r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2630c6482aef4e822d6634e417f65ab6
6bd1264568eb9647d1665e51521b3bfc15d4df4a
e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8913
Expires: Wed, 07 Dec 2022 21:08:57 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6214
Expires: Wed, 07 Dec 2022 20:23:58 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive
ineedf.com/
67.201.6.200301 Moved Permanently 0 B IP 67.201.6.200:0
ASN #3257 GTT Communications Inc.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Dec 2022 18:40:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.ineedf.com/index.php
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 18:08:04 GMT
content-type: application/json
age: 1940
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Wed, 07 Dec 2022 19:30:43 GMT
Date: Wed, 07 Dec 2022 18:40:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: l2ZDTZdpxSlSIP55W5WK6OLd1UWGxbYiJcoObjo81TirddEzbGHKYmxGR6y9Hg1odmt0SSW2P7Ho8dTvFqee8A==
x-amz-request-id: 67G7C90HQ2KVD57F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 17:49:27 GMT
age: 3057
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 18:07:55 GMT
age: 1950
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ineedf.com/index.php
67.201.6.200200 OK 785 B IP 67.201.6.200:0
ASN #3257 GTT Communications Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 87a932dbaf0eee1bfb6df690ed7b9aed
092d744a2884eb7c4d2c7c32fc040aa6a9f73731
fbde109ffd915e449d89b4b70f062e63dcae86396ff37134094798575833b1f8
GET /index.php HTTP/1.1
Host: www.ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 18:40:24 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2888
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:25 GMT
Last-Modified: Wed, 07 Dec 2022 17:52:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.ineedf.com/tj.js
67.201.6.200200 OK 520 B IP 67.201.6.200:0
ASN #3257 GTT Communications Inc.
File type ASCII text, with CRLF line terminators
Hash 29ae705b67845821aeb5514a7bc73371
f4367767b44e9011d41e29176ac25ac30d813fbd
1b01cb5c7ea41436d9f4707b1289b4152033dae5d5a89089d348fcc6f7bf3e80
GET /tj.js HTTP/1.1
Host: www.ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
35.163.49.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.49.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8m6V0KjaYbwPYDbG4BPslA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J+WKE02tDZuZwYWW/s32meNsph4=
www.ineedf.com/common.js
67.201.6.200200 OK 1.1 kB IP 67.201.6.200:0
ASN #3257 GTT Communications Inc.
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e
GET /common.js HTTP/1.1
Host: www.ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.ineedf.com/favicon.ico
67.201.6.200200 OK 1.2 kB URL HTTP/1.1 www.ineedf.com/favicon.ico
IP 67.201.6.200:0
ASN #3257 GTT Communications Inc.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.ineedf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 18:40:25 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 12 Dec 2022 18:40:25 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 07 Dec 2022 18:40:26 GMT
Etag: "4078521116"
Expires: Thu, 07 Dec 2023 18:40:26 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=DA85BA4AA3F447D39E8ED86B3FE0C414:FG=1; max-age=31536000; expires=Thu, 07-Dec-23 18:40:26 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 07a4d97841cf6c4d06d7ac0d333f3e68
4d297351f346dc84af86524a1e313fc45e88f7dd
fd3cf4a7ac9b4326441493cdc8e200d3ed721efe9a02f380e326a3c48251f8ea
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:42:44 GMT
ETag: "4d297351f346dc84af86524a1e313fc45e88f7dd"
Last-Modified: Wed, 07 Dec 2022 17:42:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1296
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775f63c5ddcb09a4-ARN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 07a4d97841cf6c4d06d7ac0d333f3e68
4d297351f346dc84af86524a1e313fc45e88f7dd
fd3cf4a7ac9b4326441493cdc8e200d3ed721efe9a02f380e326a3c48251f8ea
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:42:44 GMT
ETag: "4d297351f346dc84af86524a1e313fc45e88f7dd"
Last-Modified: Wed, 07 Dec 2022 17:42:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1296
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775f63c5fdf709a4-ARN
api.share.baidu.com/s.gif?l=http://www.ineedf.com/index.php
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.ineedf.com/index.php
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.ineedf.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ineedf.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 07 Dec 2022 18:40:26 GMT
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 65e7308aafaf8e4dfa840cf187e7ff1a
c4f212696299f03bae63e2e2ad9f5f7ffe8142f8
939853dce868cd0b88b6327a10df63c921c2d00eef820e6668522a297dd4f493
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 4493ba1d-7484-489e-b600-634bf93419fa
Content-Length: 1701
Date: Wed, 07 Dec 2022 18:40:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4892
Expires: Wed, 07 Dec 2022 20:01:58 GMT
Date: Wed, 07 Dec 2022 18:40:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 74313
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 78652
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e3174edbfe337cc29266cc38abb51e
80283cb298a1b2326620be406ee3daa42ee0b3ef
520858a9d9540d5768988d0ebb04f0162ded5eb9cd8f4718989b033d04702111
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 3b64a1cf-0ad7-4ecf-a25e-ca65c06330ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVFcECMoAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6889-42dde2da60f083383ab06b82;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qRfO2pJfTDGteBczJUQoyy49rrUyN5BYhJuadhIbwxyoAR2Vjl6x6A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 15:56:10 GMT
age: 9856
etag: "80283cb298a1b2326620be406ee3daa42ee0b3ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 36455
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KkP8o_5GoqAukEAUkPrvsHE0v_36vO0wI7_97kvnUkqYc4ziC7UPpw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 16:47:32 GMT
age: 6774
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 55485
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 006b9d6298379b784fda06d6edfdc28a
b036669b31294bc343df140e765eb39e1d143f7a
0c5299dd64d6a2a1374c13f0604b39a039f1916d95486c525c65d0523cdf2525
GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:26 GMT
Etag: af6e1ead49b663dd61b44064ab25fcf3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=92810A5477037C1C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?c1479d5915918e835700b15c96ba2372
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c1479d5915918e835700b15c96ba2372
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 1ae74f90d75c4c6f94ce5ce62413b733
18a804c2c5a52c58c81385c3fb240b4d9eaa6ca8
6800186ab19218de3f59fe76d26ab1775550225e757246c1b5553911ab9bbf71
GET /hm.js?c1479d5915918e835700b15c96ba2372 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:27 GMT
Etag: 4fb7a56baccaa11f64fbb556b2b1953d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=041B7C34877AA240; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108497757&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108497757&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108497757&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:27 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D60B54B682FCA65D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692289395&si=c1479d5915918e835700b15c96ba2372&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692289395&si=c1479d5915918e835700b15c96ba2372&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1692289395&si=c1479d5915918e835700b15c96ba2372&v=1.3.0&lv=1&sn=16812&r=0&ww=1280&u=http%3A%2F%2Fwww.ineedf.com%2Findex.php&tt=%E8%BF%AA%E5%BA%86%E6%98%93%E8%87%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:27 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EAFFFB723842F9D4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 315b53cfa6e9348ca664ca68604a1361
7d86d4ccd0a4844b05a3c8e336b1cd3254619c57
e225cf1f518ee34ab02d7d3fb657f577e812288effe64138a4de20d69814ce14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E225CF1F518EE34AB02D7D3FB657F577E812288EFFE64138A4DE20D69814CE14"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Thu, 08 Dec 2022 00:39:49 GMT
Date: Wed, 07 Dec 2022 18:40:28 GMT
Connection: keep-alive
www.pgsje.xyz/template/pgysvip/css/honglou.png
173.231.17.179200 OK 19 kB URL HTTP/2 www.pgsje.xyz/template/pgysvip/css/honglou.png
IP 173.231.17.179:0
File type PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e
GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Fri, 06 Jan 2023 18:40:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgsje.xyz/template/pgysvip/images/1.gif
173.231.17.179200 OK 254 B URL HTTP/2 www.pgsje.xyz/template/pgysvip/images/1.gif
IP 173.231.17.179:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Fri, 06 Jan 2023 18:40:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgsje.xyz/template/pgysvip/html9/ad/zxf88.js
173.231.17.179200 OK 614 B URL HTTP/2 www.pgsje.xyz/template/pgysvip/html9/ad/zxf88.js
IP 173.231.17.179:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5544a44cad5faf09138fde07c5d2ff1a
b435357e5621bc4c023c289943638f84c560f644
e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8
GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: application/javascript
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e78abbd1369275e84f9035979c8c3215
dd6ddd82cbc956f53598dcfb9df0a740359f5b84
dfbf0f08619fffa9a1ccf4265dd6edeedcc8593b3186c309a559908fda813698
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 07 Dec 2022 18:40:30 GMT
Last-Modified: Wed, 07 Dec 2022 12:37:08 GMT
ETag: "639088f4-1d7"
Expires: Fri, 09 Dec 2022 12:37:08 GMT
Cache-Control: max-age=150998
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670438430
Via: cache5.l2de2[277,276,200-0,M], cache5.l2de2[279,0], cache5.se1[299,299,200-0,M], cache5.se1[300,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 07 Dec 2022 18:40:30 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916704384297972138e
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Wed, 07 Dec 2022 06:32:46 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: uxsAAADmCKgwby4X
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1670394766
Via: cache15.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[2,0]
Content-Encoding: gzip
Age: 43664
X-Cache: HIT TCP_MEM_HIT dirn:3:180680166
X-Swift-SaveTime: Wed, 07 Dec 2022 06:32:51 GMT
X-Swift-CacheTime: 86395
Timing-Allow-Origin: *
EagleId: 2ff62c9b16704384301067928e
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/v3hlukecolc0314v3hlukecolc473777.jpg
104.22.12.214200 OK 6.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/v3hlukecolc0314v3hlukecolc473777.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2637db754435102a2a11e539b6640522
2f5f8ba4fc91107bf39efab51c8cb40cd80ea4d6
c19bac8bd022c0383ba12005e2a320627aa99c6e6957ddfcdc362d720e305175
GET /upload/vod/2019/11-08/03/v3hlukecolc0314v3hlukecolc473777.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 6788
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9158
content-disposition: inline; filename="v3hlukecolc0314v3hlukecolc473777.webp"
etag: "5dc46d27-23c6"
last-modified: Thu, 07 Nov 2019 19:14:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791009ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/b5uqymlwqc0.jpg
104.22.12.214200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/b5uqymlwqc0.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f17c01b7a000ae82ef361d65c9ec3676
c1818b252f1cbb7353d8bcfb8972b291bebd444b
37ed0f00ff16a64489f133ae2994cc1056398fd31905232ca2b53eb75f5fc6d8
GET /upload/vod/2022/12/b5uqymlwqc0.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 6964
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8407
content-disposition: inline; filename="b5uqymlwqc0.webp"
etag: "639048a5-20d7"
last-modified: Wed, 07 Dec 2022 08:02:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1403
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791b09ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/rxehrkxkynl.jpg
104.22.12.214200 OK 3.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/rxehrkxkynl.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e5c4f2270898ac2fb03b770bd0b94e19
e5d525cbfb67643cc52a4769eaf2b40b49615691
38ad5080df98b6f687bf6720c932da1ec8bb68bcc41967f8805a3557413ee389
GET /upload/vod/2022/12/rxehrkxkynl.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 3758
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5502
content-disposition: inline; filename="rxehrkxkynl.webp"
etag: "63904904-157e"
last-modified: Wed, 07 Dec 2022 08:04:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791409ad-ARN
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/12/hzzmm3jijcm.jpg
104.22.12.214200 OK 7.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/hzzmm3jijcm.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d57ee133d46e7fd1f6a03397a628106
fa95f42275eaf04330b56e16706fff443c09c7e5
4fedc41f81bdbb0e8c0ff3cf4ffdd081c6e69a7486e8975fa5a21012dcdc95e1
GET /upload/vod/2022/12/hzzmm3jijcm.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7868
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9038
content-disposition: inline; filename="hzzmm3jijcm.webp"
etag: "638e4250-234e"
last-modified: Mon, 05 Dec 2022 19:11:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4730
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791c09ad-ARN
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16473
Expires: Wed, 07 Dec 2022 23:15:03 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/03/3eqxjuqqdih03123eqxjuqqdih043495.jpg
104.22.12.214200 OK 9.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/03/3eqxjuqqdih03123eqxjuqqdih043495.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 659989567c92d5ec315a971732d72fbe
197de010efd20293afc87eece430b1b90d743855
89b15c020599e788920a8ea26ce904d37ba66440c7abc9d320b08ff4a426977c
GET /upload/vod/2019/11-08/03/3eqxjuqqdih03123eqxjuqqdih043495.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 9232
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10033
content-disposition: inline; filename="3eqxjuqqdih03123eqxjuqqdih043495.webp"
etag: "5dc46c84-2731"
last-modified: Thu, 07 Nov 2019 19:12:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3755
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791209ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/5ikyvjaoxjk00055ikyvjaoxjk2710025.jpg
104.22.12.214200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-23/00/5ikyvjaoxjk00055ikyvjaoxjk2710025.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b224ad1be5bc5cdab2eb67adf52bea55
a831809fe9e9cc0c461ce80f418e09201d473896
e4026e466d04f689c039a3a2c86939e17725f6b308c061cf132a2368fa3b8413
GET /upload/vod/2020/04-23/00/5ikyvjaoxjk00055ikyvjaoxjk2710025.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7544
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8685
content-disposition: inline; filename="5ikyvjaoxjk00055ikyvjaoxjk2710025.webp"
etag: "5ea06b47-21ed"
last-modified: Wed, 22 Apr 2020 16:05:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd790e09ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/iipfdukawpu.jpg
104.22.12.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/iipfdukawpu.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11b3f7703959afbb922c030d1d878838
747715a70edfd513315ce008e9696404a7d106b7
0d4252ab4c32d2fca92bd17789de006d0ca634b8575ce948048aa8f9199c8194
GET /upload/vod/2022/12/iipfdukawpu.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 10814
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12137
content-disposition: inline; filename="iipfdukawpu.webp"
etag: "6390489d-2f69"
last-modified: Wed, 07 Dec 2022 08:02:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 202
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791709ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/zy0cmbbpyip.jpg
104.22.12.214200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/zy0cmbbpyip.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ee8142d610194fd43b3a6252e7a1f26
c0cbbc52895f7c757cb3f864b72588fc9e1f32e9
6957799e8581bfe03bcd7a10a0248cf13dfef01fd8f7a3db038d001219eae619
GET /upload/vod/2022/12/zy0cmbbpyip.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 5728
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8150
content-disposition: inline; filename="zy0cmbbpyip.webp"
etag: "6390490e-1fd6"
last-modified: Wed, 07 Dec 2022 08:04:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791609ad-ARN
X-Firefox-Spdy: h2
www.pgsje.xyz/template/pgysvip/js/jquery.config.js
173.231.17.179200 OK 2.2 kB URL HTTP/2 www.pgsje.xyz/template/pgysvip/js/jquery.config.js
IP 173.231.17.179:0
Hash 7476f03daa075d6adfb3818bc25980d9
78b587fda39562fa2f781d67cc793ef473ba0ce3
a8a4828feb3091a307e635fa3d82ff6ef02f8413394b0b4bdd2f5c1e2ab0713e
GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/2vrrwgkceag.jpg
104.22.12.214200 OK 5.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/2vrrwgkceag.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7307b6cfea1824e98c9eba784ea2ecd8
953fd7ffa450d7d99060c8ea513a5bed40bc93e4
1953822f05054fcf7d6b255b4bcf7263855ad0681b915dfba523979ca3f1b8ff
GET /upload/vod/2022/12/2vrrwgkceag.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 5474
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7478
content-disposition: inline; filename="2vrrwgkceag.webp"
etag: "639048a0-1d36"
last-modified: Wed, 07 Dec 2022 08:02:40 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6302
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791809ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/g01i4bae5ec.jpg
104.22.12.214200 OK 9.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/g01i4bae5ec.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash b9eca6a709520b4c0e1b34ed604ce0b0
850e9977393158d29c1458b51541972e7d5e0799
d213083dcea99c84b9120a365fdb2ddbf801059c11b779250e827f0d4a730da3
GET /upload/vod/2022/12/g01i4bae5ec.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/jpeg
content-length: 9442
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10089, status=webp_bigger
etag: "638e4255-2769"
last-modified: Mon, 05 Dec 2022 19:11:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63dd791e09ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/nb203afryap0005nb203afryap3010033.jpg
104.22.12.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-23/00/nb203afryap0005nb203afryap3010033.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 213f5162016be70eb1ee8fabeadba21f
062927411aedeec5c68b2d3cadcaa3786dc2ddc7
ffb3892f3b16724d41831a552b113344930eb18ea9429b1d86e579b9dc830d82
GET /upload/vod/2020/04-23/00/nb203afryap0005nb203afryap3010033.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 10896
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12120
content-disposition: inline; filename="nb203afryap0005nb203afryap3010033.webp"
etag: "5ea06b4a-2f58"
last-modified: Wed, 22 Apr 2020 16:05:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd792109ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/s5tkhrc2j3e0005s5tkhrc2j3e3110035.jpg
104.22.12.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-23/00/s5tkhrc2j3e0005s5tkhrc2j3e3110035.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55dc2c777bdf2d628f26a3453158b358
51e56e9e4d9642ea8058c7b3be7fcd4e49467772
30bd2c77455764e18bfef16e9f5f7d5faed9c905ed155b12428267280493c6f8
GET /upload/vod/2020/04-23/00/s5tkhrc2j3e0005s5tkhrc2j3e3110035.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 11464
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12182
content-disposition: inline; filename="s5tkhrc2j3e0005s5tkhrc2j3e3110035.webp"
etag: "5ea06b4b-2f96"
last-modified: Wed, 22 Apr 2020 16:05:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893a09ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/oedcgnlwu1k0005oedcgnlwu1k2810027.jpg
104.22.12.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-23/00/oedcgnlwu1k0005oedcgnlwu1k2810027.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 68c7192904436b0cfe3c55eae2273cc7
a17bcb0b04c6232509c8aac59ed7e450361d9d97
1d0149ab6edbe20effab89bd0a82f36093ac3b19f0bd8fe1b4a4009b7f6c394a
GET /upload/vod/2020/04-23/00/oedcgnlwu1k0005oedcgnlwu1k2810027.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/jpeg
content-length: 11026
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11628, status=webp_bigger
etag: "5ea06b48-2d6c"
last-modified: Wed, 22 Apr 2020 16:05:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63dd792009ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/4ra1u1y3you.jpg
104.22.12.214200 OK 6.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/4ra1u1y3you.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9dc325bef23f430a1792f83c9b45fe96
985814aea3020b6cb8335246ee0105cf720abb39
1ab3eae93d9793ca292ed8caad7c84dec63312a1bd43eecbc1d260e6c5b7b183
GET /upload/vod/2022/12/4ra1u1y3you.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 6778
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8915
content-disposition: inline; filename="4ra1u1y3you.webp"
etag: "63904909-22d3"
last-modified: Wed, 07 Dec 2022 08:04:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd791509ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/piswl1bs31h.jpg
104.22.12.214200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/piswl1bs31h.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50e2a68979361aea20f4764f266d8b11
dfe9f88aabe2ac74f3fabe0178c1ab774c9987d9
1b995b540a6fafe4e9ed8402cd19a3d36b6ee30e9a134467f0f6d1c90f40970c
GET /upload/vod/2022/12/piswl1bs31h.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7390
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8775
content-disposition: inline; filename="piswl1bs31h.webp"
etag: "639040fd-2247"
last-modified: Wed, 07 Dec 2022 07:30:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4855
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893e09ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/nrk4mgwava0.jpg
104.22.12.214200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/nrk4mgwava0.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c253a3c1b45c9fc022351a34f9210eb0
75407c5538f2a5ce3286f38804a787a1d998daed
e7b415f10b40e4973ad698384cd859c80c07a6c699588feac6f23774188d3134
GET /upload/vod/2022/12/nrk4mgwava0.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 8338
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9696
content-disposition: inline; filename="nrk4mgwava0.webp"
etag: "63904102-25e0"
last-modified: Wed, 07 Dec 2022 07:30:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1404
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd894009ad-ARN
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3894248ea576b69eee1462b4a4b58489
82794005696c6f5ecba30f740739c1691efe97a3
3a0709907a646c47c86479890366a272efa5fd4c737269b5b551e8b09a0c3f51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=111396
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fee42-117"
Expires: Fri, 09 Dec 2022 01:37:06 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:06 GMT
Server: nginx
Content-Length: 279
www.pgsje.xyz/template/pgysvip/images/video-mask.png
173.231.17.179200 OK 107 B URL HTTP/2 www.pgsje.xyz/template/pgysvip/images/video-mask.png
IP 173.231.17.179:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Fri, 06 Jan 2023 18:40:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/ws20ohbtb2l0005ws20ohbtb2l3210037.jpg
104.22.12.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-23/00/ws20ohbtb2l0005ws20ohbtb2l3210037.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca1850273b2019ba4750730ddfc46164
c0d85a72f1a136a9aa7699cfa55637b9d613b705
5a135eae6e03db79d28d42e43378153a70dc6ac1969106f9464309041392c4d3
GET /upload/vod/2020/04-23/00/ws20ohbtb2l0005ws20ohbtb2l3210037.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 11988
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12513
content-disposition: inline; filename="ws20ohbtb2l0005ws20ohbtb2l3210037.webp"
etag: "5ea06b4c-30e1"
last-modified: Wed, 22 Apr 2020 16:05:32 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6979
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dd893c09ad-ARN
X-Firefox-Spdy: h2
pg.doitalie.com/news/data.php
20.187.123.222200 OK 1.8 kB URL HTTP/2 pg.doitalie.com/news/data.php
IP 20.187.123.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c8aec4934cf635a28bef050087663e0c
543b8f896914b26bd82c2c7f6bb8da723c6cca82
19f0fba4a256ff4b4abff99b044ca5d7523b5b01bb0df7505bd1af51cdf7e9ce
GET /news/data.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 07 Dec 2022 18:40:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000g
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/123fmbnmpw5.jpg
104.22.12.214200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/123fmbnmpw5.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 12935d934cdee2344911386d168319b6
8e5074c84f5aab77b0ee5255a889da51a3fd0389
955247681b29e43e3ff3f79aabce36c016ce9d6e3bd33a445da703a8b25b0473
GET /upload/vod/2022/12/123fmbnmpw5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7106
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8017
content-disposition: inline; filename="123fmbnmpw5.webp"
etag: "6390410e-1f51"
last-modified: Wed, 07 Dec 2022 07:30:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2397
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63ddb97509ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/g1uh0pvcelo.jpg
104.22.12.214200 OK 5.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/g1uh0pvcelo.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f6e1b41c7bb13486437b3da906849a0
de4414176347d774c4b4b8c13983438538afe57e
2f0949040c2d3256ce3dcfdc77aa4d665d6f75ded280387d343ea8db2d91d650
GET /upload/vod/2022/12/g1uh0pvcelo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 5012
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6448
content-disposition: inline; filename="g1uh0pvcelo.webp"
etag: "63904106-1930"
last-modified: Wed, 07 Dec 2022 07:30:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6894
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63dda95f09ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/34dmfsbsqtp.jpg
104.22.12.214200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/34dmfsbsqtp.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 442f19611a728b9d76be082fd98dbd33
b1a79e9186eb8c703617b0655d0c21445c8475f1
ebac1777f10ed8619ea585747eebc7381ffb83e4c447f176e8413ce6202c9cd6
GET /upload/vod/2022/12/34dmfsbsqtp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/jpeg
content-length: 9550
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10033, status=webp_bigger
etag: "6390410a-2731"
last-modified: Wed, 07 Dec 2022 07:30:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6893
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63ddb97409ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ochi4dingp1.jpg
104.22.12.214200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ochi4dingp1.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b9de16762930eb1bb3a92efb4e3ddc2c
5993d824a900f1d6ba08f4dad98e21ec915f6936
97ec10802dc91d4c1c40a6cac51e10c70c4058e0bf6e79e382cc1042a9b5b971
GET /upload/vod/2022/12/ochi4dingp1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 8310
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9073
content-disposition: inline; filename="ochi4dingp1.webp"
etag: "638e425d-2371"
last-modified: Mon, 05 Dec 2022 19:11:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63ddf9cc09ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/0hus0t2jxcu.jpg
104.22.12.214200 OK 7.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/0hus0t2jxcu.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b4bebbabcfcde64a9e5ea72a2db7666
0fc43033299c5a4b7842480c4edaa024d0ecc783
be39af4760bcff77b7575741d3220e9034e27696358a22c84540a5bae5597fb2
GET /upload/vod/2022/12/0hus0t2jxcu.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 7792
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8292
content-disposition: inline; filename="0hus0t2jxcu.webp"
etag: "638e4266-2064"
last-modified: Mon, 05 Dec 2022 19:11:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de09e709ad-ARN
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/zdx1ns5l3xa.jpg
104.22.12.214200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/zdx1ns5l3xa.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f77b8c3638a92f75eb1968208e2c03e
cdd6095e46593420e649beb40dd7d58ea0930cf5
17a0d741f8d43d62e96818c6638c61ff09dd6540ec54dde9fb696d0b095fb05b
GET /upload/vod/2022/12/zdx1ns5l3xa.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 9924
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10780
content-disposition: inline; filename="zdx1ns5l3xa.webp"
etag: "638e4259-2a1c"
last-modified: Mon, 05 Dec 2022 19:11:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de5a4009ad-ARN
X-Firefox-Spdy: h2
pg.doitalie.com/news/index.php
20.187.123.222200 OK 287 B URL HTTP/2 pg.doitalie.com/news/index.php
IP 20.187.123.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 79dc7886043139bacf9733d01622c09a
f272a7f468c77df513a42f3c6c45441b33d399b5
f37e1524f8d5d464b2aba4caa5ae049931661e2f56d52f427d2b53a4bccd4169
GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ineedf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 07 Dec 2022 18:40:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000g
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
lbfm.lbpictupian.com/upload/vod/2022/12/dz2ysnspkua.jpg
104.22.12.214200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/dz2ysnspkua.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c0c5b277889b2b71aa641178987bf02
1688c8f1c97dc5bc7ddd090737b30cdf865fe60e
570f2e1bd4660b71b9b29d5f73d68a8a4b536e0a286564c2b58cde70a378163c
GET /upload/vod/2022/12/dz2ysnspkua.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/webp
content-length: 6712
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8369
content-disposition: inline; filename="dz2ysnspkua.webp"
etag: "638e4261-20b1"
last-modified: Mon, 05 Dec 2022 19:11:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2778
accept-ranges: bytes
server: cloudflare
cf-ray: 775f63de5a4709ad-ARN
X-Firefox-Spdy: h2
www.pgsje.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=2022127Wed%20Dec%2007%202022%2018:40:29%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.179200 OK 2.9 kB URL HTTP/2 www.pgsje.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=2022127Wed%20Dec%2007%202022%2018:40:29%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.179:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash dd6427411d473ebd845ede96c90be252
80d57d4872f01b0a4714e611b589ccad020635ba
85fccc047da48e7f16223e2ad883064db5345efbc011d2ca78c10659bb4b095b
GET /template/pgysvip/html9/advertised/advertised.json?refresh=2022127Wed%20Dec%2007%202022%2018:40:29%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: application/json
content-length: 2925
last-modified: Tue, 06 Dec 2022 13:19:35 GMT
etag: "638f4167-b6d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3894248ea576b69eee1462b4a4b58489
82794005696c6f5ecba30f740739c1691efe97a3
3a0709907a646c47c86479890366a272efa5fd4c737269b5b551e8b09a0c3f51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=111396
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fee42-117"
Expires: Fri, 09 Dec 2022 01:37:06 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
104.21.63.42200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 104.21.63.42:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Mon, 19 Dec 2022 22:27:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1541561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HKkzxWjaZrSFdq0jAtNxX8xftcY6POMiFUmD5p3e8RCCxQfFfUvSzF%2BeUwJfiptuI%2FscUd6ClUzDpfkWA1Fzfk%2BtITmj2mcBOV9a%2BzlRc2Tm5ypqa7krodxWByjUjy1yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63de5ab5773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 92095ecfd5b2c852c465a74a9b009d2c
91209179920d81f8b4ba1084b4a57f2b39883cf5
4521efe332c9a09cffa7fce3f33b6806260fab711727d6c8a4c8bad814c4f0d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4521EFE332C9A09CFFA7FCE3F33B6806260FAB711727D6C8A4C8BAD814C4F0D3"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15773
Expires: Wed, 07 Dec 2022 23:03:23 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 166ce1f293435f64c3b05e6aa3f56227
7291347796d9dde6b322577d050fc88d8327c6dc
5fec57e3a991e812f876d8a4f8c290228150bb0ddd2390b0ef86ea5e69968344
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 03:05:06 GMT
Expires: Tue, 13 Dec 2022 03:05:05 GMT
Etag: "7291347796d9dde6b322577d050fc88d8327c6dc"
Cache-Control: max-age=461674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63dffc720d2e-ARN
kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: text/html
content-length: 162
location: https://kvhqqq.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 870297c53111e48331371df0ee3a1e7d
062832114a906e78cbb218ed329de7e99ee28e22
94677a4305d0ae6090eb32d3f9e3df202975e215328c5132df63a992090c9a41
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 08:52:34 GMT
Expires: Tue, 13 Dec 2022 08:52:33 GMT
Etag: "062832114a906e78cbb218ed329de7e99ee28e22"
Cache-Control: max-age=482522,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63de685b0a35-ARN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 166ce1f293435f64c3b05e6aa3f56227
7291347796d9dde6b322577d050fc88d8327c6dc
5fec57e3a991e812f876d8a4f8c290228150bb0ddd2390b0ef86ea5e69968344
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 03:05:06 GMT
Expires: Tue, 13 Dec 2022 03:05:05 GMT
Etag: "7291347796d9dde6b322577d050fc88d8327c6dc"
Cache-Control: max-age=461674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e029c50a33-ARN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 84bc44d3ea7ce4ec75e9110007fe8976
cbc617d13e8344408f218879ac5afb1ef3ddbba2
b19901b055fa533d199d4e77e47f656a17cc3afea4ce3e912693a65ad97903e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 18:22:18 GMT
Expires: Tue, 13 Dec 2022 18:22:17 GMT
Etag: "cbc617d13e8344408f218879ac5afb1ef3ddbba2"
Cache-Control: max-age=516706,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e04d1898f6-ARN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc4947265eb0418d58c516275efa486c
ebc19b237f4554f46d348e2232c21440b35bda70
dc64bf4b5d01cc44d13d8a8d90dc08cda22e27f245e5b7f023fe0120d9388d6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC64BF4B5D01CC44D13D8A8D90DC08CDA22E27F245E5B7F023FE0120D9388D6C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5145
Expires: Wed, 07 Dec 2022 20:06:15 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 710dfe68329c218c79a52e7343129894
347cad9911e95e6f0377130f58b85240d0707ed2
6688d23b9eec93cf214ee22f555a310ae33faa8c72975b38c64b94c2989aaee7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6688D23B9EEC93CF214EE22F555A310AE33FAA8C72975B38C64B94C2989AAEE7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11470
Expires: Wed, 07 Dec 2022 21:51:40 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 6d7a1cbc423fb9285e5001085fb32e9f
af8e347a7cf3cf1c53bf87a062626acd909ab4c5
52d5288b6a1d88080688c5746339bbba27673891c911975418c2fcdf44fdde77
GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 8559361c44a31ec84ee22dbdf5cb6ffc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=47A59871AF11DFB7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash f29688e67210cf64876c86f05f4c8d25
7c9a1ff984dcad3c7dd04ee28e6628afd4e24266
cf09c668eee0aa62ced09173311b6311fc1eb592123f4c193b971503b77c7d6a
GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 4a296a34211523018062c5f310144dae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9D4F5D2FBA4B13A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
dvcasha2.ocsp-certum.com/
95.100.107.173200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.100.107.173:0
ASN #20940 Akamai International B.V.
Hash 299694b726259de82b63c2ab6eebc0ee
9048c562f1217506bca38af7cbd60222b70ee0b0
82d15defe0b8e42378f9ed2357c4b915abd65b7886204b299b734202b87fe453
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=433
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
X-N: S
www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif
104.21.23.48200 OK 48 kB URL HTTP/2 www.yssydh.top/upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif
IP 104.21.23.48:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 238e06fae36a60963dd217adc895c9e4
feb1b8c405b5e162fb23a7727aedb83eae0a9e9f
321e056f1cd521d36cde0b3579d208fd0118f423b07b92622a215ca551639fce
GET /upload/vod/20220727-1/216a680fcabdc4f622130059f8ea82da.gif HTTP/1.1
Host: www.yssydh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/gif
content-length: 47538
last-modified: Wed, 27 Jul 2022 08:34:24 GMT
etag: "62e0f890-b9b2"
expires: Wed, 04 Jan 2023 06:07:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 217969
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INTGcdpjsEH2b03t6C8cG4zLwWJVu0x040p0cVI7m3b9WGZE%2BuVYkiORXMSsxKiRw2RSeY%2FMzI03EcEJw4mo7vBk8X1kFEbJDZRfgWgIWuh8CsDs%2F2%2ByboMG2xcz%2FJ1eEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63e0bf8a2401-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash ffc1fa230c774b6abed13b3e08595ac0
f8d484f9bed88fb8fd45bc4a9fcf2b20cbfc9813
183efb47c6684246b6773792062ab6a262a7dd73eebfa5035bf7b213a10f981b
GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 9c64da0c02358187dcc54b790f81e899
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C1CF528EF0D58970; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 853dbec9937f0a572cef3297cbf66520
8a27ab226f84e46795bc10d95714e5b075878f04
4e5ade82281820e652ac0b8af16258f5061386f7b9926ce41dbc376f82072a8d
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:09:48 GMT
Expires: Mon, 12 Dec 2022 23:09:47 GMT
Etag: "8a27ab226f84e46795bc10d95714e5b075878f04"
Cache-Control: max-age=447556,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e0b99e0a30-ARN
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash ac42b66f8eed5be3d6bc7a5f517e7ca4
ab436b2a48df3d77e5b9943048e8f6e959b04d2e
e971705586bc6523e6f42ba1ea01923a06c380f719977e2c7e8cfd035a6de915
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:30 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 23:13:52 GMT
Expires: Sun, 11 Dec 2022 23:13:51 GMT
Etag: "ab436b2a48df3d77e5b9943048e8f6e959b04d2e"
Cache-Control: max-age=361400,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63e0beef0a3f-ARN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a9def6e498bf70853b30ade485c98ba0
016f613a0d190f63c2ba8425f22cbcf97db8326a
7bbc46a32f2074aa65f847f57b3e5cd00a838e166b96ff019e16b6d52b056caa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110277
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: "638fe9e3-117"
Expires: Fri, 09 Dec 2022 01:18:27 GMT
Last-Modified: Wed, 07 Dec 2022 01:18:27 GMT
Server: nginx
Content-Length: 279
dvcasha2.ocsp-certum.com/
95.100.107.173200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.100.107.173:0
ASN #20940 Akamai International B.V.
Hash 8ff5ece8e32f3bccadbc8cf44b9f917c
0ce683a7af84e2733d431b6789534be22c9ac224
9461a9230e8664513e12b5b3ca97bb54ee58599fa6efc04cae813a1b12e2e220
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
X-N: S
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 710dfe68329c218c79a52e7343129894
347cad9911e95e6f0377130f58b85240d0707ed2
6688d23b9eec93cf214ee22f555a310ae33faa8c72975b38c64b94c2989aaee7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6688D23B9EEC93CF214EE22F555A310AE33FAA8C72975B38C64B94C2989AAEE7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11470
Expires: Wed, 07 Dec 2022 21:51:40 GMT
Date: Wed, 07 Dec 2022 18:40:30 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2020/04-23/00/gvqgoagplci0005gvqgoagplci3310039.jpg
104.22.12.214200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-23/00/gvqgoagplci0005gvqgoagplci3310039.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 441d23c6512d93b1bc83bf89f3aeb54f
c185e9ed609c1bb11824063eeccb851045d6d340
37b48fa84091d7664bbc76262a905fc9516108c7952e08e95825aa8d3bbba781
GET /upload/vod/2020/04-23/00/gvqgoagplci0005gvqgoagplci3310039.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/jpeg
content-length: 12920
last-modified: Wed, 22 Apr 2020 16:05:33 GMT
etag: "5ea06b4d-3278"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63de5a3f09ad-ARN
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a9def6e498bf70853b30ade485c98ba0
016f613a0d190f63c2ba8425f22cbcf97db8326a
7bbc46a32f2074aa65f847f57b3e5cd00a838e166b96ff019e16b6d52b056caa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=110277
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "638fe9e3-117"
Expires: Fri, 09 Dec 2022 01:18:28 GMT
Last-Modified: Wed, 07 Dec 2022 01:18:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
ttsetupian.cc/lm/cstggspk01.gif
188.114.97.1200 OK 246 kB URL HTTP/2 ttsetupian.cc/lm/cstggspk01.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 320 x 190\012- data
Size 246 kB (246207 bytes)
Hash e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318
GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:30 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Tue, 03 Jan 2023 06:08:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 304306
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOgoWOeJluzXnfU6xIPd9zjBAxW4AlgiUMKxQ5DeJhsechp8m682TlZHKlksfmEJ6wY2ZW2dDiGZjLWOk81YGQufRCA1hx5Q3Z8ZduE2OiHKk5zPCU14GB9pt1kg4Mc6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775f63e18e3f76fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash b15195492aa840f9ab136d29c0480b33
660ba22fc4f45f5baee71d436b6202f05a43c9d5
a30bba8b4a03174585c9a98b7cf4a64ba1e18f08d3b5d592c34896ed017a0b18
GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 18:40:30 GMT
Etag: 7b07bf020775d70c57b2f5587858209e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0ACC3722D9E23D1B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 33f7461c8e88d484bbd02b2b60fe1bef
84907f56230bd6f991fdb38a0adb912cd5164742
3921bf64ece504574fe8a3748596f383a5f591468d616ad99ca0675ef03d57f6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3921BF64ECE504574FE8A3748596F383A5F591468D616AD99CA0675EF03D57F6"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16760
Expires: Wed, 07 Dec 2022 23:19:51 GMT
Date: Wed, 07 Dec 2022 18:40:31 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=758930084&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=758930084&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=758930084&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=31A970D0CD2B5837; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1074639336&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1074639336&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1074639336&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9BE2F367913CE524; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1197077524&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1197077524&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1197077524&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16815&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A0F216CB86FF146A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 89f9da4ae3f9c008a5790f4b3cde9fae
c7b4f875b0f50b0ab76cacc496a5e055fb0d321f
3071f00a764e3be6df86cd9fd2214f6349dcfb4874f8393e9d12e747d36bd54b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129375
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "6390347e-117"
Expires: Fri, 09 Dec 2022 06:36:46 GMT
Last-Modified: Wed, 07 Dec 2022 06:36:46 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 0f16558350cdc0791ab380ce4cd55636
7a1654c58ed6498272e499839d14aa99909199e8
6162272254439de90561c9a5529ea309b8d2dbd2522299ec26ca6fed6afe4532
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=98076
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "638fba3b-2d7"
Expires: Thu, 08 Dec 2022 21:55:07 GMT
Last-Modified: Tue, 06 Dec 2022 21:55:07 GMT
Server: nginx
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
47.246.44.229200 OK 460 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 460 kB (459882 bytes)
Hash 9755d798f1df0ff90ff281daf889c27e
6684c546dc5b1e65c84786cf929562e4bf5a4854
86943358042194179070f2e3fa41e8296cd53999c5d025fdcaf6ddff98714f87
GET /obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 459882
date: Mon, 05 Dec 2022 11:57:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:29:24 GMT
nw-session-id: 202212051929240102090950660FC6D0DCgkhk903dy
nw-session-trace: 2022-12-05T19:29:24.652328753+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 459882
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:29:24 GMT
x-tt-logid: 202212051929240102090950660FC6D0DC
via: n132-078-099, cache9.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e53d331f021ee346a4a71cd251f620c397b4785e133000e4fcc6a1414827e76105afaf9318ee148ff06afa2468c0c77cf2a1905b0e38acce52cf9db0363cd74a65d3a109f76bc5c653c18372cd8b87f98cdbbed705c989cbdb2708cf3e5eac60
x-response-lb: image
ali-swift-global-savetime: 1670241457
age: 196974
x-cache: HIT TCP_MEM_HIT dirn:2:442320201
x-swift-savetime: Mon, 05 Dec 2022 12:00:14 GMT
x-swift-cachetime: 31535843
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616704384313965291e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 89f9da4ae3f9c008a5790f4b3cde9fae
c7b4f875b0f50b0ab76cacc496a5e055fb0d321f
3071f00a764e3be6df86cd9fd2214f6349dcfb4874f8393e9d12e747d36bd54b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: max-age=133752
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 18:40:31 GMT
Etag: "6390347e-117"
Expires: Fri, 09 Dec 2022 07:49:43 GMT
Last-Modified: Wed, 07 Dec 2022 06:36:46 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1601971801&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16816&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1601971801&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16816&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1601971801&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.3.0&lv=1&sn=16816&r=0&ww=1280&u=https%3A%2F%2Fwww.pgsje.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 18:40:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F7914D3B459FD19F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
2588qq.com/c866c2012aab41d8b0720af0164eca09.gif
103.170.15.94200 OK 359 kB URL HTTP/1.1 2588qq.com/c866c2012aab41d8b0720af0164eca09.gif
IP 103.170.15.94:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 359 kB (358672 bytes)
Hash 668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859
Analyzer Verdict Alert quad9 Sinkholed
GET /c866c2012aab41d8b0720af0164eca09.gif HTTP/1.1
Host: 2588qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637aff15-57910"
Date: Mon, 21 Nov 2022 08:26:09 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 21 Nov 2022 04:31:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 358672
fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
172.247.77.90200 OK 122 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 122 kB (121778 bytes)
Hash 84d5b2b7d58b70cefc595589530fc731
b6369bb724b71a1c855b1569f36dc63438ba71c0
d1ed1b5c87ddb3e9a2aa3aa5cc4d6c038d87388e80af6a2058886d3f4703108d
GET /images/2021/7/24/dmm7515.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: image/jpeg
Content-Length: 121778
Last-Modified: Wed, 09 Nov 2022 12:00:59 GMT
Connection: keep-alive
ETag: "636b967b-1dbb2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.1202555.com/images/638f3fc293f8ec5e6b5c07a4.gif
185.239.226.87302 Found 832 kB URL HTTP/2 img.1202555.com/images/638f3fc293f8ec5e6b5c07a4.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 832 kB (832544 bytes)
Hash 8a1b22cb6be2662f8c75ace7480ea0e6
380d85b1d74b702a780ee04965fdb9908ab73171
928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0
GET /images/638f3fc293f8ec5e6b5c07a4.gif HTTP/1.1
Host: img.1202555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
172.247.77.90200 OK 139 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 139 kB (138685 bytes)
Hash e9cefc544ae32631f400fb8b3ef0f6fe
4faf7d1b3d4c61774cb17b44b6283b1b14785601
0a5ac49f96a8234348f2acc182e5ab43d6cb5aa426d69a81e161e7181231248b
GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: image/jpeg
Content-Length: 138685
Last-Modified: Wed, 09 Nov 2022 11:58:45 GMT
Connection: keep-alive
ETag: "636b95f5-21dbd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
172.247.77.90200 OK 134 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 134 kB (133978 bytes)
Hash 796a9665a4fbbdb3640a7750c6f07b90
7f07a9f7b1263ba79c6da5b504078c3484ec7c97
47b2c8af58f3213cc952170d1ac97e6de93346c3fa7e3710fc3d32311c833715
GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: image/jpeg
Content-Length: 133978
Last-Modified: Wed, 09 Nov 2022 11:58:25 GMT
Connection: keep-alive
ETag: "636b95e1-20b5a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
2588qq.com/5886d307b86340af836eeb4ef109ba59.gif
103.170.15.94200 OK 426 kB URL HTTP/1.1 2588qq.com/5886d307b86340af836eeb4ef109ba59.gif
IP 103.170.15.94:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 426 kB (425642 bytes)
Hash 05224c1ad7b782f551cbccdcf9f27fa5
c6ee7c8a6a149c7bd96c9e25ac1784fdbca84eb0
0b24fd89f9a5bbd8278bccf94b310be958f495b91597c0bf0c8faa7980ab5897
Analyzer Verdict Alert quad9 Sinkholed
GET /5886d307b86340af836eeb4ef109ba59.gif HTTP/1.1
Host: 2588qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637aff83-67eaa"
Date: Mon, 21 Nov 2022 08:26:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 21 Nov 2022 04:33:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 425642
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
172.247.77.90200 OK 162 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 162 kB (161782 bytes)
Hash 1e71477b4f330ca3b901b5d2e3948663
4fb5006efbdcff61a4f15edba423e488b40b63b0
33c443d0564af32013c9866375b08c588f952f32697ef24c5b82cc23140c8a85
GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 18:42:11 GMT
Content-Type: image/jpeg
Content-Length: 161782
Last-Modified: Wed, 09 Nov 2022 12:01:19 GMT
Connection: keep-alive
ETag: "636b968f-277f6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.pgsje.xyz/
173.231.17.179200 OK 593 kB IP 173.231.17.179:0
Size 593 kB (593180 bytes)
Hash c97e2eb984968edca1e2d7c236450fd7
800d03e5b22d0d82d11726cfd0a86a4f30f50cc7
399eba7afde903083170a7968297cbd262f9157b83b60f7380e1140ed7fe79b9
GET / HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
taiwtp1.com/xin/96060.gif
220.128.218.220200 OK 69 kB URL HTTP/2 taiwtp1.com/xin/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
362728tdg.com/109e604a3c6249d594c56004b700f28c.gif
45.61.212.46200 OK 720 kB URL HTTP/1.1 362728tdg.com/109e604a3c6249d594c56004b700f28c.gif
IP 45.61.212.46:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 720 kB (719745 bytes)
Hash a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
Analyzer Verdict Alert quad9 Sinkholed
GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Fri, 28 Oct 2022 11:44:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 719745
6655cy.com/cdn/ashkad.gif
154.197.16.179404 Not Found 146 B URL HTTP/2 6655cy.com/cdn/ashkad.gif
IP 154.197.16.179:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 07 Dec 2022 18:40:31 GMT
content-type: text/html
content-length: 146
server: cdn-ddos-cc
x-cache-status: MISS
X-Firefox-Spdy: h2
8499483.com/8499/960x60.gif
172.247.109.207200 OK 331 kB URL HTTP/2 8499483.com/8499/960x60.gif
IP 172.247.109.207:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:31 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
8499683.com/8499/s/960x80.gif
172.247.109.205200 OK 421 kB URL HTTP/2 8499683.com/8499/s/960x80.gif
IP 172.247.109.205:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 421 kB (421071 bytes)
Hash 41fc4b2f1acf5b50b851104423f2d6c4
27a1bf7990c02235227ebda30ddfee1aeb4e33db
c49449d823452f844a67cda8057f6d3896f977a92a4d8de62707a9f218291ce0
GET /8499/s/960x80.gif HTTP/1.1
Host: 8499683.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:31 GMT
content-type: image/gif
content-length: 421071
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "66ccf-5ed03b0c9cba8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200.gif
220.128.218.220200 OK 66 kB URL HTTP/2 taiwtp1.com/xin/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash f0ba60ad272f48fb7a6c94d0fff78f8c
5aa704f7f21da3ebcda26cc67adfb21a218e7c97
22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108
GET /xin/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-type: image/gif
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/xin/225135.gif
220.128.218.220200 OK 67 kB URL HTTP/2 taiwtp1.com/xin/225135.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 225 x 135\012- data
Hash 81996a5d1fe46f845ff020017edba5cb
68dc488bcaf576c3c63394123998bb55ea79d121
6ee94aa6b2f278f4d4bff35da13d01e8ecc332464a23050f5a816fe18943b7aa
GET /xin/225135.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:37:59 GMT
content-type: image/gif
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Fri, 06 Jan 2023 18:37:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 64e997a5b35c1d213020194ae1be4355
8ed4247fbf8080a06e69fb5e3e7ed439d7a4502e
e14f91a28cec212c468c4f9d10e5994e04a5c01db9e75ed30ebc97567fc9f771
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 18:40:32 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 09:48:55 GMT
Expires: Tue, 13 Dec 2022 09:48:54 GMT
Etag: "8ed4247fbf8080a06e69fb5e3e7ed439d7a4502e"
Cache-Control: max-age=485901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f63ea9e370a30-ARN
p3.douyinpic.com/obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034
47.246.44.229200 OK 106 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 240 x 240\012- data
Size 106 kB (106081 bytes)
Hash aa5e4e879bac642fd12a056e2247beef
5608916b0f163c45a872aac891bb30a938e35313
51bc350473e5aaa111652dec87b45822d77411fa30855c41ab5366418319b7d7
GET /obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 106081
date: Tue, 06 Dec 2022 13:20:48 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 13:14:25 GMT
nw-session-id: 202212052114250101750890681ED9A6A2rf66p01dy
nw-session-trace: 2022-12-05T21:14:25.768740532+08:00 19
x-bdcdn-cache-status: TCP_HIT
x-length: 106081
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 21:14:25 GMT
x-tt-logid: 202212052114250101750890681ED9A6A2
via: n150-051-207, cache6.l2de2[0,0,206-0,H], cache26.l2de2[1,0], cache26.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0193c1a2d5bddbcc2280e5fd2d1589836b0b5c92f48d337624c1908e1963f816887c01dbfa049a211fec362812c086356fb0e3def8999d25ed269d033b9d801809d7c56d547e1a23871e46a1d75c816191c10951797893b6111f01124050c87e32
x-response-lb: image
ali-swift-global-savetime: 1670332848
age: 105584
x-cache: HIT TCP_MEM_HIT dirn:11:214606459
x-swift-savetime: Tue, 06 Dec 2022 14:04:44 GMT
x-swift-cachetime: 31533364
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616704384328836361e
X-Firefox-Spdy: h2
8499583.com/8499/250x250.gif
23.224.101.34200 OK 91 kB URL HTTP/2 8499583.com/8499/250x250.gif
IP 23.224.101.34:0
File type GIF image data, version 89a, 300 x 300\012- data
Hash 4aefaea31d0c466c9bcd256f9a80c528
de0d04d2279d18ed3673c8cf3bb5300f2cfe41b3
2a2e16800bb9ea5a162165bf7cac230582531a333cd229021cb027fcb5e6c945
GET /8499/250x250.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 18:40:32 GMT
content-type: image/gif
content-length: 90667
last-modified: Tue, 15 Nov 2022 13:01:06 GMT
etag: "1622b-5ed81f2f18e30"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1203555.com/images/638f3fcf93f8ec5e6b5c07a5.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.1203555.com/images/638f3fcf93f8ec5e6b5c07a5.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/638f3fcf93f8ec5e6b5c07a5.gif HTTP/1.1
Host: img.1203555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d0ae885c3fc4ab8b7ca36ecb2dfb034
X-Firefox-Spdy: h2
www.pgsje.xyz/template/pgysvip/css/ate.css
173.231.17.179200 OK 0 B URL HTTP/2 www.pgsje.xyz/template/pgysvip/css/ate.css
IP 173.231.17.179:0
GET /template/pgysvip/css/ate.css HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.pgsje.xyz/template/pgysvip/css/zui.css
173.231.17.179200 OK 0 B URL HTTP/2 www.pgsje.xyz/template/pgysvip/css/zui.css
IP 173.231.17.179:0
GET /template/pgysvip/css/zui.css HTTP/1.1
Host: www.pgsje.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgsje.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 18:40:29 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 03:05:22 GMT
vary: Accept-Encoding
etag: W/"62621b72-16462"
expires: Thu, 08 Dec 2022 06:40:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2