Dec 2022 14:04:44 GMT
x-swift-cachetime: 31533364
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616704384328836361e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   106081
Md5:    aa5e4e879bac642fd12a056e2247beef
Sha1:   5608916b0f163c45a872aac891bb30a938e35313
Sha256: 51bc350473e5aaa111652dec87b45822d77411fa30855c41ab5366418319b7d7
                                        
                                            GET /8499/250x250.gif HTTP/1.1 
Host: 8499583.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.224.101.34
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 18:40:32 GMT
content-length: 90667
last-modified: Tue, 15 Nov 2022 13:01:06 GMT
etag: "1622b-5ed81f2f18e30"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 300\012- data
Size:   90667
Md5:    4aefaea31d0c466c9bcd256f9a80c528
Sha1:   de0d04d2279d18ed3673c8cf3bb5300f2cfe41b3
Sha256: 2a2e16800bb9ea5a162165bf7cac230582531a333cd229021cb027fcb5e6c945
                                        
                                            GET /images/638f3fcf93f8ec5e6b5c07a5.gif HTTP/1.1 
Host: img.1203555.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.239.226.87
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /template/pgysvip/css/ate.css HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /template/pgysvip/css/zui.css HTTP/1.1 
Host: www.pgsje.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         173.231.17.179
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
last-modified: Fri, 22 Apr 2022 03:05:22 GMT
vary: Accept-Encoding
etag: W/"62621b72-16462"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---