r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19001
Expires: Thu, 01 Sep 2022 20:07:48 GMT
Date: Thu, 01 Sep 2022 14:51:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 14:37:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OQYxqheGo6hEGLonGVToo6AbX0Kbq7tN7Im-2vgFM4VhKoOogzbWQQ==
Age: 807
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iNtO8nHfDjpjtbWSyFKLU_Muc7e48Dl0VtSBO8uNodI-ld9BlwzzAw==
age: 48951
X-Firefox-Spdy: h2
93vi.com/
67.201.5.239301 Moved Permanently 0 B IP 67.201.5.239:0
ASN #3257 GTT Communications Inc.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 93vi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Sep 2022 14:51:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.93vi.com/index.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 13:57:05 GMT
Expires: Thu, 01 Sep 2022 13:57:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q_uBTmhaK3qOXn16ZuG9zrdL_DcUR4VpOgU4BZF8E2R7MvFZ7g0JHg==
Age: 3243
www.93vi.com/index.php
67.201.5.239200 OK 783 B IP 67.201.5.239:0
ASN #3257 GTT Communications Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 816dc899c5311fbf499d4293e233274e
02ac6e16fc35555184769d8961d41195367a95da
9c5b79cb4d4bb07d2c0b66a78e39c642f97b463d2b61a314a5fef067b4a1fd95
GET /index.php HTTP/1.1
Host: www.93vi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 14:51:07 GMT
Content-Type: text/html
Content-Length: 783
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3120
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:51:08 GMT
Last-Modified: Thu, 01 Sep 2022 13:59:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.93vi.com/tj.js
67.201.5.239200 OK 520 B IP 67.201.5.239:0
ASN #3257 GTT Communications Inc.
File type ASCII text, with CRLF line terminators
Hash 29ae705b67845821aeb5514a7bc73371
f4367767b44e9011d41e29176ac25ac30d813fbd
1b01cb5c7ea41436d9f4707b1289b4152033dae5d5a89089d348fcc6f7bf3e80
GET /tj.js HTTP/1.1
Host: www.93vi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.93vi.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 14:51:07 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TQV1jiQ5CcBcM35VXpOcRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vKh7P5q6XHr/cbRs+86JMIYsJBQ=
www.93vi.com/common.js
67.201.5.239200 OK 1.1 kB IP 67.201.5.239:0
ASN #3257 GTT Communications Inc.
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e
GET /common.js HTTP/1.1
Host: www.93vi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.93vi.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 14:51:08 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.93vi.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 01 Sep 2022 14:51:09 GMT
Etag: "4078521116"
Expires: Fri, 01 Sep 2023 14:51:09 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=0A21F72D68BF55CD264EE03491874A1D:FG=1; max-age=31536000; expires=Fri, 01-Sep-23 14:51:09 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 568ba4712f7fa16ea59daeadb046fc0e
7fc5b4b0b59804efb4adcd86b8d10a835f8e4076
cde09c868345bc2f5375a56fdddd9328df5203de7b49f97b1eec2ea6162bf027
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Sep 2022 12:32:05 GMT
ETag: "7fc5b4b0b59804efb4adcd86b8d10a835f8e4076"
Last-Modified: Thu, 01 Sep 2022 12:32:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2867
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743ed287fb3f0b69-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 568ba4712f7fa16ea59daeadb046fc0e
7fc5b4b0b59804efb4adcd86b8d10a835f8e4076
cde09c868345bc2f5375a56fdddd9328df5203de7b49f97b1eec2ea6162bf027
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Sep 2022 12:32:05 GMT
ETag: "7fc5b4b0b59804efb4adcd86b8d10a835f8e4076"
Last-Modified: Thu, 01 Sep 2022 12:32:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2867
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743ed287ffb5b51e-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash c2f8db73c5a503bfd876d7647c3c3d7b
f2668231b61d443e7444bfadedb3ca3d41d604b9
f297e385620fbb797f02ef42c3b26b1b425a0f8bc8e06dac24cf4c7a078c9811
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:09 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 03:46:19 GMT
Expires: Thu, 08 Sep 2022 03:46:18 GMT
Etag: "f2668231b61d443e7444bfadedb3ca3d41d604b9"
Cache-Control: max-age=564308,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed2884d41b4eb-OSL
www.93vi.com/favicon.ico
67.201.5.239200 OK 1.2 kB IP 67.201.5.239:0
ASN #3257 GTT Communications Inc.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.93vi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.93vi.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 14:51:08 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 06 Sep 2022 14:51:08 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12406
Expires: Thu, 01 Sep 2022 18:17:56 GMT
Date: Thu, 01 Sep 2022 14:51:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12406
Expires: Thu, 01 Sep 2022 18:17:56 GMT
Date: Thu, 01 Sep 2022 14:51:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12406
Expires: Thu, 01 Sep 2022 18:17:56 GMT
Date: Thu, 01 Sep 2022 14:51:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12406
Expires: Thu, 01 Sep 2022 18:17:56 GMT
Date: Thu, 01 Sep 2022 14:51:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 13:35:58 GMT
age: 4512
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:19 GMT
age: 62031
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fo9YF1JJrYUMp7y9uM7av78_409D9n4ZWSaeydPAH7HuQzd8vOPiRg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:36:46 GMT
age: 62064
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:45:21 GMT
age: 349
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1ELVJBwpf4d3Fbspah-2KCSXx08D8_ZAgcZZjQSJdkMIUmtNmGJOw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:59:05 GMT
age: 35525
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gwk8Z-MzgO1APlMgvdN3-5KGdQ2K4I959yy-YdbVUD5AOZTQ0mjYhQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 00:00:46 GMT
age: 53424
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash b2119330e3678c9a3c4ab7ab02e39cc7
824d07d6e6813b44d26fb727d586bd6cc8f7d55b
f980e053fad52b96ece595e3b8ff41df50b774fe1ddbad97282af76144dc0d6d
GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.93vi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:51:09 GMT
Etag: b3d6bb05605071c6e4e95244af6ce83a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8CFFA2598FB5F0CE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?c1479d5915918e835700b15c96ba2372
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c1479d5915918e835700b15c96ba2372
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash fec104ad2ef649cac3d474fad95ac67c
32261de4be4635b6d448f27315a2b300fed8c9d3
1d23538ca41d99882ed64fd8c7053c1905f59dcee0004a75da7dd6acf5d217bb
GET /hm.js?c1479d5915918e835700b15c96ba2372 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.93vi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:51:09 GMT
Etag: 2e0a292659a6f11b0d935a5b05fa1f13
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6A31BF4C3878BF52; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2144744500&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=10736&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.93vi.com%2Findex.php&tt=%E5%87%89%E5%B1%B1%E9%83%8A%E5%B7%B2%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2144744500&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=10736&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.93vi.com%2Findex.php&tt=%E5%87%89%E5%B1%B1%E9%83%8A%E5%B7%B2%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2144744500&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=10736&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.93vi.com%2Findex.php&tt=%E5%87%89%E5%B1%B1%E9%83%8A%E5%B7%B2%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.93vi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:51:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=89F3049628BBB6B0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1081237620&si=c1479d5915918e835700b15c96ba2372&v=1.2.97&lv=1&sn=10736&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.93vi.com%2Findex.php&tt=%E5%87%89%E5%B1%B1%E9%83%8A%E5%B7%B2%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1081237620&si=c1479d5915918e835700b15c96ba2372&v=1.2.97&lv=1&sn=10736&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.93vi.com%2Findex.php&tt=%E5%87%89%E5%B1%B1%E9%83%8A%E5%B7%B2%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1081237620&si=c1479d5915918e835700b15c96ba2372&v=1.2.97&lv=1&sn=10736&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.93vi.com%2Findex.php&tt=%E5%87%89%E5%B1%B1%E9%83%8A%E5%B7%B2%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.93vi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:51:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=09AE96E176C4E00E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
api.share.baidu.com/s.gif?l=http://www.93vi.com/index.php
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.93vi.com/index.php
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.93vi.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.93vi.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 01 Sep 2022 14:51:11 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 13c4c276a318340b3014ed34ccf0003c
88c0699e1060c58af678f11dc756ec2a96a40caf
beff6c6eb60514949faea291006627091636032c84cd012e1d1332895c3d8a90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEFF6C6EB60514949FAEA291006627091636032C84CD012E1D1332895C3D8A90"
Last-Modified: Thu, 01 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21559
Expires: Thu, 01 Sep 2022 20:50:31 GMT
Date: Thu, 01 Sep 2022 14:51:12 GMT
Connection: keep-alive
ocsp.dcocsp.cn/
47.246.44.231200 OK 471 B IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash cc5661fefacbe8fac08be0592e96e09b
dc27d8f43f051fa3ccdb3ee2730206265f9a887b
288a918e20b1370a6909f1a796f80f832cdbaee5f93d85ed3a2e275fb1847c98
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 01 Sep 2022 14:25:33 GMT
Ali-Swift-Global-Savetime: 1662042333
Via: cache21.l2de2[0,0,200-0,H], cache23.l2de2[0,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0]
Age: 1539
X-Cache: HIT TCP_MEM_HIT dirn:4:73062827
X-Swift-SaveTime: Thu, 01 Sep 2022 14:25:35 GMT
X-Swift-CacheTime: 3598
Timing-Allow-Origin: *
EagleId: 2ff62c9816620438726088198e
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Thu, 01 Sep 2022 14:14:35 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: 85AAAAC6UCcZwhAX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1662041675
Via: cache15.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache7.se1[0,0,200-0,H], cache2.se1[1,0]
Content-Encoding: gzip
Age: 2197
X-Cache: HIT TCP_MEM_HIT dirn:11:72939968
X-Swift-SaveTime: Thu, 01 Sep 2022 14:14:59 GMT
X-Swift-CacheTime: 86376
Timing-Allow-Origin: *
EagleId: 2ff62c9616620438726201012e
www.pgurg.xyz/template/pgysvip/css/honglou.png
173.231.17.179200 OK 19 kB URL HTTP/2 www.pgurg.xyz/template/pgysvip/css/honglou.png
IP 173.231.17.179:0
File type PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e
GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Sat, 01 Oct 2022 14:51:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgurg.xyz/template/pgysvip/images/1.gif
173.231.17.179200 OK 254 B URL HTTP/2 www.pgurg.xyz/template/pgysvip/images/1.gif
IP 173.231.17.179:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Sat, 01 Oct 2022 14:51:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgurg.xyz/template/pgysvip/html9/ad/zxf88.js
173.231.17.179200 OK 614 B URL HTTP/2 www.pgurg.xyz/template/pgysvip/html9/ad/zxf88.js
IP 173.231.17.179:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5544a44cad5faf09138fde07c5d2ff1a
b435357e5621bc4c023c289943638f84c560f644
e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8
GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: application/javascript
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Fri, 02 Sep 2022 02:51:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
104.21.63.42200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 104.21.63.42:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Mon, 05 Sep 2022 01:11:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2295574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yEVwkOJc0G1UTGWDuNLNVMsWPeBbFSYx%2BlgFCsX9XKgUkfvi008d3LWkUf8DrZSiCQKWkfcpdZdLW%2BuzNK9kkjxuZxMdW2M345rrI6g8NtfmEgxThogYNx9ZoTKETnYkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29c7e47b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b78b2c9d154807fb22e3bf2f2c3ee973
d2c4599976ff0d2f54fe7d48972f8cb07635bec7
b63264c98b0e624207400a257389cab98581c87cddd67f5546d3f63c1944bc72
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B63264C98B0E624207400A257389CAB98581C87CDDD67F5546D3F63C1944BC72"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7513
Expires: Thu, 01 Sep 2022 16:56:25 GMT
Date: Thu, 01 Sep 2022 14:51:12 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-01/12/tw2v3cwdysk1244tw2v3cwdysk1923351.jpg
104.21.235.173200 OK 14 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/tw2v3cwdysk1244tw2v3cwdysk1923351.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 58276304b53b5d409c85d2566e5ca04c
de48afb28bf503621b2c6d071dfbee8d378512c9
545a024a29befaa8bb3a814e20691ff29689f9ce7933d166150bd3b2e0b164ea
GET /upload/vod/2022/09-01/12/tw2v3cwdysk1244tw2v3cwdysk1923351.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 14203
cf-bgj: h2pri
etag: "96c9b97fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v65njvpkRWKGafzoPrRXYfwlVHTHaIklNMFTnNkcphFTRKfEH6zivs1dH9ZFzDoEb1ELRpzAcOzujMusSNtBpQgJnj4yZJKAX2jcozBqLsVWRaKWLBjKPt5o42X7viGhUPq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4a8375c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/h0nn2zfvno21244h0nn2zfvno22223357.jpg
104.21.235.173200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/h0nn2zfvno21244h0nn2zfvno22223357.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 94e1aa087073513853b88a498d9145f1
147c4c809a4bea4ae2817235103bd7606eda448d
0612d06b2c554d2d97742a0ce0944e0c460b906e4369ccde6e9fc5e21ba401e2
GET /upload/vod/2022/09-01/12/h0nn2zfvno21244h0nn2zfvno22223357.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 6855
cf-bgj: h2pri
etag: "2275b81bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3821
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO78uKsRR2eDffpNiEzRLlUNcORCRe3MV7rO69UNsp1TV3%2BacUKLGxzBjv3F4SMLq5fdXbQe23feBgroHJJxj0doUCpivhN13MI1rMRCWjJ9vvIeJEBlQ9q7Zpcr5RC4G2VH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4a9575c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/fv5ei1qnrdn1243fv5ei1qnrdn5523321.jpg
104.21.235.173200 OK 8.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/fv5ei1qnrdn1243fv5ei1qnrdn5523321.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1be9858ce8654c03caa73e9197b2fefa
ca789888f584a7c5945cdb688389edab10cc02c6
a87672b9da42e65b378c8c08c75b8ae269915e8fdde31e63749794903673ca29
GET /upload/vod/2022/09-01/12/fv5ei1qnrdn1243fv5ei1qnrdn5523321.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 8184
cf-bgj: h2pri
etag: "593e2071bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2B4M9EkqIVmTdz%2Byv37FoeyTYF1TFlyo%2BBdhQmxNg9Z3XNwK138KtlDUcOiFiOuENoLtwb25CPwIyXkiT2%2B1dmqvKLry4hzqewTV2L%2F7s%2F22joQ265RezDzjRXJPd6%2FT0Xal"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4aa175c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/2qo0iaq4fpf12432qo0iaq4fpf5623325.jpg
104.21.235.173200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/2qo0iaq4fpf12432qo0iaq4fpf5623325.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ceb9c6bb38fddcdc37ad089e92bfb1eb
ce3ec5c67896e8490650c81d2c60714e9640834e
60e5aae63bf02b7036bb21d391158f07168c0fa7b9d5db3e797f71f5819c7270
GET /upload/vod/2022/09-01/12/2qo0iaq4fpf12432qo0iaq4fpf5623325.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 8468
cf-bgj: h2pri
etag: "e6a23272bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ0Kt6aDe1VMir6GvvhK5V6i82%2FTCzWBNsk07rOPoqUb8FfJ58PWiNxJQMT4HEUrkBOczx75OSalJE5dTnBCx3KLxyYXjF36naAZo2HLPQKuPFSGdz4wX9Gc4rr4IzdVZqx9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4aa375c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 879b0ab1665f23f1fe850bbf0ad82c94
110608009465c987d57828c7a3333f78e23f3629
5f684f4b196bd25c1a8b9dccfc8dc08983d77df07838556ead62e2190fe36a78
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5F684F4B196BD25C1A8B9DCCFC8DC08983D77DF07838556EAD62E2190FE36A78"
Last-Modified: Wed, 31 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14544
Expires: Thu, 01 Sep 2022 18:53:36 GMT
Date: Thu, 01 Sep 2022 14:51:12 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-01/12/3bqsf1nz3lw12433bqsf1nz3lw5323317.jpg
104.21.235.173200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/3bqsf1nz3lw12433bqsf1nz3lw5323317.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 35979a86ea1e3fe4c97d12772071273c
b68f1f6f26d005b849f4fbfe76f6913f3ac87868
898cb0f0a23fe6f9503308359d0f0a9c00f29f236ba9892b1c64d6aeb0fae10c
GET /upload/vod/2022/09-01/12/3bqsf1nz3lw12433bqsf1nz3lw5323317.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 7472
cf-bgj: h2pri
etag: "9280b70bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtQvwjyIEL3M7kMpqeaFidVqyA6htz6EzqJ1EdZBVZsv0XfEHze0wmuZZUYl87%2FCUrgqYArDwL%2FWhc2fAsSnbE19j83ZCFL1pROrRqmpWH9Yk1OzFOiDNIOX5wBOrwToRS2S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4a9e75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/tp33jjxvg1o1243tp33jjxvg1o5623323.jpg
104.21.235.173200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/tp33jjxvg1o1243tp33jjxvg1o5623323.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b9d23a8ced2df9a40564a7fe6971e8bc
8716ac79d53d45de2b15603eeca220d3120505fb
dbc59e44b20467a2ecd136670948f2c2221d1c0488fbe6bdbdba63bc3f94cf89
GET /upload/vod/2022/09-01/12/tp33jjxvg1o1243tp33jjxvg1o5623323.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 8939
cf-bgj: h2pri
etag: "38bbaa71bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fzs30uE6XZrmfkVD62puY3KO%2B%2FMExUlhraZu4%2BB%2FlCPg3y2lw2elzr0knDWhnSJStU2JPW1KHnmm5zc22Th8i8NXmiGG6eezZOWRAb8xLgZhuYnVKCJozQ66bWs0KeZQULy4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4aa275c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/id1ejwvrhay1244id1ejwvrhay2323359.jpg
104.21.235.173200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/id1ejwvrhay1244id1ejwvrhay2323359.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 8adb405849cf9b3a981b4a9ebdd293df
a572550a8c3ff6eca0951ccb15eb6fa0c966570b
a7fb496ba115b950cd9c4b04e68e4f1c25a7ded1c3c05148a43b436c1173794d
GET /upload/vod/2022/09-01/12/id1ejwvrhay1244id1ejwvrhay2323359.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 12005
cf-bgj: h2pri
etag: "b250e581bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3821
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j26UexG1oxnRKS07kvBbIulc8j9CG8%2BwcLVQpSflJgb%2Bgmm4vlJLHYi4gQ%2FiCtz9tJ%2BxC%2F2so87Ozkm09mRtKgtfgmCwPDQXYuu4p1HfCO5aMgVoqWIqKK%2BqsNEjZ66qvX%2B5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4a9a75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/jk10x24sprx1243jk10x24sprx5423319.jpg
104.21.235.173200 OK 9.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/jk10x24sprx1243jk10x24sprx5423319.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 861733e63c3e031db51faf15bee705f5
9c77a9f8111b8d22f79886109fd56d836a176252
d39f56ac04b189092efe3aaa4eef01c7107998cdf46e2e042eb490084bd3281f
GET /upload/vod/2022/09-01/12/jk10x24sprx1243jk10x24sprx5423319.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 9450
cf-bgj: h2pri
etag: "ac579870bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trle43Au0zGjhgyjmWjpdaTuX5g8CQP6BFcSalG8yhhp8WcspGwniI%2Fm7JSm1l57bQqxyZ%2BTGiU%2FZwuaZcpbNI7qOs7UriSv9eik8gJqWlQlClyAWuzsfSjWDX0%2BQx0NRIc1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4aa075c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/ngdcsphlpdw1243ngdcsphlpdw3123315.jpg
104.21.235.173200 OK 6.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/ngdcsphlpdw1243ngdcsphlpdw3123315.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 211b3b33f710427da7aa58b5ae9db617
b0625340e5467472fbf08e3bc3d2b2bee2a08847
eef92a6ddf459c526bace813741f079c400fd341346ca252d505cba3a8006299
GET /upload/vod/2022/09-01/12/ngdcsphlpdw1243ngdcsphlpdw3123315.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 6913
cf-bgj: h2pri
etag: "3e5e886fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:43:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2M3Itiyws8nTaVC%2B60Lb6Ufn6lYoM5U5yMcqw%2BIy3uAxvoGMZwnnt4plrP50YfVKk48ft6hiJZr%2By4Jp73qDca8KyQfsFSDqO2SxGepA2zRx2zVQQSEnDy0RYbs4SpM6eem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d4a9c75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/2tspenojgr518052tspenojgr50211455.jpg
104.21.235.173200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/2tspenojgr518052tspenojgr50211455.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a24c52b3670ff9b6860ea7a087020a64
abc96ebf047af4b413fdc206211025357f423303
835d1cd829f4ad427736827e71975d92bf41efd6abdbf597d435733d57926a6e
GET /upload/vod/2020/04-23/18/2tspenojgr518052tspenojgr50211455.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 8876
cf-bgj: h2pri
etag: "1c56fa75619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 54
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ozzfv%2F7Zr%2BNwwQJ7Hm0GoTvX6qdEgItM8IJ%2FGTJXJVKPrHtAart%2Fcibkq0LMErujzaSvBU0x5UDZMn%2BHMRtYWBYeNGvSqNlPV9cuhWhlt3g4ZmAd%2B49JSeGEB6wZZm5p1AFJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5ab675c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/yiu1vplffmy1805yiu1vplffmy0211457.jpg
104.21.235.173200 OK 8.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/yiu1vplffmy1805yiu1vplffmy0211457.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3a4d4a036b9a8f61c5a003cbd0809ea5
96e533d2b5a5e1127e8937ca3ab380fd8e8eacaf
fd853d782ec45bc60ca6f298bad97455184378d65e39e76d2d30aec92bcfbf23
GET /upload/vod/2020/04-23/18/yiu1vplffmy1805yiu1vplffmy0211457.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 8727
cf-bgj: h2pri
etag: "8662eda75619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 54
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k2q7tbpDFEUiinDJuOg1hiIP73g0qMWRR0DzVo1NM96DHc4%2Ba7gOhINwkHtF%2FPMpoV9zDsOdI2YMTNz0jLRcndoBLf5uNMJWDF1%2F3m062Brub9x81YrluOpc8Fop1Sw%2F666"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5ab975c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/vzrvnark3r11805vzrvnark3r10311459.jpg
104.21.235.173200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/vzrvnark3r11805vzrvnark3r10311459.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4e83154cf37c9ee9302fd20672d4846c
0230dc36326edeb17c13c35992561a9a1c66acc2
a6f6ef59bda6f909c6e2833bc7746e449e39427e96ef2c6a80b979041f6afbac
GET /upload/vod/2020/04-23/18/vzrvnark3r11805vzrvnark3r10311459.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 12800
cf-bgj: h2pri
etag: "1bc06ba85619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 54
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT%2BrWlotnuaclXqiICrqWr3vlGka%2Bqt3ilXOObCQLn0%2BoEMOXbYh7VN3YhtvXcsXQSdXmAb7oEkaeVGeLgX9%2FWUCLam0GgfKfO%2BCg8cxv7gTeEDQULt7XtlFm0pTqAz74Qfl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5aba75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/wf1mdy5yxhn1244wf1mdy5yxhn4523393.jpg
104.21.235.173200 OK 6.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/wf1mdy5yxhn1244wf1mdy5yxhn4523393.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b983c5a6f34e53df23a69d982a106ea4
cc0dd209cb5057ef8a195554fff2267a7a234ffc
0accd993fe5b38fc7d6454427f3cf1371c053d39e175deaf16fb0a0f6e143e47
GET /upload/vod/2022/09-01/12/wf1mdy5yxhn1244wf1mdy5yxhn4523393.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 6233
cf-bgj: h2pri
etag: "65904f8fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4572
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zN9YDlaOZgFLPyGgClFF6%2FVl94NCp8UZvp%2FoMUx8OJ%2BubKifEywW370j3C6R24lFJpVoE1xjd7KalxXFI5sm8%2FfuCpf9Bin9MZ2F9NVeAFXoIsJMyk2fJYG35Nr4KWxpQLBr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b0b75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/movkdtg3qiv1244movkdtg3qiv1823349.jpg
104.21.235.173200 OK 14 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/movkdtg3qiv1244movkdtg3qiv1823349.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash a14466898c3553de268b4836a4d745b8
632ddf28d27c0ef4b4d638be533d6338f2a64913
a70f71d8f95d9dd94a9fa399e067b08c2af9f1aacc97bda1695745fea569a095
GET /upload/vod/2022/09-01/12/movkdtg3qiv1244movkdtg3qiv1823349.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 13493
cf-bgj: h2pri
etag: "51b9317fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4593
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0UIbYjHldHbjMnP3iYtBBa6TRWmXidBxWaQufW%2Fg2fZ35rmuiBBJQryFOTM5GRsq4T117z5R%2BtxqCcDxO6qPioqGL%2F1ACRPv0xeHRHWvFdvC4MPTIeVP7aM6Qh9qCKuBc4q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b2075c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/yuxhvwfsdh21244yuxhvwfsdh22123355.jpg
104.21.235.173200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/yuxhvwfsdh21244yuxhvwfsdh22123355.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash aae97611ea40420d0c05ce46a6d67ccf
c33e21b5746fd363bdcc377735bb54256973f8ba
c230609ce2c575b2502c1dd99a25de92b0659b4156ed057e94cba739f9d41679
GET /upload/vod/2022/09-01/12/yuxhvwfsdh21244yuxhvwfsdh22123355.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 8938
cf-bgj: h2pri
etag: "2e20d380bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3821
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxU9xK7%2FUgUHS7XxKrJzrM77CxP6UgNQLZYJebKq6zt5MQGiPM5Je1X4h%2F54ByZIKq%2F020xrH2pHJxTV4X4CRH4a9ILBGB3YGFm%2BOspmDCXiE25Zx90Zd48aaU2COvD6dzT1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b2775c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/egdzzyrrg3a1244egdzzyrrg3a4723397.jpg
104.21.235.173200 OK 9.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/egdzzyrrg3a1244egdzzyrrg3a4723397.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 82fd45ad8f6a65fda44da8c7f7852a61
8fe209e5d5c24c27b29eec430a341de0f8134f11
05be0abb62155449679d1291b334950f3fa7d5ef6782604b3ae664fefdc5a01d
GET /upload/vod/2022/09-01/12/egdzzyrrg3a1244egdzzyrrg3a4723397.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 9949
cf-bgj: h2pri
etag: "56ca5a90bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4572
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUDi1HICtnHYXQ%2BqIKFZZZvfUo6%2FAJ4SPIHaCdb%2BJtzfgaQBTBxcDxYAm8CgpXDnvP%2BcubygmcCXm8sw6JhnYNXD8ntuqa%2F2qYxu5YYSIcgpyFfSXKSGBP4cGcG3GEd5ONKx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b2275c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/vsapdsmuqq11244vsapdsmuqq12023353.jpg
104.21.235.173200 OK 14 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/vsapdsmuqq11244vsapdsmuqq12023353.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 3ac7e149912995be253f6f51a6f3e74a
049d2b885ae480886e4d613a595039d27ccb3398
2e5d4cc251fb4ca390d0553776951a7abe0a2df4ef979167725ffcd5b1c24b01
GET /upload/vod/2022/09-01/12/vsapdsmuqq11244vsapdsmuqq12023353.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 13742
cf-bgj: h2pri
etag: "ead74880bdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYqcInwZrjx3li6K%2FXKNAFN0kU13PZ9kV4YGjiefXh%2BkfZu5D6nQfP%2FhsC6BElVJc62k1TAXHC2HfuydpcHAamkivzzVYLQueat6FtmnzNWlCWV%2BT%2F9iyfqw9B2Swf%2BdHCYO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b2175c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/u5dw1z30egt1244u5dw1z30egt4323389.jpg
104.21.235.173200 OK 4.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/u5dw1z30egt1244u5dw1z30egt4323389.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 81410fc8ce7bd2b2dc8ebf01ebef796e
ba84e239abb8bbc928c6c80373f39aa713d1daf3
794cbf3513b3883ca901358aa4b0838316733dbdfba00eefb796518513cca19f
GET /upload/vod/2022/09-01/12/u5dw1z30egt1244u5dw1z30egt4323389.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 4803
cf-bgj: h2pri
etag: "3b38368ebdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4572
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Lei9IyTWtDEcczKRk5jhNM%2Bql5bbu5VLc03cAcar8xAPJF2HzPxSN3X%2FQeuCJaaYhtxp1mvKMnBCpoUGjWBPcjI2R8X0GVuCoFZPdeLnAdpDbVCtbe%2FT04pUnKSCC4KnEOS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b1875c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/1vlds15z1u512441vlds15z1u54623395.jpg
104.21.235.173200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/1vlds15z1u512441vlds15z1u54623395.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 450e59a25ad63035255d6b64ef3dc8c8
69329643a18e9c2dcfce5755d5c31078668706c4
c6b9a88720e1150b384b71be89e168ffe5d15a4239ca11ca08ac40fd9ce99983
GET /upload/vod/2022/09-01/12/1vlds15z1u512441vlds15z1u54623395.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 10861
cf-bgj: h2pri
etag: "35a8d78fbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4572
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ePV7xe5U3B7VNyKDxnxHJc%2FEVgpX1fLP%2Bq%2Bmzr4frqLUknbcy0xAp%2FjHdZ2wy7bHsKolFcGwVqQYuXIrIElyWT9ZNHBx0S3CcN5U6nBc8IWCyAvRDnNCE5jTdAwXwh1ppOO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b2575c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/x1zz4nlpg4f1244x1zz4nlpg4f4423391.jpg
104.21.235.173200 OK 5.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/x1zz4nlpg4f1244x1zz4nlpg4f4423391.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 5da4b7400a675f792de5551b0e6bc1fb
7f84aa6df02c6b6a547594db40b73d712788a9d5
858175d8f9de81a0a7a370e1a92d0974b577ffc8fc0c537832fc4954e825f474
GET /upload/vod/2022/09-01/12/x1zz4nlpg4f1244x1zz4nlpg4f4423391.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 5434
cf-bgj: h2pri
etag: "331fbe8ebdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:44 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4572
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xF5s1FgQ0FykpvqxodoLHuEpWfamFBacQ4ZvUPLB8RxMIEhm9dmpF%2FB4P4E0D87XWD4861EGSdQ1aH0FPYzfpgTrV4OyfK%2Be18twYa5%2FEv7f%2BYIClSszvnQ%2BAski2XaR4bn9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b1575c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/si2pnojk41p1244si2pnojk41p4323387.jpg
104.21.235.173200 OK 5.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/si2pnojk41p1244si2pnojk41p4323387.jpg
IP 104.21.235.173:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 65b56480c2daa18306b25659f1909ff9
50295db4d8256302a42e7e64c4046a299e2b5d4c
9561fd13fae907b555d27df30dcc5aa138e2257c6a859acdc786e7adccb001b2
GET /upload/vod/2022/09-01/12/si2pnojk41p1244si2pnojk41p4323387.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/jpeg
content-length: 5085
cf-bgj: h2pri
etag: "aab3b08dbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:44:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4572
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reEqld35Pncj%2FWnPfLTizRp8tOJFeiO%2B0JVml1l3ptJWRC2J1Of%2Btq7DJJfGhyxYOC16WdxaYQ3%2BQQaUabC4%2F1wG%2BRo6lpR1uZ%2FdQEf8B%2BKWjrfosrI85FfqwUATHWWGemMs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b1b75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cca10abec860694647cd3dc0ba0c8111
684ddf7f83046225d444b799b9aec73f8819fcb4
f50e163f11bb6b363138b750dcde7f10f5a6e0e2929f202b5986c783e3d9622d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F50E163F11BB6B363138B750DCDE7F10F5A6E0E2929F202B5986C783E3D9622D"
Last-Modified: Wed, 31 Aug 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1877
Expires: Thu, 01 Sep 2022 15:22:29 GMT
Date: Thu, 01 Sep 2022 14:51:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cca10abec860694647cd3dc0ba0c8111
684ddf7f83046225d444b799b9aec73f8819fcb4
f50e163f11bb6b363138b750dcde7f10f5a6e0e2929f202b5986c783e3d9622d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F50E163F11BB6B363138B750DCDE7F10F5A6E0E2929F202B5986C783E3D9622D"
Last-Modified: Wed, 31 Aug 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1877
Expires: Thu, 01 Sep 2022 15:22:29 GMT
Date: Thu, 01 Sep 2022 14:51:12 GMT
Connection: keep-alive
www.pgurg.xyz/template/pgysvip/images/video-mask.png
173.231.17.179200 OK 107 B URL HTTP/2 www.pgurg.xyz/template/pgysvip/images/video-mask.png
IP 173.231.17.179:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Sat, 01 Oct 2022 14:51:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgurg.xyz/template/pgysvip/images/video-play.png
173.231.17.179200 OK 1.6 kB URL HTTP/2 www.pgurg.xyz/template/pgysvip/images/video-play.png
IP 173.231.17.179:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/pgysvip/images/video-play.png HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Sat, 01 Oct 2022 14:51:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/c5vlfyl0hjx1805c5vlfyl0hjx0911473.jpg
104.21.235.173200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/c5vlfyl0hjx1805c5vlfyl0hjx0911473.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a157ce841a5cdbfa55063f114644f162
c8e5e695973b3f1a243a46fe22b9f28fe7460772
7dddb7a0c52ccadd7f82ac7e062cdc24684f1d03b32b8a93ee51ca215a378609
GET /upload/vod/2020/04-23/18/c5vlfyl0hjx1805c5vlfyl0hjx0911473.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 10820
cf-bgj: h2pri
etag: "5c786ac5619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:09 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k449THrpmThUcOX0MnAR64aBU3RKdHmCGIZr9RFowtId0tlIy4LuK%2Fp3J986jcAwm5En9z4E4o8whg9%2FKX8d1ATO5OWv1%2FGU2Lzve9InQL94AVmJsAGIJUeTMsLbil5MuXOn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5ac075c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/ufcedf4qzwq1242ufcedf4qzwq2923245.jpg
104.21.235.173200 OK 8.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/ufcedf4qzwq1242ufcedf4qzwq2923245.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2668ddff3716c2e755ca102ce42daed9
03566588950a03e4fa31b2e68b8c01edc564dce0
95ae8d376353bd6612bf3b7a515fcf0342363d04185efbdc75d6a91e5d326d09
GET /upload/vod/2022/09-01/12/ufcedf4qzwq1242ufcedf4qzwq2923245.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 7976
cf-bgj: h2pri
etag: "71e9e43dbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:29 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqgH3mnoGT0m7SyixuYM8LN%2BGrcw8Faldz3l6OuLHRbX3%2Ft1AUDf426FCKnzM6rRcuF0m%2B7oU0GKN%2BOjPG8a0EE9ezRHMhfcMkWJSd1Ya3gdUiRuwMSq%2FB94bPUyxNg61Th3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5ac275c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhdd.com/3a18042ae802ca6796e7d42a7d4a8b3a.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhdd.com/3a18042ae802ca6796e7d42a7d4a8b3a.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3a18042ae802ca6796e7d42a7d4a8b3a.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pg.doitalie.com/news/index.php
20.205.43.35200 OK 210 B URL HTTP/2 pg.doitalie.com/news/index.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 42e759088c8a384e18daa138d867b4af
a233a5c844f4c892557a1bf1b156a428284c443d
8a458d9ad6916cd66398accca90e909be2b907ff0965301834f23b84da8eca73
GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.93vi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:51:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/fb1wf0vallo1805fb1wf0vallo0611465.jpg
104.21.235.173200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/fb1wf0vallo1805fb1wf0vallo0611465.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3ee3b3d73dcea56585a9be17c9065890
b2dcfd77b9d47c2ca8d419268d69da9d6937aace
8a881f63444854c3c9f23e196837f6fc842b53c799fb7168be01dea58cc40bec
GET /upload/vod/2020/04-23/18/fb1wf0vallo1805fb1wf0vallo0611465.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 12077
cf-bgj: h2pri
etag: "5813e2a95619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:06 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE0ZYu05IumY1qgeC1goOLixoafQthH%2F5oQF%2FlNOAWrBAuUrCNKfl%2Bqrb9aN01kpJJceHFMcigArmlVrzQ2A%2F3nHE%2BZvyVecrOv0ZS%2FBnglRv92B81mJaQPsyApICjIiJvB8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5abe75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.pgurg.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=202291Thu%20Sep%2001%202022%2014:51:12%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.179200 OK 3.1 kB URL HTTP/2 www.pgurg.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=202291Thu%20Sep%2001%202022%2014:51:12%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.179:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 7e2ab1db554297f4b9fd0d06cf5ba4fe
c65fdf752d0a4885529625e7fe2a7b6cf50cfc48
5f545fdc187a2303f79c1cb96bc1977f6aaad75bde6c6a6c584ababd48a0077e
GET /template/pgysvip/html9/advertised/advertised.json?refresh=202291Thu%20Sep%2001%202022%2014:51:12%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: application/json
content-length: 3083
last-modified: Wed, 24 Aug 2022 12:58:26 GMT
etag: "63062072-c0b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/wlbu3iqcc251242wlbu3iqcc252523237.jpg
104.21.235.173200 OK 9.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/wlbu3iqcc251242wlbu3iqcc252523237.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 751a03745b93a55f2a757917dba5e40f
c78058263bb6e78adf28b0dbf11162a2c237b197
12600746558673ac592959c2038ffd7632751e23b5bb24c964ccca71a5babc2e
GET /upload/vod/2022/09-01/12/wlbu3iqcc251242wlbu3iqcc252523237.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 9407
cf-bgj: h2pri
etag: "8494c23bbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5dNKpBF%2B9QV4EM4L9Q9AAibHs4AdOWBUegThTdc2fdZA%2Fb0pVrngKVkpCtUXfzSzkss7e7JGLsjuFhOXOS7qOAyNTEMRPJnXS8eJjEjQ8Xs4veloLFsQQPhcV781d%2FHUBnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d8afe75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
104.21.234.200200 OK 1.0 MB URL HTTP/2 acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
IP 104.21.234.200:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /3acd6109c1789c68133976726c0d3a33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: image/gif
content-length: 1024160
last-modified: Fri, 21 Jan 2022 10:02:31 GMT
etag: "61ea84b7-fa0a0"
expires: Fri, 30 Sep 2022 08:11:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 110387
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oiQVBf76yjvBGCnIKMwRh%2FxPghq4ECH3Qk9aFM4oB1%2Bh1qyY2UyfCPxfYmvHRVwt3CTGhhT6aH0KrG%2FblmpKyJvX2x8pFI6s69q%2Bk1LmOUbMGWgvUlws%2B4mbP2POA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29ddc1d7320-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 879b0ab1665f23f1fe850bbf0ad82c94
110608009465c987d57828c7a3333f78e23f3629
5f684f4b196bd25c1a8b9dccfc8dc08983d77df07838556ead62e2190fe36a78
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5F684F4B196BD25C1A8B9DCCFC8DC08983D77DF07838556EAD62E2190FE36A78"
Last-Modified: Wed, 31 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14543
Expires: Thu, 01 Sep 2022 18:53:36 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2bcc1ad9da1ea6baf9060c4283ed3f61
11c9ba870fe2232771c2ab4efb99990428b4d433
9432e3163c61dcc6e47765b11ef0d7a0dfacdcbdc8357d519b5ac49f07ef8aa1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9432E3163C61DCC6E47765B11EF0D7A0DFACDCBDC8357D519B5AC49F07EF8AA1"
Last-Modified: Wed, 31 Aug 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1698
Expires: Thu, 01 Sep 2022 15:19:31 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ffe82485253dc28cf483b02e3a440920
27f346e12418936daaa73c396c62f7b28c5b1660
61d94e1b45df998b2705045b8872cd92999ad58f93decfbea1a623f45599f1ae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "61D94E1B45DF998B2705045B8872CD92999AD58F93DECFBEA1A623F45599F1AE"
Last-Modified: Wed, 31 Aug 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14283
Expires: Thu, 01 Sep 2022 18:49:16 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2020/04-23/18/1manvpu1tow18051manvpu1tow0511463.jpg
104.21.235.173200 OK 8.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/1manvpu1tow18051manvpu1tow0511463.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cc4f9b92582ca3ec06792fd3412e1619
75f0bf46395744ac0f34f74e48f7d31d76592ccd
3f7323e03a49e461955b852187f8b41ed4267612addbc324bbba321742970ff0
GET /upload/vod/2020/04-23/18/1manvpu1tow18051manvpu1tow0511463.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 8944
cf-bgj: h2pri
etag: "391866a95619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:05 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWWzXThVfWyvqwGpyzJlwqqgGiVMditHTp7ymvQ5JCwScT5%2FcwFRrCWok86%2F6nzOJJzuY68fQK6jIHAsz0fKyGzYPwpBdzWFj36eklSaG9KmiYOPQJUR21KrRiJxUVn4Leio"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5abc75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ffe82485253dc28cf483b02e3a440920
27f346e12418936daaa73c396c62f7b28c5b1660
61d94e1b45df998b2705045b8872cd92999ad58f93decfbea1a623f45599f1ae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "61D94E1B45DF998B2705045B8872CD92999AD58F93DECFBEA1A623F45599F1AE"
Last-Modified: Wed, 31 Aug 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14283
Expires: Thu, 01 Sep 2022 18:49:16 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2020/04-23/18/hod1ulyhqk01805hod1ulyhqk00411461.jpg
104.21.235.173200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/hod1ulyhqk01805hod1ulyhqk00411461.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c66ba3f9b1981fda3463ff5a26443b58
ca8b689cc7968e1dbced660aacd4c1c962f7f02d
a6a9d08206542fa84ac46100dbd7b0b95b1b155471957a5c35be4e1cd8e4c2e1
GET /upload/vod/2020/04-23/18/hod1ulyhqk01805hod1ulyhqk00411461.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 12445
cf-bgj: h2pri
etag: "ebbe7a85619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:04 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FggAtEtjZCIqTwI%2F3vjjVbHWZSoF0xUygpnhrydGmPFjEN7y8VyqxOMBBCBFD%2FGDJGJhIOTiy1Bx18M76BC%2FeUwcdYuxEzlmd3%2F5%2FMlRsU2bWuXFOo1kOHOP4xFjkJSbZBqf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5abb75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/2fzrxt3012e12422fzrxt3012e2723241.jpg
104.21.235.173200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/2fzrxt3012e12422fzrxt3012e2723241.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7ce23ad2ac30d9e7a0e3f739a185deac
9c9d9b894327113d48ead583638c67c021f147ce
19ef7568d60f4566e4d32817921b3a5f5158ac012d330b7b435ee7d089353587
GET /upload/vod/2022/09-01/12/2fzrxt3012e12422fzrxt3012e2723241.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 7472
cf-bgj: h2pri
etag: "4961d23cbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:27 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2Fx9XBtVPVWZ%2BwAUvOgEnRVxEpwNsn9SHMpRkti0FpxF4nyiOeBIEp0OvDXk9f%2BMF4KK2ep6Rju8dFiyE%2Bhk1nd7IpORCqF5DBSP7rAdvjXAEX0hqbKKMmPyleEVFRwcfNkd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d6ad875c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/0hfuhwmbrw518050hfuhwmbrw51011475.jpg
104.21.235.173200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-23/18/0hfuhwmbrw518050hfuhwmbrw51011475.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 517b22cc45125129ddb57ff3e67b4593
58734711f9a94fda4a7a26728a6e9e583e9a4ed0
f68686b6e8b1733cc5e385c5d1a7034e1243d4d0fdf435ff13617e71caea53b3
GET /upload/vod/2020/04-23/18/0hfuhwmbrw518050hfuhwmbrw51011475.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 11808
cf-bgj: h2pri
etag: "85f8eac5619d61:0"
last-modified: Thu, 23 Apr 2020 10:05:10 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geUfMPJKn7OERc1JRHdiTkuqBUW091QYDo2iinymYxcBClWvbPA6FlEVWfU3OlzX9RQqbdSygl8tCav%2FbodWkrHRT7JNzyyfIy8dynvPrXIQDLzICaIvbTCET4AIKgHBIlCC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d5ac175c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/3d1vs55d2cl12423d1vs55d2cl2823243.jpg
104.21.235.173200 OK 17 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/3d1vs55d2cl12423d1vs55d2cl2823243.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 085775c806a76e236ffd583f06696948
04378abff72b295b47a89afb384cdc285fa4fdfd
2fa49963f644ae6dbdaab7e86a883872630d49aefc41c2b62476d1e48e90bedc
GET /upload/vod/2022/09-01/12/3d1vs55d2cl12423d1vs55d2cl2823243.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 16700
cf-bgj: h2pri
etag: "79485a3dbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:28 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkM7zHJ1o1vJW2dHs5YgFLXkw7phc6kGSveWL6a8L2Fw8ASyiwkbryhJGp5w9UwZwzX7WA6LiVABSThlibaY%2BqfSChTl%2BvOVspJjb7UzARP8Nz1%2BuOEhpG0gKv4sm1Pjas9V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d6ad675c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif
172.67.185.29200 OK 1.0 MB URL HTTP/2 kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif
IP 172.67.185.29:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1001238 bytes)
Hash 4bd2014f3b4f56252da35a5af5628cfd
0a6f7d35317885b9e4a6d5a388c6f44686628f27
ed7fdbb2d11646a7ceb15c6531bd911fd2dc5989afff8219c124e1d61a81b315
Analyzer Verdict Alert quad9 Sinkholed
GET /3a18042ae802ca6796e7d42a7d4a8b3a.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 1001238
last-modified: Wed, 17 Aug 2022 05:38:46 GMT
etag: "62fc7ee6-f4716"
expires: Sat, 01 Oct 2022 01:03:51 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 49642
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5XcUlt4P5ZjERjjQRpkqoBrayGTrq3%2B4d89PzJ%2FqrYt%2FCogqFjmoy7dy8DDu1Ps7iqbTGQeZbFKR5%2B7hAq2X5%2FJNecuJGBk3zJQDqxvAotbHDD3jwel9Q7B%2B%2BR2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29f4db2b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.pgurg.xyz/
173.231.17.179200 OK 18 kB IP 173.231.17.179:0
Hash 07a250ad3cec6b6ec802a4124f506fc1
ed04e00c899466dbccf7cec06f70c6d4bfc2d5ae
4aee9fcb9018dd25569109513284dba41676fe121f2d1a0a00e56603ca1126e6
GET / HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.147.13200 OK 196 kB URL HTTP/2 kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 15:18:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 84785
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLsR2ejpdLOwfEFdy6ZvxbWnvKFMPix8oa3AfbJDtOQlHjfap9I75SumV8j6IndOGv38cBrNbtXV8CZAz5HzQdzKabZUsuhI9pcZb7rvXUZG0A4XBeR58%2BloyhTB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29f4844b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtlll.top/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
172.67.185.29200 OK 729 kB URL HTTP/2 kvtlll.top/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
IP 172.67.185.29:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 729 kB (729369 bytes)
Hash 53d9d1d54befa25cdc0fffcae0123c91
50faead5d2778663e39eb8f7c99f0d6e0b9b7d54
db9f74a15518df5af75769bd98d3d72eb69641c257ea220e9b52cd4cc98cd112
Analyzer Verdict Alert quad9 Sinkholed
GET /b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 729369
last-modified: Sun, 07 Aug 2022 13:16:57 GMT
etag: "62efbb49-b2119"
expires: Sat, 24 Sep 2022 08:31:12 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 627601
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRTYESazZOk%2F27CRKizAKvzk5dk3OiMGgUhQzmiRTWR2k0tPNcT4Avhi6pe0WVlLtAsbqmXFbNNOwM899LYVM2MN7RrYZs3EPbcokgBrKg8Te%2Bkjo1AaxqwsxhIl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29fde58b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a4c71bb51e299420dfe1e238f2dd17d
6a77be5234945767db9d3bb9a7fac61131795b41
dfafdf969ff462cbeaf982195439e1c3f8abecd8516719f1e259ac59bad0e9d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFAFDF969FF462CBEAF982195439E1C3F8ABECD8516719F1E259AC59BAD0E9D0"
Last-Modified: Tue, 30 Aug 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2042
Expires: Thu, 01 Sep 2022 15:25:15 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 119b988514aceaeb322ac7906f64a4eb
a08b8d2de94b6c952b7353878d05617af502efc9
df4fa49e63f2ce1fb51b2c3ee2098cbdec359939af34fc3ea1cad85b072c87ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF4FA49E63F2CE1FB51B2C3EE2098CBDEC359939AF34FC3EA1CAD85B072C87EE"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21505
Expires: Thu, 01 Sep 2022 20:49:38 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/09-01/12/4tn1qhzhwyc12424tn1qhzhwyc2623239.jpg
104.21.235.173200 OK 8.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/4tn1qhzhwyc12424tn1qhzhwyc2623239.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 464403547f4a6cdaa59081cb67d731bb
d3374ab71e6025dc15ca536642ac81a03ec63f7d
60b6c8ff267090f9d7cf7e6ee04b4993bd2ddb47b27f806af0cd3f475c83cbf0
GET /upload/vod/2022/09-01/12/4tn1qhzhwyc12424tn1qhzhwyc2623239.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 8561
cf-bgj: h2pri
etag: "8add4c3cbdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:26 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h84T5ZaSSAMj1l0KokIc%2B3nIEe5n9oTDrxLhJUsRmbm9bWgJ5bd%2Fl5HEi2evbWKBLTxXLCm2gGGzlpW5o%2FzfFHzDPdUEtsbAJm2FDxwTLPvvFxkPuO2%2BRRU6WfH%2Fgs75llNS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d8afd75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-01/12/juf22ojfkke1242juf22ojfkke3023247.jpg
104.21.235.173200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-01/12/juf22ojfkke1242juf22ojfkke3023247.jpg
IP 104.21.235.173:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ab13767a24d03c0eb232c512565dcd21
07cbd6b0f5d1bfef1e131adb697249141ae1fa78
0c63072bb7ecec4d92abc68d1271f886cf0abe68f432fd257c6e95560f733eef
GET /upload/vod/2022/09-01/12/juf22ojfkke1242juf22ojfkke3023247.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/jpeg
content-length: 7510
cf-bgj: h2pri
etag: "be326f3ebdbdd81:0"
last-modified: Thu, 01 Sep 2022 04:42:30 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Go8xCd8zsf3mNEQPjAhDtcdkUJaXaRhE%2BoH7tD88rKdAWOBt5u30GeLiIEzJC4FwlpeiL9vVKp6Im%2BdMeHUU9Og9N0VgomZrwAHorMrFpb8QQhfdGZ%2F81uT91%2BWguDOoYR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed29d9b1e75c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtbbb.top/3b519146003914bff4ecede8a7b76f26.gif
172.67.147.13200 OK 45 kB URL HTTP/2 kvtbbb.top/3b519146003914bff4ecede8a7b76f26.gif
IP 172.67.147.13:0
File type GIF image data, version 89a, 300 x 250\012- data
Hash 27a2817f52fee59d33a011663237afdc
e7d0b357438c2865cebc6c484e5d59bc1f048593
646c480e9b32d6623a25cb02951e9e2be603ff3926511754c6994f29857626fd
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvtbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 44685
last-modified: Wed, 29 Jun 2022 14:36:22 GMT
etag: "62bc6366-ae8d"
expires: Thu, 29 Sep 2022 21:16:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 149656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA95clTbLjmmB5j6ySTErwok7B9KQ%2F2RyEMFZTtco1r6ixqEzg6mR6sDHjDX1oFCeTrsCjNJv%2BTrjHdaFLxXZPtzHEP84OZ9uRgJAnB2rigMYlRKRs6%2BC811V%2FYr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed2a0297ab503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42b8545af754fab4b32b6c88209217b4
8ccab1ea72352ffbc1ee262bd81b0d06eaa75356
2602ee264c9495721ec232f656f03d1c6201c0e329561ef8481ed65de7689c8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2602EE264C9495721EC232F656F03D1C6201C0E329561EF8481ED65DE7689C8B"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1953
Expires: Thu, 01 Sep 2022 15:23:46 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
ttsetupian.cc/lm/cstggspk01.gif
104.21.13.145200 OK 246 kB URL HTTP/2 ttsetupian.cc/lm/cstggspk01.gif
IP 104.21.13.145:0
File type GIF image data, version 89a, 320 x 190\012- data
Size 246 kB (246207 bytes)
Hash e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318
GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Fri, 23 Sep 2022 14:30:45 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 692394
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRa1P7vwHO5wzPAyPf3v2365lbgCjPOlrO6FLxi42I0IaMTyDCdI8bA8pLd%2B8%2BFCneOWV8ha8qVguVn6VhAQ%2FSZamiU0JYh9AZ%2Fbjwu2LM1y5RS2mzCppGwAhNs1XQj%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed2a08fca0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2bcc1ad9da1ea6baf9060c4283ed3f61
11c9ba870fe2232771c2ab4efb99990428b4d433
9432e3163c61dcc6e47765b11ef0d7a0dfacdcbdc8357d519b5ac49f07ef8aa1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9432E3163C61DCC6E47765B11EF0D7A0DFACDCBDC8357D519B5AC49F07EF8AA1"
Last-Modified: Wed, 31 Aug 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21366
Expires: Thu, 01 Sep 2022 20:47:19 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ffe82485253dc28cf483b02e3a440920
27f346e12418936daaa73c396c62f7b28c5b1660
61d94e1b45df998b2705045b8872cd92999ad58f93decfbea1a623f45599f1ae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "61D94E1B45DF998B2705045B8872CD92999AD58F93DECFBEA1A623F45599F1AE"
Last-Modified: Wed, 31 Aug 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14283
Expires: Thu, 01 Sep 2022 18:49:16 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
pg.doitalie.com/news/data.php
20.205.43.35200 OK 21 kB URL HTTP/2 pg.doitalie.com/news/data.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 977de093993ec48237c262d4d9cc52bd
755b522162ab050a7c69e0fb7e9092ef7a7ff6c5
c493c75dfcb89efd59ce2ceb429bbedd194d9ce6f6fa3d06c5313a78d0382abd
GET /news/data.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:51:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6343853661aa119a742c0ddf12f5f714
2e6f116f2da05071dcd9e4347934d050db8a33bb
5404e31fcb8dff0e4d2fbb8d1a53af15a1f0b12c8670a0db9e8d3000b38fb376
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5404E31FCB8DFF0E4D2FBB8D1A53AF15A1F0B12C8670A0DB9E8D3000B38FB376"
Last-Modified: Tue, 30 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4527
Expires: Thu, 01 Sep 2022 16:06:40 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 1952cea71a5aa730d168da34a00adb17
0e0c7503c9497d00b5b599a1f5f4bef5faccc7e5
b5f4a0e0242cef228c7323b46bd0c81a199248d80be2081dde90ab483cf72a0a
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 14:51:13 GMT
Ali-Swift-Global-Savetime: 1662043873
Via: cache8.l2de2[57,56,200-0,M], cache8.l2de2[58,0], cache4.se1[80,79,200-0,M], cache4.se1[80,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 01 Sep 2022 14:51:13 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816620438734178812e
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: text/html
content-length: 162
location: https://kvkddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0wut3IuOIN0
163.171.140.79200 OK 51 kB URL HTTP/2 si1.go2yd.com/get-image/0wut3IuOIN0
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7a02a69b00eebfc2977f6d8417cf8141
2203e026eacda489b6e3aa673d5c14bb1526a6dd
e994a6c450acbc20fdca555a5a30d15af3af102f608bbd8a6a5bd295a1ee41ac
GET /get-image/0wut3IuOIN0 HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 50826
server: Tengine
x-application-context: application
x-kss-request-id: 385cb47819904891b6a20cdd2df33e9d
etag: "7a02a69b00eebfc2977f6d8417cf8141"
content-md5: egKmmwDuv8KXf22EF8+BQQ==
last-modified: Sun, 09 Jan 2022 13:06:09 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ks135:6 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:4 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:11 (Cdn Cache Server V2.0)
x-ws-request-id: 6310c6e1_PShlamstdAMS1cc96_23758-5152
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 005dbd02a5f477af14f693a15dcef839
124d97f474e06704db2176c60ab68228e849cb7e
9078f2afcac647f8c15d4338e7386f62aaaa3a32d512c277c81d31c9b5612ada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 14:36:09 GMT
Expires: Thu, 08 Sep 2022 14:36:08 GMT
Etag: "124d97f474e06704db2176c60ab68228e849cb7e"
Cache-Control: max-age=603294,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed2a06fa80b4d-OSL
hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash c51608fb7b2ad3ab30e1061820c911d6
21a86f66b63d28c1bec500221454824a74628cb2
1d792b404555f99d17ffd422652be89c8401f4d803cab7b362f82882a7b881af
GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:51:13 GMT
Etag: c2af8f42040fe59afe2969c8e392a074
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=ACBA9DD6C63A04EA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 567715cc7a9cb4aaecc858b94933f30b
253c41162ed67dccd46c98c295f6f39a141792d9
a0be538d46bd90de206a32c8fc3236f8d56dc583afefa548dfc6b675983e476e
GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:51:13 GMT
Etag: d7ca581020fe907038813b3e7e8895c3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F8E711F59EAFBB9B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash c5c8b3f7508f9fa1c602ce5ec849cecf
eb02f640caa748a5a96c8621a42b0bde40795505
8c2f2e5c396602d4c6ec7e0aa34fe339d4d190eaf9ae4a5ef08f14bae3800d75
GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:51:13 GMT
Etag: 80178b8ef337a9685ba441fb730d2021
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=550F3907AF537F02; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b64d3a8d964607a870e4a266f471227
fe060679fed78bc9ade15dd58d1dc8a3aa7c6346
1ac6845a3aadf5b57783da1071a64960f83d9871f0cc4777e0fb11c1edd3a018
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AC6845A3AADF5B57783DA1071A64960F83D9871F0CC4777E0FB11C1EDD3A018"
Last-Modified: Thu, 01 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20839
Expires: Thu, 01 Sep 2022 20:38:32 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 441c3c8567fd43181c2a0d2b68318d3b
9ebc0ac7563700b3730024934108e9e0b9936d0b
8789118f9a69f07575d41d7a979cb9e0590ef650c1b34fee36551eb1da40a57e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 13:29:07 GMT
Expires: Thu, 08 Sep 2022 13:29:06 GMT
Etag: "9ebc0ac7563700b3730024934108e9e0b9936d0b"
Cache-Control: max-age=599272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed2a06ba9b4f4-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 433ec6aa72708d396d24f7c0b8e11204
41068dcd20150379b7c1ac32526d320a6b80b77c
39016b4d0fd0ca96525076f1ef840468891e52cf1c3bbc100b7ac8046db8ec2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39016B4D0FD0CA96525076F1EF840468891E52CF1C3BBC100B7AC8046DB8EC2F"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11876
Expires: Thu, 01 Sep 2022 18:09:09 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
kvkddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.233.183200 OK 902 kB URL HTTP/2 kvkddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.233.183:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvkddd.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Wed, 28 Sep 2022 07:26:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 285904
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzfkhSqC994O7rEFeklo1ldUnSXENm2JfWPM0K9cTUIuaWaWpW2ZGZRGpNHGWU2BQcYgqVI%2FVv83SFuV40iT745fnhfbRm%2FbXoRvGuXptnKAq6uJ6bdP6NNHvk0f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed2a23a6d74c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7590c950f3814a95f2481891486d2a96
6b57a89ceb7a8a712ac52ea13bef4714b9d0c02e
20c33b0d9516389423a1ac53a2244cf343cc3d0357e63d9bb2819f7913e69152
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20C33B0D9516389423A1AC53A2244CF343CC3D0357E63D9BB2819F7913E69152"
Last-Modified: Wed, 31 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8631
Expires: Thu, 01 Sep 2022 17:15:04 GMT
Date: Thu, 01 Sep 2022 14:51:13 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 164d1a617c1be0ae8e63a6c8fc8a9b23
f231b7878af008e883093857ed4b4503471cc58d
c94fe10995629fece8d554b728377c3708e2b6778ea7040c91c8cec87c55a052
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 17:53:24 GMT
Expires: Tue, 06 Sep 2022 17:53:23 GMT
Etag: "f231b7878af008e883093857ed4b4503471cc58d"
Cache-Control: max-age=442329,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed2a27aa30b4d-OSL
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 464ba40a6be8118221b9754e5f11ceb4
458561e970ddd1484927dd82ef2e5e5a481f29f6
215a92449f1b811e4828745a25ba5beaa9f6412de9f09afb4d0ad398f361ba06
GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 14:51:13 GMT
Etag: 4c02964f0eed0c284bcd226fe39fbd12
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=83042EDE20332E81; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: text/html
content-length: 162
location: https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1353099618&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1353099618&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1353099618&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:51:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A021DE73667FAF0C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.21.33.223200 OK 400 kB URL HTTP/2 acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.21.33.223:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:14 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Tue, 20 Sep 2022 23:21:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 919755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMrUG5Pmyabs27YL0RRJRae8lKl37tqi5aMWr0I%2BCTpuChtcVu%2FFgd39mXu9M9sgmWsZ1sVDO3pD4VlIrviW3cYPqxgo1mL6w9l3cPNrJ8PI5UeiGeNmh9GoxweHKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743ed2a4ab53b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=467054276&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=467054276&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=467054276&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:51:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2F659E48385795A9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=762945527&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=762945527&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=762945527&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10738&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:51:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1A0323730878224A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0fa02c06cae1a43c0f83ce7e898d2cd9
45851e7665425090261936e6104c807bc9f29a32
d54ab72f0774413067d97eafff2f3159ed7f2788444278501ffa54079466e561
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 19:10:49 GMT
Expires: Mon, 05 Sep 2022 19:10:48 GMT
Etag: "45851e7665425090261936e6104c807bc9f29a32"
Cache-Control: max-age=360573,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed2a3bb4bfac4-OSL
u0071.com/9ef4f1d640934338bea53d331173f9a1.gif
20.239.191.20200 OK 139 kB URL HTTP/1.1 u0071.com/9ef4f1d640934338bea53d331173f9a1.gif
IP 20.239.191.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (139388 bytes)
Hash a5b0e74df1797465e01cfc87422f9202
be7e59e32ba0f8a1d52759d7113521d591c4425b
2156bac1f7a54267c0bc620da31f7ea354f8f08ba2e7af1ea2114175c338df82
GET /9ef4f1d640934338bea53d331173f9a1.gif HTTP/1.1
Host: u0071.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:41 GMT
ETag: W/"62936591-4f6da"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
taiwtp1.com/img/960120.gif
220.128.218.220200 OK 121 kB URL HTTP/2 taiwtp1.com/img/960120.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 120\012- data
Size 121 kB (120952 bytes)
Hash 8b1ce22d19b73e71ec05f04491df7cae
101ed504920b13424231d6fb3540fb7dfdba69e3
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
GET /img/960120.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:49:43 GMT
content-type: image/gif
content-length: 120952
last-modified: Thu, 10 Mar 2022 10:55:56 GMT
etag: "6229d93c-1d878"
expires: Sat, 01 Oct 2022 14:49:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
20.24.204.227200 OK 37 kB URL HTTP/1.1 33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
IP 20.24.204.227:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7ded2042a95c6c192a2c06e07075236e
1fc93212b6c5296bb2e0b403884c9b37e93c27a6
8095fedc5bd55fab27f9e37eed655234aab58b2925ea2494b04dcf5ae089f699
GET /83ba7e533208445fa097e17c23a48e1c.gif HTTP/1.1
Host: 33869213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Jul 2022 07:53:43 GMT
ETag: W/"62dcfa87-b269"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
104.208.78.115200 OK 37 kB URL HTTP/1.1 u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
IP 104.208.78.115:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 910f18fdc66120d774b5e52a309b0cfd
cf303808e3664ff87c387824d6f32df1df8af56c
01c54f3caed68e21a22c348b63a3e13e26a36ae0625f12d30d704f6d5d49db41
GET /ee2552e0433e4f19ab771ef923ba5299.gif HTTP/1.1
Host: u0053.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:58 GMT
ETag: W/"629365a2-92cd"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:49:43 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sat, 01 Oct 2022 14:49:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 164d1a617c1be0ae8e63a6c8fc8a9b23
f231b7878af008e883093857ed4b4503471cc58d
c94fe10995629fece8d554b728377c3708e2b6778ea7040c91c8cec87c55a052
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 17:53:24 GMT
Expires: Tue, 06 Sep 2022 17:53:23 GMT
Etag: "f231b7878af008e883093857ed4b4503471cc58d"
Cache-Control: max-age=442328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed2a39871b4f4-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=373250434&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10739&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=373250434&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10739&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=373250434&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=10739&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 14:51:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=925690F93AE192A8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0eaa019552b51345388aabf0ae3f6cc8
6b35623bfa2e2e876e12d6ccb5ec251746e22413
5ae480064d643386022dfe977d0ad4e09cd0fd83740d0adbe26fed33dcca0ffb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 04:29:51 GMT
Expires: Thu, 08 Sep 2022 04:29:50 GMT
Etag: "6b35623bfa2e2e876e12d6ccb5ec251746e22413"
Cache-Control: max-age=566915,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed2a40c9b0b4d-OSL
65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
103.170.15.105200 OK 580 kB URL HTTP/1.1 65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
IP 103.170.15.105:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
Analyzer Verdict Alert quad9 Sinkholed
GET /53218c3090e04eccae534334cb03ed4a.gif HTTP/1.1
Host: 65686232255.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630cc146-8dadb"
Date: Tue, 30 Aug 2022 03:37:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 29 Aug 2022 13:38:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-35
Content-Length: 580315
n0355.com/4cb9d81b8882419cbeeb73a2ee309b60.gif
20.239.190.150200 OK 60 kB URL HTTP/1.1 n0355.com/4cb9d81b8882419cbeeb73a2ee309b60.gif
IP 20.239.190.150:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 6656d5ba1f702e4338255e951b70173c
85082b9f04b84c937868b59a57eebd3e44f1fa78
5d675c4e1a501b8c0a542c1d6a1ed8a64f3670bdff6f74231ccf708c14591657
GET /4cb9d81b8882419cbeeb73a2ee309b60.gif HTTP/1.1
Host: n0355.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:27 GMT
ETag: W/"62936583-eb62"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
103.170.15.110200 OK 112 kB URL HTTP/1.1 unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
IP 103.170.15.110:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 112 kB (112447 bytes)
Hash 41a695940d0c5bd9d1f0ad33ab681ccf
f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6
GET /1000c6da2a3c4746b97daa78f8f1b65f.gif HTTP/1.1
Host: unpfqc9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62935fa0-1b73f"
Date: Thu, 01 Sep 2022 11:45:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 29 May 2022 11:57:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 112447
89958716765.com/14112a98f9104043bc1d7e2e4ec39ac2.gif
103.170.15.100200 OK 584 kB URL HTTP/1.1 89958716765.com/14112a98f9104043bc1d7e2e4ec39ac2.gif
IP 103.170.15.100:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
Analyzer Verdict Alert quad9 Sinkholed
GET /14112a98f9104043bc1d7e2e4ec39ac2.gif HTTP/1.1
Host: 89958716765.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630b2c84-8e959"
Date: Tue, 30 Aug 2022 03:53:14 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 28 Aug 2022 08:51:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-30
Content-Length: 584025
6655cy.com/cdn/ashkad.gif
154.39.66.11200 OK 311 kB URL HTTP/2 6655cy.com/cdn/ashkad.gif
IP 154.39.66.11:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 311 kB (311408 bytes)
Hash 99ed707e8993e93bff73dbb369e89b3e
21d1ef9c09316253b35c31df246c4cef8766df62
99d1c91a54ee659b7055b38390708fb6405f9b8e8f4d70a20616ced03adbfb62
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 311408
last-modified: Mon, 15 Aug 2022 08:53:58 GMT
etag: "62fa09a6-4c070"
expires: Sat, 01 Oct 2022 00:20:43 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
93533557591.com/109e604a3c6249d594c56004b700f28c.gif
103.170.15.105200 OK 720 kB URL HTTP/1.1 93533557591.com/109e604a3c6249d594c56004b700f28c.gif
IP 103.170.15.105:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 720 kB (719745 bytes)
Hash a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
Analyzer Verdict Alert quad9 Sinkholed
GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Wed, 10 Aug 2022 13:31:56 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-35
Content-Length: 719745
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1b1c5958eb23df8bbc2b4804c1978b19
57902f211d31960dfe82a3122985f6bed52d8fc4
1b931d79c1b331e5aa57e1662dc15fac93d4ca60f5226d2be057ea4bbb0d1dcf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:51:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 05:45:35 GMT
Expires: Mon, 05 Sep 2022 05:45:34 GMT
Etag: "57902f211d31960dfe82a3122985f6bed52d8fc4"
Cache-Control: max-age=312258,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743ed2ae7bd3fac4-OSL
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png
43.129.255.47200 OK 1.5 MB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.5 MB (1495356 bytes)
Hash af737e86fc083a958d9f25203333f0be
cb0ee5d9a71efdf61b622bd4175998bdeecca900
e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Sep 2022 14:51:13 GMT
content-type: image/gif
content-length: 1495356
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:11 GMT
cache-control: max-age=2592000
x-delay: 688 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1495356
chid: 0
fid: 0
x-nws-log-uuid: 26e530f1-5cc0-4041-b29b-489a73896b5e
X-Firefox-Spdy: h2
n6579.com/b8ca9e8def054d5284828d03b701ef43.gif
103.170.15.90200 OK 654 kB URL HTTP/1.1 n6579.com/b8ca9e8def054d5284828d03b701ef43.gif
IP 103.170.15.90:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
GET /b8ca9e8def054d5284828d03b701ef43.gif HTTP/1.1
Host: n6579.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62d16582-9f991"
Date: Mon, 22 Aug 2022 08:06:13 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 15 Jul 2022 13:02:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-20
Content-Length: 653713
www.pgurg.xyz/template/pgysvip/js/jquery.config.js
173.231.17.179200 OK 0 B URL HTTP/2 www.pgurg.xyz/template/pgysvip/js/jquery.config.js
IP 173.231.17.179:0
GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:51:12 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Fri, 02 Sep 2022 02:51:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2