Overview

URL www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
IP23.80.129.88
ASNLEASEWEB-USA-LAX-11
Location United States
Report completed2022-09-23 12:35:48 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-23 2 65686232255.com Sinkholed
2022-09-23 2 89958716765.com Sinkholed
2022-09-23 2 93533557591.com Sinkholed
2022-09-23 2 n6579.com Sinkholed
2022-09-23 2 6655cy.com Sinkholed


Files

No files detected



Passive DNS (42)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS acoozzh.top (1) 439448 2022-01-10 01:59:44 UTC 2022-09-23 06:07:53 UTC 172.67.189.203
mnemonic passive DNS vgvjkw.com (1) 0 2022-07-07 16:38:40 UTC 2022-09-23 05:55:34 UTC 45.61.212.145 Unknown ranking
mnemonic passive DNS 65686232255.com (1) 0 2022-08-09 09:37:00 UTC 2022-09-23 04:33:55 UTC 103.170.15.110 Unknown ranking
mnemonic passive DNS 89958716765.com (1) 0 2022-08-09 09:38:33 UTC 2022-09-22 02:46:37 UTC 103.170.15.79 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 07:14:46 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:49:01 UTC 143.204.55.35
mnemonic passive DNS ocsp.digicert.cn (2) 37572 2020-03-20 17:45:56 UTC 2022-09-23 07:46:54 UTC 47.246.44.205
mnemonic passive DNS kvezz.com (1) 237784 2021-10-17 08:32:09 UTC 2022-09-23 08:59:12 UTC 64.32.13.142
mnemonic passive DNS 93533557591.com (1) 0 2022-08-10 13:54:43 UTC 2022-09-23 05:55:20 UTC 45.61.212.225 Unknown ranking
mnemonic passive DNS u0053.com (1) 0 2021-02-01 01:45:40 UTC 2022-09-21 20:32:41 UTC 20.247.82.45 Unknown ranking
mnemonic passive DNS api.share.baidu.com (2) 44629 2013-04-25 14:45:11 UTC 2022-09-23 04:05:01 UTC 182.61.201.94
mnemonic passive DNS www.tabayyunnews.com (4) 0 2015-07-19 21:50:32 UTC 2022-06-27 19:38:24 UTC 23.80.129.88 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mnemonic passive DNS n6579.com (1) 0 2022-07-03 13:21:26 UTC 2022-09-22 05:51:23 UTC 45.61.212.123 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (3) 2075 2012-05-25 06:20:55 UTC 2022-09-23 04:45:50 UTC 104.18.21.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
mnemonic passive DNS e1.o.lencr.org (6) 6159 2021-08-20 07:36:30 UTC 2022-09-23 06:01:42 UTC 23.36.77.32
mnemonic passive DNS acoossi.top (1) 489936 2022-01-13 05:50:58 UTC 2022-09-23 06:07:54 UTC 104.21.234.201
mnemonic passive DNS r3.o.lencr.org (12) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2022-09-23 08:34:06 UTC 93.184.220.29
mnemonic passive DNS push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-09-23 04:02:58 UTC 39.156.68.163
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 35.86.38.2
mnemonic passive DNS pg.doitalie.com (1) 0 2022-06-06 07:45:55 UTC 2022-09-21 20:32:34 UTC 20.205.43.35 Unknown ranking
mnemonic passive DNS taiwtp1.com (2) 0 2022-04-08 07:06:08 UTC 2022-09-23 05:55:19 UTC 220.128.218.220 Unknown ranking
mnemonic passive DNS unpfqc9.com (1) 0 2022-03-23 06:48:08 UTC 2022-09-21 20:32:40 UTC 103.170.15.75 Unknown ranking
mnemonic passive DNS 33869213.com (1) 0 2022-06-24 11:16:06 UTC 2022-09-21 20:32:41 UTC 20.239.174.73 Unknown ranking
mnemonic passive DNS 6655cy.com (1) 0 2022-08-10 12:25:13 UTC 2022-09-23 03:13:09 UTC 154.39.67.144 Unknown ranking
mnemonic passive DNS zerossl.ocsp.sectigo.com (1) 4049 2020-05-09 19:05:29 UTC 2022-09-23 06:12:15 UTC 172.64.155.188
mnemonic passive DNS cdn.staticfile.org (1) 46426 2013-08-23 08:51:19 UTC 2022-09-23 07:33:34 UTC 47.246.44.211
mnemonic passive DNS kveww.com (1) 0 2021-10-19 07:57:06 UTC 2022-09-23 08:59:12 UTC 64.32.13.142 Unknown ranking
mnemonic passive DNS si1.go2yd.com (1) 325918 2017-02-02 11:37:19 UTC 2022-09-23 09:36:28 UTC 163.171.140.79
mnemonic passive DNS kvmaa.com (2) 0 2015-11-06 04:44:54 UTC 2022-09-23 04:28:47 UTC 78.46.107.74 Unknown ranking
mnemonic passive DNS ttsetupian.cc (1) 0 2022-06-07 08:00:54 UTC 2022-09-22 07:45:13 UTC 172.67.200.154 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (8) 487 2018-12-17 11:31:55 UTC 2022-09-23 06:12:15 UTC 104.18.32.68
mnemonic passive DNS nvhbbb.top (2) 0 2022-04-10 08:43:59 UTC 2022-09-23 04:28:48 UTC 104.21.55.74 Unknown ranking
mnemonic passive DNS kvkjjj.top (1) 0 2022-08-16 22:25:16 UTC 2022-09-23 04:28:58 UTC 104.21.43.117 Unknown ranking
mnemonic passive DNS vcwzfn.com (1) 0 2022-07-05 01:20:44 UTC 2022-09-23 05:55:33 UTC 45.61.212.162 Unknown ranking
mnemonic passive DNS www.pgoqd.xyz (9) 0 2022-05-26 01:39:34 UTC 2022-09-16 23:57:24 UTC 173.231.17.179 Unknown ranking
mnemonic passive DNS kvkaa.com (2) 0 2022-05-19 09:47:10 UTC 2022-09-23 07:46:04 UTC 78.46.107.74 Unknown ranking
mnemonic passive DNS hm.baidu.com (11) 8254 2012-05-26 08:38:45 UTC 2022-09-23 06:03:32 UTC 103.235.46.191
mnemonic passive DNS cdn.jsjsjs.xyz (1) 0 2022-02-22 21:30:27 UTC 2022-09-23 07:46:04 UTC 172.67.143.17 Unknown ranking
mnemonic passive DNS fmlb.netlbtu.com (38) 187701 2021-09-14 11:57:06 UTC 2022-09-23 08:49:54 UTC 172.64.141.29


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 23.80.129.88

Date UQ / IDS / BL URL IP
2022-09-23 12:35:48 +0000
0 - 0 - 5 www.tabayyunnews.com/wp-content/plugins/faceb (...) 23.80.129.88

Last 5 reports on ASN: LEASEWEB-USA-LAX-11

Date UQ / IDS / BL URL IP
2022-09-25 22:54:49 +0000
0 - 0 - 4 mgm005.com/ 23.83.108.150
2022-09-25 08:46:52 +0000
0 - 0 - 4 shguikang.com/ 147.255.81.222
2022-09-24 19:35:05 +0000
0 - 0 - 2 faucet.bitonsoccer.co/ 23.106.180.67
2022-09-24 15:10:05 +0000
0 - 0 - 1 0319snews.com/ 23.104.72.162
2022-09-23 12:35:48 +0000
0 - 0 - 5 www.tabayyunnews.com/wp-content/plugins/faceb (...) 23.80.129.88

Last 1 reports on domain: tabayyunnews.com

Date UQ / IDS / BL URL IP
2022-09-23 12:35:48 +0000
0 - 0 - 5 www.tabayyunnews.com/wp-content/plugins/faceb (...) 23.80.129.88

No other reports with similar screenshot



JavaScript

Executed Scripts (18)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#2 JavaScript::Write (size: 201, repeated: 1) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca

                                        < style > # o63092 {
    animation - duration: 10000 ms;
    animation - iteration - count: infinite;
    animation - timing - function: linear;
}@
keyframes spin {
    from {
        transform: rotate(0 deg);
    }
    to {
        transform: rotate(360 deg);
    }
} < /style>
                                    

#3 JavaScript::Write (size: 318, repeated: 1) - SHA256: 7e04099921ecc9c0597e2fba4001c974fe4dd405733b40ab6a5a85397d4fd2be

                                        < div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 52%; z-index: 19999 !important; right: 2px;" > < a target = "_blank"
href = "/template/pgysvip/html9/ad/ad1.html" > < img src = "https://6655cy.com/cdn/ashkad.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>
                                    

#4 JavaScript::Write (size: 103, repeated: 1) - SHA256: 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e

                                        < meta id = "viewport"
name = "viewport"
content = "user-scalable=no,width=device-width, initial-scale=1.0" / >
                                    

#5 JavaScript::Write (size: 77, repeated: 1) - SHA256: 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4

                                        < style > html, body {
    widht: 100 % ;height: 100 % ;overflow: hidden;clear: both;
} < /style>
                                    

#6 JavaScript::Write (size: 87, repeated: 1) - SHA256: 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9

                                        < div style = "width:100%;height:100%;position:absolute;top:0;left:0;z-index:2147483647;" >
                                    

#7 JavaScript::Write (size: 182, repeated: 1) - SHA256: d11ba4e523ac4988ae751c55dd6429af48a06e3cf158a7f5a4115a3676778a14

                                        < iframe src = " https://pg.doitalie.com/news/index.php"
frameborder = "0"
style = "border:0;width: 100%; text-align: center; border: medium none; height:100%;max-height: 4000px;" > < /iframe>
                                    


HTTP Transactions (146)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9523
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 12:35:37 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 12:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eqCn2UFVK7j1-Wgve-YoymZptll_qSolAnaILp8HLVq_Wa0m2pMgUQ==
Age: 1290


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7 HTTP/1.1 
Host: www.tabayyunnews.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.80.129.88
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 23 Sep 2022 12:35:36 GMT
Content-Length: 785
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   785
Md5:    9d2825a507d8a08a9746f24d02272cc0
Sha1:   1d66b651906eddf9c16838be4e7a964236696c13
Sha256: 36e0e308c8815b7a79db7cc6b6a2cce559b44d5c502da376c97b737a2e0c5ee4
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TdIR87RTbmeWxmKI10xHKZBemkq3VZXzgqdq2eCr_F7AoYB6tpSd0w==
age: 28823
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.tabayyunnews.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7

                                         
                                         23.80.129.88
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 12:35:37 GMT
Content-Length: 520
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   520
Md5:    4f5b545076e18d3e40de8d86792cfa97
Sha1:   ddae501324297958ccab0cfbcbd37f4420c084c2
Sha256: 5844a3dc31f09ff46ca91e6bb330edf0b8faa55dbeb5d9a535c9c95f92951437
                                        
                                            GET /common.js HTTP/1.1 
Host: www.tabayyunnews.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7

                                         
                                         23.80.129.88
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 12:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Size:   1093
Md5:    b3756430558b9abf41edbf97e2585631
Sha1:   9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
Sha256: d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 12:27:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HxRL_dhKuBhNch4p0AnGFm_pes3qGPygU6qgUhhV3E2HIDdBmQR3Nw==
Age: 1935


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /s.gif?l=http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7 HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/

                                         
                                         182.61.201.94
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Fri, 23 Sep 2022 12:35:37 GMT

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5257
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:38 GMT
Last-Modified: Fri, 23 Sep 2022 11:08:01 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/

                                         
                                         39.156.68.163
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Fri, 23 Sep 2022 12:35:38 GMT
Etag: "4078521116"
Expires: Sat, 23 Sep 2023 12:35:38 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=7A6AEE4EE0702BE877C022098E0C393D:FG=1; max-age=31536000; expires=Sat, 23-Sep-23 12:35:38 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /s.gif?l=http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7 HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/

                                         
                                         182.61.201.94
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Fri, 23 Sep 2022 12:35:38 GMT

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:38 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 03:46:18 GMT
Expires: Thu, 29 Sep 2022 03:46:17 GMT
Etag: "ed8578f8a59088d1c1c38969ac6983666318606b"
Cache-Control: max-age=486038,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f352441992b4ee-OSL

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5UOohWi4p4eCMc54cTmMCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.86.38.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xuSyaQt6vmJmvDYjdy0od2Q3988=

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.tabayyunnews.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7

                                         
                                         23.80.129.88
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 23 Sep 2022 12:35:38 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 28 Sep 2022 12:35:38 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:35:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:35:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:35:39 GMT
Connection: keep-alive

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:39 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:53:37 GMT
ETag: "03a6e8306737ce30aa48ced653f4102df3143e19"
Last-Modified: Fri, 23 Sep 2022 09:53:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f3524bca48b515-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    87ea5f00694cd292bc28477098148e7e
Sha1:   03a6e8306737ce30aa48ced653f4102df3143e19
Sha256: 0188bcac4cd87473536ce8c23873a740a57a2b4df270b8f671c5b04e33ff1d0e
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:39 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:53:37 GMT
ETag: "03a6e8306737ce30aa48ced653f4102df3143e19"
Last-Modified: Fri, 23 Sep 2022 09:53:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f3524bbb54b4f4-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    87ea5f00694cd292bc28477098148e7e
Sha1:   03a6e8306737ce30aa48ced653f4102df3143e19
Sha256: 0188bcac4cd87473536ce8c23873a740a57a2b4df270b8f671c5b04e33ff1d0e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8497
x-amzn-requestid: ab65ba93-aad5-4845-b471-c50c14057c47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvqujEsIoAMF8sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632957f6-6d4635bf713fd25147948c7b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:04:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SZ6p5NLxuGUoEOZujwPbDGwUO0dZgiITud8RWOaSW_VciGRgBidY2A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
age: 61178
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8497
Md5:    7606ff88f05062b66970d9805f38987a
Sha1:   d47db5fcd83023b4a8de40a47d4510e183de387a
Sha256: 20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 52599
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 52254
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 52634
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6uqNnpll2kgC_0_t5e9yp0AgFAvprQq_GF_jgwj2sX2TE9S1l023Aw==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 03:58:47 GMT
age: 31012
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9484
x-amzn-requestid: ac493b06-28bc-4a84-ad7a-060617233da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHHiIAMFnow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-7944659e3cb7134b58da757f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OzTpgbr1HluiZtdiVUrQjTV1KMWuynatd1A8L8excXJDJsnM45A3Hg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:35 GMT
age: 51784
etag: "47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9484
Md5:    ae63806537bc1795029ac9e522b4abb1
Sha1:   47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781
Sha256: 369fe0af9bba20526bb10c7240a7571e72726fa653bbb70d8e56fabb13cf9358
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2EA771E1F4D6A2BD5FC9B61949C28AD2FCD49D5853AF13C70B293F3CF55BC6D1"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10336
Expires: Fri, 23 Sep 2022 15:27:55 GMT
Date: Fri, 23 Sep 2022 12:35:39 GMT
Connection: keep-alive

                                        
                                            GET /template/pgysvip/css/honglou.png HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Sun, 23 Oct 2022 12:35:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Size:   19004
Md5:    d4c105833ccca617cb46bee0056a3c41
Sha1:   a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
Sha256: a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e
                                        
                                            GET /template/pgysvip/images/1.gif HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Sun, 23 Oct 2022 12:35:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 17\012- data
Size:   254
Md5:    b013f8fa3ec997fe20dc80b82af0ad0a
Sha1:   e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
Sha256: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
                                        
                                            GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: application/javascript
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Sat, 24 Sep 2022 00:35:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   614
Md5:    5544a44cad5faf09138fde07c5d2ff1a
Sha1:   b435357e5621bc4c023c289943638f84c560f644
Sha256: e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "715225AF8D6C30CBE0607EC182EDFC2E5C51E40ABB17998B127D468920414323"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3490
Expires: Fri, 23 Sep 2022 13:33:50 GMT
Date: Fri, 23 Sep 2022 12:35:40 GMT
Connection: keep-alive

                                        
                                            GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1 
Host: kvkaa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         78.46.107.74
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Fri, 23 Sep 2022 12:35:40 GMT
Etag: d2fb10bbe122b1a6d518ab0bf927b503
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C1A7BFB106C584DD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    8a09ec9b7b75dce41b48db6bef4c7722
Sha1:   787b0f1d5d57f442cd979f5c2d0b6c1aacf0dc6e
Sha256: da9b019b27701394ee6527de4ef0e4240c05d06ad6d4f175313f8577cd3ed105
                                        
                                            GET /hm.js?f9f875434168a51f4a3df9c637c0631c HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Fri, 23 Sep 2022 12:35:40 GMT
Etag: 535c49b3eccbe4dd3d57b885b7dc7366
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2A5BF89C20C169E7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    7366bcf4ed8dbc4edf566ea6880c4741
Sha1:   11689f0e2e2115bec55ce6bfd86effa52863f24d
Sha256: 57eb192b0ad565dd05be7638748287aa754c9434ad1c47be09c7711adb56fdbc
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "6984498EBE5103696C532E9CD86FDC5D54B8B638C7993313D2F60880F4D3F02D"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2658
Expires: Fri, 23 Sep 2022 13:19:58 GMT
Date: Fri, 23 Sep 2022 12:35:40 GMT
Connection: keep-alive

                                        
                                            GET /template/pgysvip/css/ate.css HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Sat, 24 Sep 2022 00:35:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   202541
Md5:    1cac24f3eb9731a2d8e198f80f4e5499
Sha1:   98f2aff168e908107c8f815b3ee6b945841a7c91
Sha256: e378ef20e0fd78924ebd8ef5bbfc8495a1a37a42380833e734cdfdb653be3d86
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "6984498EBE5103696C532E9CD86FDC5D54B8B638C7993313D2F60880F4D3F02D"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2658
Expires: Fri, 23 Sep 2022 13:19:58 GMT
Date: Fri, 23 Sep 2022 12:35:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:40 GMT
Ali-Swift-Global-Savetime: 1663936541
Via: cache26.l2de2[277,277,200-0,M], cache26.l2de2[278,0], cache1.se1[299,298,200-0,M], cache1.se1[300,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 23 Sep 2022 12:35:41 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516639365407148342e

                                        
                                            GET /jquery/1.9.1/jquery.js HTTP/1.1 
Host: cdn.staticfile.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 80123
Connection: keep-alive
Date: Thu, 22 Sep 2022 14:17:30 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: RfwAAAD1asVxNBcX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1663856250
Via: cache15.l2de2[0,0,304-0,H], cache19.l2de2[2,0], cache7.se1[0,0,200-0,H], cache1.se1[1,0]
Content-Encoding: gzip
Age: 80291
X-Cache: HIT TCP_MEM_HIT dirn:3:22547665
X-Swift-SaveTime: Thu, 22 Sep 2022 14:24:12 GMT
X-Swift-CacheTime: 85998
Timing-Allow-Origin: *
EagleId: 2ff62c9516639365410258568e


--- Additional Info ---
Magic:  ASCII text
Size:   80123
Md5:    a3932a941cb998342ce964fdd83697f1
Sha1:   1b0e6eca41925e7cd470ea29b16cea49c1ec58af
Sha256: 8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 11:46:37 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /upload/vod/2022/09-22/14/okvaf0nim221415okvaf0nim2257287.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9452
cf-bgj: h2pri
etag: "a7815ec74aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxShD%2FtHv7WoVFvGK35xLRhK732TX%2FhOpAwJuEYzQ%2Fus91MMaaaYfmJrrMeW7Nw5QE3IXUiMYqgxl%2BbpgatQQuznyY3MfUodtzV5WFphBrn%2FdwWS30JA4d%2BfLZTq9doS5%2Fv%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef67190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   9452
Md5:    600ca2d581a3f97b9e8da1e15107e54c
Sha1:   e7a922ac7af89ee78321e8a511c28b3d49e95a41
Sha256: 250ecb7f57f55c3770eade03645b3ad34eb6fc6858f954976fcf05b757a59acc
                                        
                                            GET /upload/vod/2022/09-22/14/oqpa0rjymmq1415oqpa0rjymmq58289.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9922
cf-bgj: h2pri
etag: "fe67e6c74aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAE9MeCZ66560ZN8%2BheHkbAMtiswu1PlbTWAsWX067Q6GspTdfHqJKO7V3b316BO%2FxxuIMr97poxZSrawAdsMG5oKQgbAuS3UFZ7aFnTdIg2N9b7MIbj0zzI0opM3Eb3edng"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef37190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   9922
Md5:    a464281b5048183f86ce1a2601f3ae32
Sha1:   e81a1d77ad3154cdb0ce67c8560302664d342154
Sha256: 93014a91a2a6a73cfb7a6f626c83006f26f31215801e5342effa663abee04a89
                                        
                                            GET /upload/vod/2022/09-22/13/bzkkcixhjyb1331bzkkcixhjyb2313.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8714
cf-bgj: h2pri
etag: "d665658d44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buVI8UVZqggwMjqMFXqgApwhXtIXRYWOJJMiWeuqXW%2B%2BoyCNxHal1sQL4ZlyL%2BC4nVRb87kQxO2ea3KE2nu0dOKb%2BwNaCOTi9%2Flo8Mh23m5dUi5uGR90QI9B%2FwIS98WlqYyE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef87190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8714
Md5:    29c9eed93d1af785c702578fc3ac2c6e
Sha1:   04e83e1bd6e8386fbef857b0a3870d9146a94911
Sha256: 31f92d8c856132735151367bd91f97490581f10fb316ec557c7e6d21a91209a6
                                        
                                            GET /upload/vod/2022/09-22/13/0zldwxfdzvl13310zldwxfdzvl2211.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9377
cf-bgj: h2pri
etag: "7e7edd8c44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51elqffguS3WUwr3dC37deGsF7s06uGnW0gbw2NAami5j4Q2%2BSZlyI3jclDCBxPvfqgFAbT4agoDm9OkHjODOggIRse%2BygstlrUKrRcAXawPKSXCh8xlOOmXgwaWEXkF74Gf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef77190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9377
Md5:    20f8124f097f27cb248aedfea35edb64
Sha1:   83c96f36ab018d0d61eda1e7face74239d63dc7c
Sha256: 91249140dc04fc16a326b54d1883c8d0743e68a4db248b664dbbf74dd0b5cc8f
                                        
                                            GET /upload/vod/2020/08-04/00/zkffkw4nxbl0001zkffkw4nxbl371737.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9700
cf-bgj: h2pri
etag: "e1ea15eaf69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTPaC%2Ffq5Wx36jkwWVmc8zRNWoteLkrhmtQUi0dQDu4Ow81PfCb7htOPuHol0u8LNv2noFK%2BEJHtN2DJ4y1CmQiBdt%2BEp%2FXgJjCiETcQ514mjqfmKopX4pSKrq70M8QdCBJa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563eec7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9700
Md5:    435070a8d9d0d2effd8a40b34e7f7e04
Sha1:   fa4f21c64518c27ce1613f8aa1596bfe0c321801
Sha256: dbaaf4218c297c0edd7587a0194d63b0f7cd5654368c0bed655541a12da64751
                                        
                                            GET /upload/vod/2022/09-22/13/jdewjxhzpae1331jdewjxhzpae2415.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9405
cf-bgj: h2pri
etag: "ede9ea8d44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TQEwm9195jGhZS0AINrx2Q61UctHn9oeFwftMFaS%2FIgAsqZ8yv%2BgZ7mD3q8mHqtTMibTYRJzQRmiW2ybuKEBJCot%2B5QEY9WN33%2BEcV7Ghy3EhlpB0sGOuY9BC4QFdSzRDB0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef97190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9405
Md5:    7c35a398e355462d0f3ffe8762c83162
Sha1:   8cfd91a4aff573536a57666d140bd9de2fd00c40
Sha256: f6a0d217572c2fe58f084b630aa25ac5a4508caf0345dd6827f9e45ff2010eed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (amb/6B8B)
Content-Length: 279

                                        
                                            GET /upload/vod/2022/09-22/13/usklb041g001331usklb041g00183.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8209
cf-bgj: h2pri
etag: "ea80bb8a44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vdz2xA6zY7Mc3Zh2oe%2FoXKf%2Bn1yhqKuSq%2BfzG4sk%2F7sPZNoA1qcR38IHU5xlbJr6ZhATPNBRkSudLdvCTVVci%2BZD5Pc27DdAQqTCK2HagOg6U3R%2F7bZUCCxn4epeDD3D09r3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563eee7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8209
Md5:    0e8d34a85ad20a6251f4a2944798db00
Sha1:   2cc17bf9b1d413ff96c0996f8e755046873102da
Sha256: bb380042a0e524cc0c64e526895151683bfcaa89ba7f103c07b22744eec46d2e
                                        
                                            GET /upload/vod/2022/09-22/14/ksnuiygyrq31415ksnuiygyrq326253.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9057
cf-bgj: h2pri
etag: "423cf7b44aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqIBSm9wMIuWDoSqWu1WKFvvxljKJ9ppL5S82AsO7FQFrFYLDf9%2B4mgbm0HmprpW7w3h1bUR26l%2FLLFXfwANs46UZWE%2BhHcGL4euscnTs65oT9YPjXecwSDtUJC40tiIACiA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f3b7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   9057
Md5:    c42e1bf0a09c886fa2875db2a953124a
Sha1:   e019d157990f84d53bd890d8988ff20bc1f28621
Sha256: e2785f477160ed5fc9dd43297c21e4049cf7a229eb1b6fe0a87072d3f987e46b
                                        
                                            GET /upload/vod/2022/09-22/13/qjcexsfrnef1331qjcexsfrnef195.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10199
cf-bgj: h2pri
etag: "d467438b44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzU2lfHc2nWo9L7DtHgJrvavQ2sSpqbO2%2FOxeL3gkYsp6OXAZDEMqbuLOC3wtf0UaHU%2BxJk4oB%2F7NucJ4QEGGVK6B0PVbq3L0ovSgnbFwHMESC8Faql%2Fnys1Of4DbaoUTCIn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef07190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10199
Md5:    f99459e6506f5619e60987d4309dfbe3
Sha1:   3e4288852aed2948c868395cc86fb5c2f51ebcd8
Sha256: 4254578e552dddb60961af744c66dba1e425d50970536cedb0317e74096df1f0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1533
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 12:10:09 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "01C2AFCF1C5AACF13C3C61FD98117043047123BDDB5EF13BB177D2CCFE23D56E"
Last-Modified: Thu, 22 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11441
Expires: Fri, 23 Sep 2022 15:46:22 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2020/01-05/16/pdje01fnrch1647pdje01fnrch0723.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 14922
cf-bgj: h2pri
etag: "ed9a18b6a4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4244
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ls%2F7P6oLANshE44pN8FUxLqKNlic0dl6UeSym4OHzDGEDa4JzNDyQx%2BbvawOhiOXyIKNA4CTs9bXntuG3VKnkySPcaYL4KMCssx00xWK3ZoKG02KqVEnh%2BRwDrlMkHFILVo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f457190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   14922
Md5:    848074927c8bedd37b3fef14da91c0de
Sha1:   840859d9973c7266cae9510d620f014e338b45ab
Sha256: 4bc0554b6e0b45a8e8d4b4b77a651924a21a0bbb0e9db2156e5e86e70ee95b91
                                        
                                            GET /upload/vod/2022/09-22/14/e0ujspwjakn1414e0ujspwjakn55211.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 6136
cf-bgj: h2pri
etag: "2bd42ba24aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 976
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Usm40pdgFnX6U4jS4DzZqmjHKthsMtCg0DBSGfIAbJ0nKopgs1bgUF6%2FYKi1cW%2F9JggWGF3MyWnKqget5%2B%2FPBu4gI7fqKu4mwAiJmuoiQMskYbV7k88km%2Bgsk4zGxZ%2Bft6R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f487190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6136
Md5:    decd5f8fc8ff7a538e885236ce4e68a2
Sha1:   02c0f51b0b32d1e7a970948b57453e0944236368
Sha256: 8c417df03e0f7ee8556404ad21adc6c9f13da8ddcac443c307db3ba8f8cadc10
                                        
                                            GET /upload/vod/2022/09-22/14/aknul1s1khs1415aknul1s1khs55283.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8832
cf-bgj: h2pri
etag: "93504cc64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8rgRhMUUmd6gfOfaRcqpqHpLTCeOjxN6S%2BXD2yQKVERzeA2zblLrYz9J%2BkkSsKaQJSnavEl8jG0Yg2Ius3TmdEF7HDJoxyz3W0U7MG3tWF4Vur1bgEwqODPTOMhFS2W0e7H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f4a7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   8832
Md5:    6fdb483834caaa4bba437683e33fcbb2
Sha1:   265f05447675331d2cbd83dc3cd0356ff5e6b6ed
Sha256: 2a815981f6977488de64b13097e24d90b041129afd398d49fd34b8c17173454f
                                        
                                            GET /upload/vod/2022/09-22/14/ccujq1cfpji1415ccujq1cfpji56285.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 7477
cf-bgj: h2pri
etag: "238d4c64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ok81dsG4tskNGpLVgnZ3VCZB56vfoNlaUIwOCB3pPFds%2FxvY%2BcXbTr9j8bq%2BxUTKqph8wgzgipSpDWzCxBFh6bQlCgISXTYxtpzbpzu6LQl2D%2FVpVwamSXPI%2FOdloxZprs%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f497190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   7477
Md5:    b801e86b46ee4d651070a06688145bcf
Sha1:   b685130a1eaf6d3bfecd81cc0b33f56d666a72e9
Sha256: 79d3b0b90caf8e4dc58763081641a82d30a5f56dab574d15dd2fcddbdd7f3111
                                        
                                            GET /upload/vod/2022/09-22/14/eotesmpc1ng1415eotesmpc1ng25251.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9752
cf-bgj: h2pri
etag: "ea556fb44aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Or5MH%2BWu1fG4Z8h2XDrjsrE9ieljw73I0CY%2FaH2QaERGFax7oUXzez9af1tFTQQ1H8sXbVXCy8XKhwW38vcD%2BnTRkqMcTe17%2FvNyiN783QhLowSx5DAXuZWAUvVeNMwRqtZT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f3c7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   9752
Md5:    c5df898fe9e926cf6a323a161c9ea994
Sha1:   8d8adcedf5919a02a78ea483c7f26113f10e1fdd
Sha256: ad273fe490277adcb7dd5a458bd82ee327e3f8e0a98b359c46feb695768bda35
                                        
                                            GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1 
Host: cdn.jsjsjs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.143.17
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Wed, 05 Oct 2022 01:58:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1593415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fc%2BiI2ygvqPz73pHh%2FLZsRjBdMnmxxhOONNWEh71UNDUTf7eAuM3dp3NcDe3YP4Wyct4ubY3c5dW4WOq33Cfi8cgwyMxTmKEWdmI7IZKeE8M6%2FeAbI2pwx0k%2B3tF4VIufA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352569823b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   406419
Md5:    91949a67089d61d1c111d50f6e101660
Sha1:   fab540d8a71b28159836bf995e398a9569314e47
Sha256: 35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
                                        
                                            GET /upload/vod/2020/01-05/16/xu3l0p2c0pd1647xu3l0p2c0pd1127.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 21418
cf-bgj: h2pri
etag: "638bc2b8a4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYiwLX55loizgpFKXEfStGZG56%2FK4tysNu34eW%2F3tDZH2j1vK%2BhTv3SgDT4q8Eo8WaDjPCgaDkhCPm2YoRi%2FWjVks9iVvjyYxhz%2FMJh1Xhqb7ydsyj07rVglPbhE6Uw%2BT%2BMt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f3d7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   21418
Md5:    135c7ecbcfdc500c224bf15148eccc3b
Sha1:   ab16f7fbc8de6811bd22f4485b20d92639d0f208
Sha256: 56c75d9e44a61cb0d25094d7ea4409dbf254d6ce27a0047820a95a960ccaeee3
                                        
                                            GET /upload/vod/2020/01-05/16/otcj0y2xkc41647otcj0y2xkc41025.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9810
cf-bgj: h2pri
etag: "e8e1f7b7a4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOOX5zq8NqZCo9v6uLlAkR9Y%2Fq5DK6ySycDnWL1hfsvtOhcJf0CpC4Z8BioszFGMNu4FIcXvUqR%2FDjakOoCCcXAzxIHzvZD4u38YQASqDoqldYc8N0kcVzcf3KvWwO97Tkxw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f427190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9810
Md5:    f3fe4ab5bab8fee0aec17033808284fb
Sha1:   5046aed06e21f4581389d3a3aa161f1995583822
Sha256: 919a802c675d7214e52ac7992d20c85c8d69f1680d6d9a75f6ebdddf1d9a7d4d
                                        
                                            GET /upload/vod/2022/09-22/14/ejbtss3hq0q1414ejbtss3hq0q55213.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 5698
cf-bgj: h2pri
etag: "691db6a24aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYpz1EBvl1nbGX8LuWF3lHxFeWT1qC0XSZ%2BEu2sv6YHtThokxXLwvtT%2F0O54HXXuMnxfOVRfEek62Xb22G59KiGFuxYAnSbTNwdP3AaGwuhyuSakNWEy8SkITvMaOFxYbejW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f467190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   5698
Md5:    4d4b9b47a64c275b65e141b85ff9224f
Sha1:   20fa476a0bb083c8ed8e078631a5ef1d135acf7f
Sha256: 74aab57d7150bc44ce84164e8ebe776a234df00803e4179e5b300d63c00e182b
                                        
                                            GET /upload/vod/2020/01-05/16/ak5rgh1m0k31647ak5rgh1m0k31733.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10501
cf-bgj: h2pri
etag: "933065bca4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4244
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbA0ouuv1GLp50zirScLFE644V0%2BtADY98BfhKLVpDykogxYd%2FgNd9CQViHWbeAv4bXkqGINseiXg4tm6a5YoGJ6t%2BeqKZ0I8mtGMg1fmSkyRbqOezUSsN%2FgydtbLrUhnCLF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f4b7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10501
Md5:    a3dfe757f509ac7241987a65436c3cfe
Sha1:   84f63a34ba24138e828ccd502b3e1cbea8431fee
Sha256: bac3e6a2d17eea37429deeb440f89cbb497c02e99a91e133746b9b99f0a171c0
                                        
                                            GET /upload/vod/2020/08-04/00/zsqjgguiqrj0001zsqjgguiqrj361733.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10240
cf-bgj: h2pri
etag: "88ed745daf69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M66dopw6X95rWpBjU2jLALDfc2AoW32QxgpBeiSyN6LezA375I1zmbhK%2B7FixiSJc8eEGg7wDGr9y9Hr192teI6xB9TDaYPl3GjFwJ9KIHLkmmd6j%2FhS%2B65DMvdcEOOStixN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f4d7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10240
Md5:    c1441b90da61ae56f1f8dc08c1e51470
Sha1:   c1b12971db208707ff2829e8cafd9921e3fe07e8
Sha256: 340e5993999afb2a695c093619324c94079f58dc9d449e804788d08b42708992
                                        
                                            GET /upload/vod/2022/09-22/14/s5pz1df0y4t1414s5pz1df0y4t59221.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8755
cf-bgj: h2pri
etag: "888fca54aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VRrLNIIUaxpGywO2WsE%2FhXLRLmCQK26WTHJhbU99dwPDxwNN3uDl%2BFJk417pd6ZMWVdg6atpbgvJ5Knobh%2FirEbmqbJSwsbpI9M9ab12i4x5TkD3DHHnykameYICHllXuwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f4f7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8755
Md5:    0eda61956bd9d476f54c4bfe61974928
Sha1:   14d31a1d2c72cca46458822a84969fcd24a60059
Sha256: 343d9e80f44faa63b2acad2d23d5e5162ac609051bab8c1bdfb57f6e0ccbf206
                                        
                                            GET /upload/vod/2022/09-22/14/kmchydnf30t1415kmchydnf30t24249.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 11572
cf-bgj: h2pri
etag: "b896cfb34aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DrzuYXFwjcr1wNog4RKNulnxlqppEGX9z5ckklsxVdX58ZItQtm94PXr4bmgEI6DfgElcdkCBenopyiesVKlraIpIuxFPhTKfjwOBi8eAyUml9%2BPlwmPc9DVGfXQCkgPoVO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f507190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   11572
Md5:    d5fe41838b6349638784d3fb5c58b58d
Sha1:   e55735b38f996b0b0ff7bb244ba403c22a78bd8a
Sha256: f07e289a4e7ec4984b5638b9a9a69ad59092b1df0fd843a112c5b50cd9914c4b
                                        
                                            GET /upload/vod/2022/09-22/14/t3iu4pjngvn1416t3iu4pjngvn21293.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10150
cf-bgj: h2pri
etag: "f047dd54aced81:0"
last-modified: Thu, 22 Sep 2022 06:16:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyBYxoQDHPMBcB%2FM3YgTO%2FC95AkKkmbvCYv%2FLPJ5dUsW7a0fmTeiXYk%2BOfhdxJZOz4tU1OW0Ed16VMscupmTuBtdVxqAbazRYPxynd4fPoVHoWFsC8d75%2BdZ0f5fbDJGveg9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f527190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   10150
Md5:    b0b46dd5f8afa9b4a2d356a55ee52419
Sha1:   c48f7c207a176e15d78919132822e831145a3b9c
Sha256: 92fd1922875e51fb56a8b42536e78c7bb472249d75580acf359d8112c6faaa72
                                        
                                            GET /upload/vod/2022/09-22/14/sakzvh55l0a1415sakzvh55l0a59291.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9694
cf-bgj: h2pri
etag: "b71373c84aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5leUNruduH%2FoksLSyDiqz8jkH5ymjLqI4OUT7UmsdfHwSNL0muY9qpeEJEQNyF74Y13QWlXNxomSG0lWGp15eho7VZivjnPef56gSgqCmG6FtCJSbtssnpVsfPe5fZwi1NNh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f537190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   9694
Md5:    4883aa76ae631e00b70992f71d330298
Sha1:   cf696dc04ba5daff1cb4ddb87ecf5fba40a5f393
Sha256: 6334e782a32bd8a9a22dfbbebe468799d7832fcc589bb726ca731cb6a783e8d9
                                        
                                            GET /upload/vod/2020/08-04/00/ywxoxqzev4a0001ywxoxqzev4a381745.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10386
cf-bgj: h2pri
etag: "637ef75eaf69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8isefIQidbN6eIyIPUaraBcpTSkZHUFKw9KiRJ59AvDfKpsV0ccJkdhhE6aW1WXx1QNUz39H3G0TEymNoRBlKFfLQ0OCR22uONuAqBSrCW1m%2BIsXlFN6vWnGlyYPCQcFHNha"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f557190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10386
Md5:    f3a78f93239b1a138d14b78b0a61018a
Sha1:   91d8ff5a04f241d21328c31a2c3f9c0153b29260
Sha256: 36a891e5123a96f7fd97e26656c0c4f70c8370de3be133c733c8e5c95c48513a
                                        
                                            GET /upload/vod/2020/08-04/00/clhlruqe01h0001clhlruqe01h411761.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 16699
cf-bgj: h2pri
etag: "dc1cd960af69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aooHQFCUAozD0%2F3dApkIV3IuJ%2FcfEBB9Z9ySY2AGBt8Kvp%2FruCM7CGQWLSvxR3XdTMzryTriERmSDtooa%2F7rNAh3inA4OHoc22ONWU57wfKyLHJYCgB6IQVAAWvTsZlb1PI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f577190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   16699
Md5:    7116c42fd9876a2412ba605435725cdb
Sha1:   e35df90f217ab2d46787f6126c85b9c63d5310be
Sha256: 3e2980b781d3af276c0c4158cf483e92b60aad44779590d9a877c81d465fcae9
                                        
                                            GET /upload/vod/2022/09-22/14/q5dudohfuqe1415q5dudohfuqe29259.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 11801
cf-bgj: h2pri
etag: "867a98b64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3509
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtR9%2BfW4E7lZdJq%2FTX0Nq4WvGoZhw4q%2B8vGcb00aznf9%2FvejdmYEDN02yutbS%2FtEwof9n62hLJ75cNq1MVr2kUe%2FSaPgnlk5gqDt8E1UOWvAAY%2BL7YmBFZavB4dQdu56%2FfnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f587190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 23x30, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   11801
Md5:    87eadaf647d7581a3e1f5d970d66a98b
Sha1:   c5bfb367230687be9352eaa20f0326e8e8815cc5
Sha256: 648323541fd359dfd2dfebf911847a02059443825137d7163e8acdf92172459a
                                        
                                            GET /upload/vod/2022/09-22/14/g2jtd3dbu4m1415g2jtd3dbu4m28257.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9387
cf-bgj: h2pri
etag: "ed30eb64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VK7NWIiaX5qWMEja%2Fx0BcqrMdBfUxWmZkT6CvH%2B74MGKZRbGQSUWP5lrAafEtAX8jjDikYQ5N11xqjj68iMB0qfb61rE%2FrzFABbGgEg44wlfjDvgxtfr77lbjIm26nAPNKY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f597190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 23x30, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   9387
Md5:    2ea218e0d9732e50b92a40a04a9f63a6
Sha1:   bc1ea9ce43208d39d6423bb2a30cf8b7a9c31cb7
Sha256: db22930edc6b677fd099db32e4986d8e9e5f2297f287889c420a780b86c6cc50
                                        
                                            GET /upload/vod/2022/09-22/14/m3uhzfkoe2h1415m3uhzfkoe2h27255.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8699
cf-bgj: h2pri
etag: "8f8581b54aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpYdv3kMyni%2FczuDqyEkXKYrFIYjgLci98ghikC7ZveNz7egTrqhwX%2BQgEgpKLTiyeMcEwrDuJ%2BzRyhUGcrWD8zcl1gFzVfSIjaCR8YHKH6GB1jrAsvbVj2Jg1Cqdl%2FCwkon"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5a7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   8699
Md5:    a550b6baff5d77966451602aaf1daa87
Sha1:   2a6ec735cfcaa45baa2e943a3ff072eeddce2f1f
Sha256: c25c5f956a8a96e4f19765642316426abb551f9286236918b619bebaa43a05aa
                                        
                                            GET /upload/vod/2022/09-22/13/raz4n1141yk1331raz4n1141yk219.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10217
cf-bgj: h2pri
etag: "5035538c44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBZGySu9HUNfw%2F09w3LFoiNMXeLbki4g8yb6br5ssDSaUlbbobT0MEXYpTNe89Smadj7%2FVuPWcFORSz5UQJU%2BcdzCUr2ipF2z7APA%2FVCIp6XinkJPz6GZzjk6orKRY1H5Q4j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5b7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10217
Md5:    f72dbc822b86d5e14fe16dec8c49cabe
Sha1:   49f363a971772af14cfa9175ead0af9896461d6c
Sha256: 757178e3ea8c07a58d7a643c67a2e33a6adc23f248c60b7e5a86f8d03a1c610c
                                        
                                            GET /upload/vod/2022/09-22/13/mmigszyblln1331mmigszyblln207.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 7490
cf-bgj: h2pri
etag: "59ecc88b44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlMlapTRSNVgOkpnLMTZLNRk2tfT%2BMg5EwrdOEEln8BXMyyQjHjA%2Bra1NQUEO49hTlIzv%2BcrfdfsIxPUVz9hLopH11x%2Bg0jnp9nTaz%2FPKzuh5dYua1YNDwN6szTPkduZudbI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5c7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7490
Md5:    fa1bb461517ce44f3f375f598d93802e
Sha1:   e6b6f0ea47a122b13ae56ca041db988a40440670
Sha256: 1caa6d8453d562cbafe33d9a56697db4013a533249d9b079213c5eca76d8d518
                                        
                                            GET /upload/vod/2022/09-22/14/4r5lyjgdhx314144r5lyjgdhx358219.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9024
cf-bgj: h2pri
etag: "374682a44aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obvtvlY7hsHpN%2BZmyZdcI3c99e1aikg3sLdNAm6oK0oUEleYiChk1VYO6cj6KEG3GMcHCIuhVaU9%2FOrFcQyoEC4i9Ma8Ea1otuALShfw80l254VgKApvoXERoBVwmFar%2FFuD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5d7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9024
Md5:    e8ee969881129d3570f1cef82e4c3dba
Sha1:   8cc2c3860fbb5ee0f4f4f7b6c7d1507a38a05385
Sha256: a9b04dd63aa2a7b82bc217dbd12ab23d6e25045cfe3db51463c3512644e8111e
                                        
                                            GET /upload/vod/2022/09-22/14/2lkfjsfwsmr14142lkfjsfwsmr57217.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10674
cf-bgj: h2pri
etag: "e4afcaa34aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBkUZ35cgReQR41NKqnFnh4hwTvMKF%2BGlczuSjy2C5JgH7H7gstD36ajxhQBJ%2F0ol5ZBFR5j%2B1IvfXaV9hrRDOjUd%2FmR%2BQjhgo2kaGFj%2F%2BnJ2rV%2BycRKJSMz0N%2BwQjj%2Bitrj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5e7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10674
Md5:    934dc4a5b0d9650bc9b60d26297735ad
Sha1:   9c67f986a330dfc43f1038699254e85323289664
Sha256: 933da6a3a9ef3f8e34d56661046286ba93c67aa5aa9f22ad982d15e01ba6a0dc
                                        
                                            GET /upload/vod/2022/09-22/14/2yagqvn3hqx14142yagqvn3hqx56215.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8477
cf-bgj: h2pri
etag: "49c942a34aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKwDqMR%2BPfhvmW%2FfoKei%2BqEJhqx7GD2O1TtJaXnkXUquUaANKyZAOw43zzWarE67w1Y7jBMxBz6VTqxLPVCvLltZEfNntX2Ve2%2BiHzpbqltmPD33KGLm6nOYpyQhM55jZe%2FO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5f7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8477
Md5:    70b862f1107da214c5af0ba337cba006
Sha1:   96899a32a3c3577d92cffc9c54c7fa8bed2add2b
Sha256: cbd1a7686622979a527f7ffc7546fe56e36b5b074d07ff6a425fc57905bebfef
                                        
                                            GET /upload/vod/2020/08-04/00/lq3ubds331u0001lq3ubds331u371741.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8670
cf-bgj: h2pri
etag: "2d855eaf69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTkXP%2Fxi5yz8WIlkW1eedDZKTH7NvvuoQqr%2BXn1Bu5cUL%2BE5vp8E7zBFtb3h%2FPCTHUlzxwN4pH3pCdwy7d1f2%2BEepQ0DV1AI%2Fw47MU0h9Kl%2FKZ5D%2FOD3QCfKojjUpgP2F46s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f607190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8670
Md5:    f83f895c7b5c0f52863b04f307e045f5
Sha1:   1602467ccdbffaa8ab96cacc5830002d87e72445
Sha256: 6bb7992148a62ebdc58addab6d93b255da4ae0af1c408bf960a34578a125d9d5
                                        
                                            GET /upload/vod/2020/01-05/16/fnkv13wc1fm1647fnkv13wc1fm1631.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10482
cf-bgj: h2pri
etag: "ab6091bba4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4680
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZecdItXNDhs9me8dEl91zX6JDmY2QpFj80nnudQPNd74tARrsMLdO3EE6ofefECKM0kV5yZN6L4CwrWBs9D1oklabM2rZz%2B7fk9zpL0swlM0mzNmKdBanjk%2B2Rc81WdEW3MJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f627190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10482
Md5:    4add45a9874e0eced44e6e3add21ede6
Sha1:   aa17c5f183bdb2416941437c4a49303eb495ab69
Sha256: f4990c23b9def970de7bab8cfbb5020559f37939b3330208e7735dd2d3595637
                                        
                                            GET /upload/vod/2022/09-22/13/zstvz0sgi0h1331zstvz0sgi0h171.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 12067
cf-bgj: h2pri
etag: "8411b8a44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anj%2F3RPkMq1sGmIJhgcRs4SYEUelAkpBjA%2F%2FsZ3lBr4NTam%2BZMEgwOMwTr5u6nCb2Oanu3H4ARomP2t0v59YzTsNUi%2FtMGQFvZIb7q%2BEvr54afhWoIt46dSN6ZcqxT%2FkIHxW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f637190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12067
Md5:    b0fcf6a261ffd8f9da8cbcf7c51c5458
Sha1:   361cd1cee42a19dc312e62549a7dbc9357c392e6
Sha256: b6cf2ab24fc16332131e6041a55fd9c657318db265c37bcda3f5641b1f029e69
                                        
                                            GET /upload/vod/2020/01-05/16/3ewwukhvcrm16473ewwukhvcrm1429.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8546
cf-bgj: h2pri
etag: "d69f2dbaa4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CU4KCsvceXzWrX4cxaVJyD%2FXNh2y9pQsHsTYX0vHWAiQDhfXrEOAzxHZrIS4kKTcyZDWCwuGFhbiCK5c8pEErZ1KBTeqHfI1c9gqzXDmUppE3kc9xJGoF3r3Aqgos1bT6aWE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352566f687190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8546
Md5:    9b9a8912588320ae67047eaa235b638b
Sha1:   3c7c1f1f4bed5f45323018a3e9c3d2c2a3f8d63e
Sha256: 812fef4a58a7a0953549ddfe703be246c84b8e5eb7d8202b46e334d2df067d6f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 11:46:37 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /template/pgysvip/js/jquery.config.js HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Sat, 24 Sep 2022 00:35:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1911
Md5:    ce53d3eaf74091c0aa28e7521eb16fe9
Sha1:   a83bcd0765ef29b13025943eaa4b4b93241aee51
Sha256: 727950f4641844dd02751630d5304a4996ddeb97645938138329d0a7820a95b9
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "7AB17A3BC3BC97C74BAB2E47E8471634EC4E1A8AF0C4964F57918B67D4D6981F"
Last-Modified: Wed, 21 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18123
Expires: Fri, 23 Sep 2022 17:37:44 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive

                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=79719570&si=f9f875434168a51f4a3df9c637c0631c&v=1.2.97&lv=1&sn=2890&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.tabayyunnews.com%2Fwp-content%2Fplugins%2Ffacebook-comment-by-vivacity%2Fcss%2Ffb-comments-hidewpcomments.css%3Fver%3D4.8.7&tt=%E5%AE%81%E5%BE%B7%E8%B5%9D%E5%8F%88%E6%8A%95%E8%B5%84%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 23 Sep 2022 12:35:41 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=236F19546F89D0EB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /template/pgysvip/images/video-mask.png HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Sun, 23 Oct 2022 12:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size:   107
Md5:    6a5ee87ff75437cb480df839f36004fd
Sha1:   eac66370f99601cb7febef320c9540d4593cd856
Sha256: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
                                        
                                            GET /fc562ab77f499f4a87e7cd55b58bc962.gif HTTP/1.1 
Host: kvmaa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         78.46.107.74
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/fc562ab77f499f4a87e7cd55b58bc962.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /template/pgysvip/images/video-play.png HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Sun, 23 Oct 2022 12:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size:   1567
Md5:    be7ca0a4a7c0317398a11162b1e09b75
Sha1:   5dbe6a02524cfbf5f5111478a71f91a9259056b5
Sha256: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /upload/vod/2020/08-04/00/34rg2kcpyqj000134rg2kcpyqj411757.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.141.29
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 13730
cf-bgj: h2pri
etag: "5d347060af69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fpp9Ulq7xW7yWalqRpkzehfZHE09QPFWZCFv%2BXhgEs0lRzfwS3lI8t3JYYzOMhV2F%2BA4u3RMTrCXnP9RgRIcOOPvZD7%2B2cMw5nfJg%2F%2FsvVmCMrvk%2B1fDxmarOR8k5zxfbsaH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35256afc77190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   13730
Md5:    c7810997f0f3be9253b69cab6973e8c2
Sha1:   3a22a1e79d03cd4716aad410d97bed92472207b6
Sha256: 0598e1c33666b1fad74e98f932d70d2a858753c2b72eb0f86f80c1f41bd0e337
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "7AB17A3BC3BC97C74BAB2E47E8471634EC4E1A8AF0C4964F57918B67D4D6981F"
Last-Modified: Wed, 21 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18123
Expires: Fri, 23 Sep 2022 17:37:44 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive

                                        
                                            GET /template/pgysvip/html9/advertised/advertised.json?refresh=2022923Fri%20Sep%2023%202022%2012:35:40%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: application/json
content-length: 3118
last-modified: Sat, 17 Sep 2022 13:51:54 GMT
etag: "6325d0fa-c2e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size:   3118
Md5:    6f0507efa797777e55fa4262632455ec
Sha1:   43f1a70fd4c3651483b4def2c2c9eab4e672239d
Sha256: 6340b6dc44fc7025ad6b92ff02788793de8ec7001d8b8d1113dfa2384efb4949
                                        
                                            GET /3acd6109c1789c68133976726c0d3a33.gif HTTP/1.1 
Host: acoossi.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.201
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 1024160
last-modified: Fri, 21 Jan 2022 10:02:31 GMT
etag: "61ea84b7-fa0a0"
expires: Sat, 22 Oct 2022 17:10:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 69895
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsYT3JykZsUaQpc%2BDNdCezmWDZM2mgI8TFl08qv8GFcWFYUvqDECYaS2iY%2BhA9EJNCgr5L47mAKELsJeJqDgGtnjSiPrlcUiKavxWhNn4%2BOiiANcyoppXVSzTEP21g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352575b1bdd03-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   1024160
Md5:    52748c8ca30fe48c822541046bceafc0
Sha1:   8640926f83b9c0d635fb28403505a7c0f0753857
Sha256: 2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DAE83A39EC2928DF3F91F0183452B88CD75FFB6E3DD21D089327F22D26BA6105"
Last-Modified: Thu, 22 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2208
Expires: Fri, 23 Sep 2022 13:12:29 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "414A6AA29977086544E96BBD98BB638CDDEED387095018AE645D457D7E5CE09B"
Last-Modified: Thu, 22 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16604
Expires: Fri, 23 Sep 2022 17:12:25 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (amb/6B8B)
Content-Length: 280

                                        
                                            GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1 
Host: kvmaa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         78.46.107.74
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /lm/cstggspk01.gif HTTP/1.1 
Host: ttsetupian.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.154
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Fri, 23 Sep 2022 14:30:45 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2585062
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vz0tpdK2t%2FJ%2BPhu8OfzxICgHMc2stT8k26jq53EGAwlmImbu2VwpcQObBAtU%2BSq0lOwuu0AvC%2FQFqi7IyZIi%2BhmFswWZfMb2Y%2BUyZzHhjEu64kFUzyLCIzMnxIKrIm8h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352588ac60b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 190\012- data
Size:   246207
Md5:    e9d0b8904ffb196466d811f2eec57882
Sha1:   4da1e9b9265080e1c692414460f7e5986d9aaf3c
Sha256: 91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318
                                        
                                            GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1 
Host: kvkaa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         78.46.107.74
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /fc562ab77f499f4a87e7cd55b58bc962.gif HTTP/1.1 
Host: nvhbbb.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgoqd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.55.74
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 118121
last-modified: Wed, 10 Aug 2022 09:44:15 GMT
etag: "62f37def-1cd69"
expires: Sun, 16 Oct 2022 20:32:53 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 576168
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9xVNl%2BVl5BkdZBkcTFUCzydlBjNCo3QsVKKSWyEuxbLRT%2Bj0bIAGtLvbLdw03We2XMbL%2FTU%2B33EZ6AeO%2FdW1LaWyNL3kBj4G2UwViwPAeLJDCkiLE4S25MD%2BIGK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352589c670b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   118121
Md5:    caaa592fad00ee9d8db810c6fdf0741d
Sha1:   90c218822bb4e8237f8d7ba5ddf73e63ce80fd13
Sha256: d8307cc1c162ce82416d8dcc966b31fbe2e6834c0e7eaecf021a98baf1a16083
                                        
                                            GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1 
Host: nvhbbb.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgoqd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.55.74
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Mon, 17 Oct 2022 14:16:06 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 512375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ok9M%2FlHlZfm1pWZFjIUDDqQfbvrMpJa4FlwcTdRh0IhMqxM6fv8xDpDL8EolhgKG7w7e%2BX6N%2F4n%2FpIlO0EUP0K%2FhgOcTYN5yMftEBashHoxBn1B1%2BgqRrhkqAPH%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35258bc7f0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 325 x 143\012- data
Size:   523775
Md5:    2e77865c5e60159691251f889fbcbde5
Sha1:   538cd55848422448bbfe390a20c3dff6d78998fe
Sha256: fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C7A20EBFF7F1B1D369A6C78F23AF0AFF90170899F6804933A91E4D20D9D1CF9C"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2710
Expires: Fri, 23 Sep 2022 13:20:51 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 04:29:51 GMT
Expires: Thu, 29 Sep 2022 04:29:50 GMT
Etag: "22a7987865907b5a04287ec6c1c565c7cae78cd2"
Cache-Control: max-age=488648,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f352591b530b06-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 14:36:06 GMT
Expires: Thu, 29 Sep 2022 14:36:05 GMT
Etag: "ee8595ebac71cfad2e4cf94af250d6b29da3ad56"
Cache-Control: max-age=525023,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f352592e620b51-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 13:29:09 GMT
Expires: Thu, 29 Sep 2022 13:29:08 GMT
Etag: "a68a0ce5e0b0faef37d76ca003767cc838beae53"
Cache-Control: max-age=521006,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f352591efa0b59-OSL

                                        
                                            GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1 
Host: kveww.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.32.13.142
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1 
Host: kvezz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.32.13.142
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 17:45:33 GMT
Expires: Thu, 29 Sep 2022 17:45:32 GMT
Etag: "b0d2314a737e081be9607a934b7f963259783993"
Cache-Control: max-age=536390,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f3525918ed0afe-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 06:21:33 GMT
Expires: Thu, 29 Sep 2022 06:21:32 GMT
Etag: "1db908939520a9e79b77ca5236a8ea3b1ffe1ddc"
Cache-Control: max-age=495350,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f35259295cfac4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (amb/6B8B)
Content-Length: 279

                                        
                                            GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1 
Host: acoozzh.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgoqd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.189.203
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 12 Oct 2022 23:28:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 911254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t048sS1qOR81Mr7M7vgfM3LWXgW0C91SdqZYUh1zN8Nrve35%2BDfXEeJ%2FHcs8v%2FEQT6I5RXqPEkSdfvi6VNoVKXvHXOqVPADZfWTWPTDIwHIDYaOBPpZ%2FMn%2F8xez5%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3525a9d041bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   400264
Md5:    b722c3905b96f11823e04826aafdd50e
Sha1:   68b63b572a042d40ab210aa313b7ebbc372be5a1
Sha256: 630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Fri, 23 Sep 2022 12:35:41 GMT
Etag: 6564c06928047189be6c3ed55ce22025
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=35FC4ADADE210A8A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    5ecd12b9158047a9212a4606958326aa
Sha1:   c99d225300b7d46cad7084c98ab388357b20b3f0
Sha256: 9ac295950e19c0b38879baf7d788ced5c7c0faa8689dacc50c52ab671241bb53
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "4C240280AA947B8E90A56C013EFA4CE4B9F866ECF9D174EE22CBE7A2EB30CFCE"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Fri, 23 Sep 2022 18:35:12 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive

                                        
                                            GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1 
Host: kvkjjj.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgoqd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.43.117
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 832544
last-modified: Thu, 30 Jun 2022 12:03:43 GMT
etag: "62bd911f-cb420"
expires: Thu, 13 Oct 2022 13:10:08 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 861933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEIRvsi3qlVCZ%2Fdv%2F%2FQj78rYwV7%2F6IgmKm9nS3LE%2F6rPZ28zRQgpBeQhgRN0OeTh77nxPc3GH31N6MNVLhcMbBL8Q1FPBsv4AaBmKrKKJ5uTAz1myU91BnezsoWI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3525b4b3bb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   832544
Md5:    8a1b22cb6be2662f8c75ace7480ea0e6
Sha1:   380d85b1d74b702a780ee04965fdb9908ab73171
Sha256: 928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0
                                        
                                            GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Fri, 23 Sep 2022 12:35:41 GMT
Etag: 461073e6a67e33b40bee2bf53613b5c2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2F010E3DA4310127; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    edb7d6f8164fd6120975f426099eaf8f
Sha1:   1115ae46979c5d63cd27a65edd54e6d2645c6223
Sha256: f4a81c98907f95fcc5aad6001d0e2441d3a3381aeb2f3e93ee8847a7ab582086
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F96DDFE4080870BACEDF91913849CD4D077EC08920040515C10AA1AEFE191869"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10401
Expires: Fri, 23 Sep 2022 15:29:03 GMT
Date: Fri, 23 Sep 2022 12:35:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "4C240280AA947B8E90A56C013EFA4CE4B9F866ECF9D174EE22CBE7A2EB30CFCE"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Fri, 23 Sep 2022 18:35:12 GMT
Date: Fri, 23 Sep 2022 12:35:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E2AE407B1FD047973E8825F0425E366FF840B9BCBB537F2153E41164455E9390"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10392
Expires: Fri, 23 Sep 2022 15:28:54 GMT
Date: Fri, 23 Sep 2022 12:35:42 GMT
Connection: keep-alive

                                        
                                            GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Date: Fri, 23 Sep 2022 12:35:41 GMT
Etag: 9933cb3c1397fc422fed5f3692a52e78
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6451D60BB6D284DF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (629)
Size:   11342
Md5:    02ed64213b805609d7f1e53b87d849cc
Sha1:   4bd3973d2e7a67b356a76b5096f1995a07afaee1
Sha256: 177a91a4fbeabbbd2ead396d5714fa9e35e14a6b6952f2f06101fadddb527b44
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 03:45:38 GMT
Expires: Tue, 27 Sep 2022 03:45:37 GMT
Etag: "4fd32cbd1885c0b17a5009597d24d47072286ebe"
Cache-Control: max-age=313194,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f3525b487a0b51-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 07:10:49 GMT
Expires: Fri, 30 Sep 2022 07:10:48 GMT
Etag: "14e06a0fe5172d5d59c577f9e0fc8251c5e71bba"
Cache-Control: max-age=584705,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f3525c6f1b0b06-OSL

                                        
                                            GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Fri, 23 Sep 2022 12:35:41 GMT
Etag: f1f4b904cd3128110ce25fa166eacbed
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CC782644CEA7F015; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    521b8b115c445d905a5811e035679efe
Sha1:   8f70cad0e3525061fac734defe87e69bdb0cbc7a
Sha256: 72617930d264d44a3021e27b3c24aa20bdeed9fd7ed4b179b92feacc8d5e347b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 17:53:28 GMT
Expires: Tue, 27 Sep 2022 17:53:27 GMT
Etag: "ccc7cba51cf399aea0418ea516980d8da24fa5ae"
Cache-Control: max-age=364064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f3525bd9560b59-OSL

                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1584954804&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 23 Sep 2022 12:35:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=81032756A0034E3B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:28:42 GMT
ETag: "9978f1ae0d812bb39a7185c6aa1bca94a0613541"
Last-Modified: Fri, 23 Sep 2022 09:28:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3047
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f3525e0a19b515-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    114f053d3657b8e12c995ae31dcb6c26
Sha1:   9978f1ae0d812bb39a7185c6aa1bca94a0613541
Sha256: b197f7ba017a1932826cdb246db0050e6493083aa5d0cde43978ac39db673c3e
                                        
                                            GET /news/index.php HTTP/1.1 
Host: pg.doitalie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         20.205.43.35
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Fri, 23 Sep 2022 12:35:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:42 GMT
Ali-Swift-Global-Savetime: 1663936542
Via: cache8.l2de2[272,272,200-0,M], cache8.l2de2[273,0], cache1.se1[296,296,200-0,M], cache1.se1[297,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 23 Sep 2022 12:35:42 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516639365421301354e

                                        
                                            GET /img/960120.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:33:57 GMT
content-type: image/gif
content-length: 120952
last-modified: Thu, 10 Mar 2022 10:55:56 GMT
etag: "6229d93c-1d878"
expires: Sun, 23 Oct 2022 12:33:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   120952
Md5:    8b1ce22d19b73e71ec05f04491df7cae
Sha1:   101ed504920b13424231d6fb3540fb7dfdba69e3
Sha256: 5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1036497530&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 23 Sep 2022 12:35:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9240DE0B96D6DA46; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /7f743b72ee5144caa28f7e1d8a8b2ab9.gif HTTP/1.1 
Host: vgvjkw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.145
HTTP/2 200 OK
                                        
cache-control: max-age=86400
etag: "632456dc-7be1"
server: nginx
date: Fri, 16 Sep 2022 14:52:53 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:58:36 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-15
content-length: 31713
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 240\012- data
Size:   31713
Md5:    8e006882641a7a80a721cc7067dcf340
Sha1:   f45892ae4a2e8fccd1aa806c478c8311e9b13bf1
Sha256: c031c60fa1e0afe9efaa02b19c928f634aaa26a52363b1ba5da0d1c23b4f23ae
                                        
                                            GET /get-image/0wut3IuOIN0 HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         163.171.140.79
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:42 GMT
content-type: image/gif
content-length: 50826
server: Tengine
x-application-context: application
x-kss-request-id: 385cb47819904891b6a20cdd2df33e9d
etag: "7a02a69b00eebfc2977f6d8417cf8141"
content-md5: egKmmwDuv8KXf22EF8+BQQ==
last-modified: Sun, 09 Jan 2022 13:06:09 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ks135:6 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:4 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:11 (Cdn Cache Server V2.0)
x-ws-request-id: 632da81e_PShlamstdAMS1se91_20548-24786
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 240\012- data
Size:   50826
Md5:    7a02a69b00eebfc2977f6d8417cf8141
Sha1:   2203e026eacda489b6e3aa673d5c14bb1526a6dd
Sha256: e994a6c450acbc20fdca555a5a30d15af3af102f608bbd8a6a5bd295a1ee41ac
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=248542803&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 23 Sep 2022 12:35:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4CEEF38580672CF9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /6218a3c2db7446fb906b0de97f74ff22.gif HTTP/1.1 
Host: vcwzfn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.162
HTTP/2 200 OK
                                        
cache-control: max-age=86400
etag: "632456f4-3f4d0"
server: nginx
date: Fri, 16 Sep 2022 14:49:42 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:59:00 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-02
content-length: 259280
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   259280
Md5:    53d090335e8e78b28c5a51a7bcd9f866
Sha1:   42c109960113d98371ae8b95c216ffd7ef1a2fcd
Sha256: 66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc
                                        
                                            GET /53218c3090e04eccae534334cb03ed4a.gif HTTP/1.1 
Host: 65686232255.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.110
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "630cc146-8dadb"
Date: Thu, 01 Sep 2022 12:13:34 GMT
Server: nginx
Last-Modified: Mon, 29 Aug 2022 13:38:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 580315


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   580315
Md5:    1a429adb0604b6dd52d269910a16df11
Sha1:   0e6e0b7135822c02ae159c14a1b4aebfa75b0982
Sha256: 819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /14112a98f9104043bc1d7e2e4ec39ac2.gif HTTP/1.1 
Host: 89958716765.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.79
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "630b2c84-8e959"
Date: Fri, 23 Sep 2022 07:45:00 GMT
Server: nginx
Last-Modified: Sun, 28 Aug 2022 08:51:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-09
Content-Length: 584025


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   584025
Md5:    ebf4ee75bbd43b703e1b1b861ba166e2
Sha1:   c241029604f77ad6b4f56894bc51decfededfde7
Sha256: d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1 
Host: 93533557591.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Sun, 11 Sep 2022 07:55:42 GMT
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-25
Content-Length: 719745


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   719745
Md5:    a371336a677886333a1e0e87f32df904
Sha1:   5d17beeea80b18e70073f0e54dfa9ad61e71b25f
Sha256: 18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /img/200200.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:33:57 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sun, 23 Oct 2022 12:33:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   75259
Md5:    03c13356e00c2033df2c88cb919251eb
Sha1:   f3a334a0366ddda6a87034f7d6c889c4d159dc8d
Sha256: 0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
                                        
                                            GET /83ba7e533208445fa097e17c23a48e1c.gif HTTP/1.1 
Host: 33869213.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.239.174.73
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 23 Sep 2022 12:35:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Jul 2022 07:53:43 GMT
ETag: W/"62dcfa87-b269"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 240\012- data
Size:   36943
Md5:    7ded2042a95c6c192a2c06e07075236e
Sha1:   1fc93212b6c5296bb2e0b403884c9b37e93c27a6
Sha256: 8095fedc5bd55fab27f9e37eed655234aab58b2925ea2494b04dcf5ae089f699
                                        
                                            GET /ee2552e0433e4f19ab771ef923ba5299.gif HTTP/1.1 
Host: u0053.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.247.82.45
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 23 Sep 2022 12:35:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:58 GMT
ETag: W/"629365a2-92cd"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 240\012- data
Size:   37225
Md5:    910f18fdc66120d774b5e52a309b0cfd
Sha1:   cf303808e3664ff87c387824d6f32df1df8af56c
Sha256: 01c54f3caed68e21a22c348b63a3e13e26a36ae0625f12d30d704f6d5d49db41
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=358998545&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 23 Sep 2022 12:35:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5541B2C197677DD1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /b8ca9e8def054d5284828d03b701ef43.gif HTTP/1.1 
Host: n6579.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.123
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62d16582-9f991"
Date: Mon, 19 Sep 2022 00:44:58 GMT
Server: nginx
Last-Modified: Fri, 15 Jul 2022 13:02:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-23
Content-Length: 653713


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   653713
Md5:    6e1b913d233fb64271527a796618f37b
Sha1:   a858c96c304244dfa9d5cd159a3a5c80c6b98598
Sha256: 4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /1000c6da2a3c4746b97daa78f8f1b65f.gif HTTP/1.1 
Host: unpfqc9.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.75
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62935fa0-1b73f"
Date: Sat, 17 Sep 2022 07:55:01 GMT
Server: nginx
Last-Modified: Sun, 29 May 2022 11:57:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 112447


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 185\012- data
Size:   112447
Md5:    41a695940d0c5bd9d1f0ad33ab681ccf
Sha1:   f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
Sha256: 92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6
                                        
                                            GET /cdn/ashkad.gif HTTP/1.1 
Host: 6655cy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         154.39.67.144
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 12:35:42 GMT
content-type: image/gif
content-length: 311408
last-modified: Mon, 15 Aug 2022 08:53:58 GMT
etag: "62fa09a6-4c070"
expires: Sat, 22 Oct 2022 14:26:26 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   311408
Md5:    99ed707e8993e93bff73dbb369e89b3e
Sha1:   21d1ef9c09316253b35c31df246c4cef8766df62
Sha256: 99d1c91a54ee659b7055b38390708fb6405f9b8e8f4d70a20616ced03adbfb62

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: www.pgoqd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         173.231.17.179
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000