r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9523
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 12:35:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 12:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eqCn2UFVK7j1-Wgve-YoymZptll_qSolAnaILp8HLVq_Wa0m2pMgUQ==
Age: 1290
www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
23.80.129.88200 OK 785 B URL HTTP/1.1 www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
IP 23.80.129.88:0
ASN #395954 LEASEWEB-USA-LAX-11
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 9d2825a507d8a08a9746f24d02272cc0
1d66b651906eddf9c16838be4e7a964236696c13
36e0e308c8815b7a79db7cc6b6a2cce559b44d5c502da376c97b737a2e0c5ee4
GET /wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7 HTTP/1.1
Host: www.tabayyunnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:35:36 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TdIR87RTbmeWxmKI10xHKZBemkq3VZXzgqdq2eCr_F7AoYB6tpSd0w==
age: 28823
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.tabayyunnews.com/tj.js
23.80.129.88200 OK 520 B URL HTTP/1.1 www.tabayyunnews.com/tj.js
IP 23.80.129.88:0
ASN #395954 LEASEWEB-USA-LAX-11
File type ASCII text, with CRLF line terminators
Hash 4f5b545076e18d3e40de8d86792cfa97
ddae501324297958ccab0cfbcbd37f4420c084c2
5844a3dc31f09ff46ca91e6bb330edf0b8faa55dbeb5d9a535c9c95f92951437
GET /tj.js HTTP/1.1
Host: www.tabayyunnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:35:37 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.tabayyunnews.com/common.js
23.80.129.88200 OK 1.1 kB URL HTTP/1.1 www.tabayyunnews.com/common.js
IP 23.80.129.88:0
ASN #395954 LEASEWEB-USA-LAX-11
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e
GET /common.js HTTP/1.1
Host: www.tabayyunnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:35:37 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 12:27:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HxRL_dhKuBhNch4p0AnGFm_pes3qGPygU6qgUhhV3E2HIDdBmQR3Nw==
Age: 1935
api.share.baidu.com/s.gif?l=http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7 HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 23 Sep 2022 12:35:37 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5257
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:38 GMT
Last-Modified: Fri, 23 Sep 2022 11:08:01 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 23 Sep 2022 12:35:38 GMT
Etag: "4078521116"
Expires: Sat, 23 Sep 2023 12:35:38 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=7A6AEE4EE0702BE877C022098E0C393D:FG=1; max-age=31536000; expires=Sat, 23-Sep-23 12:35:38 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
api.share.baidu.com/s.gif?l=http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7 HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 23 Sep 2022 12:35:38 GMT
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash a57a2d0206ab2f80b7f06e40aa9af85f
ed8578f8a59088d1c1c38969ac6983666318606b
033d328268c2de7d51f34a09e1fd866a9e41c4450aeb697f768e93b5714f2d2a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:38 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 03:46:18 GMT
Expires: Thu, 29 Sep 2022 03:46:17 GMT
Etag: "ed8578f8a59088d1c1c38969ac6983666318606b"
Cache-Control: max-age=486038,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f352441992b4ee-OSL
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5UOohWi4p4eCMc54cTmMCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xuSyaQt6vmJmvDYjdy0od2Q3988=
www.tabayyunnews.com/favicon.ico
23.80.129.88200 OK 1.2 kB URL HTTP/1.1 www.tabayyunnews.com/favicon.ico
IP 23.80.129.88:0
ASN #395954 LEASEWEB-USA-LAX-11
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.tabayyunnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tabayyunnews.com/wp-content/plugins/facebook-comment-by-vivacity/css/fb-comments-hidewpcomments.css?ver=4.8.7
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:35:38 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 28 Sep 2022 12:35:38 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:35:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:35:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:35:39 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 87ea5f00694cd292bc28477098148e7e
03a6e8306737ce30aa48ced653f4102df3143e19
0188bcac4cd87473536ce8c23873a740a57a2b4df270b8f671c5b04e33ff1d0e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:53:37 GMT
ETag: "03a6e8306737ce30aa48ced653f4102df3143e19"
Last-Modified: Fri, 23 Sep 2022 09:53:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f3524bca48b515-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 87ea5f00694cd292bc28477098148e7e
03a6e8306737ce30aa48ced653f4102df3143e19
0188bcac4cd87473536ce8c23873a740a57a2b4df270b8f671c5b04e33ff1d0e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:53:37 GMT
ETag: "03a6e8306737ce30aa48ced653f4102df3143e19"
Last-Modified: Fri, 23 Sep 2022 09:53:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f3524bbb54b4f4-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: ab65ba93-aad5-4845-b471-c50c14057c47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvqujEsIoAMF8sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632957f6-6d4635bf713fd25147948c7b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:04:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SZ6p5NLxuGUoEOZujwPbDGwUO0dZgiITud8RWOaSW_VciGRgBidY2A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
age: 61178
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 52599
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 52254
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 52634
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6uqNnpll2kgC_0_t5e9yp0AgFAvprQq_GF_jgwj2sX2TE9S1l023Aw==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 03:58:47 GMT
age: 31012
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae63806537bc1795029ac9e522b4abb1
47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781
369fe0af9bba20526bb10c7240a7571e72726fa653bbb70d8e56fabb13cf9358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9484
x-amzn-requestid: ac493b06-28bc-4a84-ad7a-060617233da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHHiIAMFnow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-7944659e3cb7134b58da757f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OzTpgbr1HluiZtdiVUrQjTV1KMWuynatd1A8L8excXJDJsnM45A3Hg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:35 GMT
age: 51784
etag: "47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 379e3ef02a3090b0669f91e9f456783a
2bac34a3675a46f0adf36e4fe00257a8de1d08f1
2ea771e1f4d6a2bd5fc9b61949c28ad2fcd49d5853af13c70b293f3cf55bc6d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EA771E1F4D6A2BD5FC9B61949C28AD2FCD49D5853AF13C70B293F3CF55BC6D1"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10336
Expires: Fri, 23 Sep 2022 15:27:55 GMT
Date: Fri, 23 Sep 2022 12:35:39 GMT
Connection: keep-alive
www.pgoqd.xyz/template/pgysvip/css/honglou.png
173.231.17.179200 OK 19 kB URL HTTP/2 www.pgoqd.xyz/template/pgysvip/css/honglou.png
IP 173.231.17.179:0
File type PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e
GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Sun, 23 Oct 2022 12:35:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgoqd.xyz/template/pgysvip/images/1.gif
173.231.17.179200 OK 254 B URL HTTP/2 www.pgoqd.xyz/template/pgysvip/images/1.gif
IP 173.231.17.179:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Sun, 23 Oct 2022 12:35:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgoqd.xyz/template/pgysvip/html9/ad/zxf88.js
173.231.17.179200 OK 614 B URL HTTP/2 www.pgoqd.xyz/template/pgysvip/html9/ad/zxf88.js
IP 173.231.17.179:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5544a44cad5faf09138fde07c5d2ff1a
b435357e5621bc4c023c289943638f84c560f644
e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8
GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: application/javascript
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Sat, 24 Sep 2022 00:35:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d69fa8e84106e7c17f5f89ef4cb7988c
63c250eafbca8c643d050be80398f0a887231c6a
715225af8d6c30cbe0607ec182edfc2e5c51e40abb17998b127d468920414323
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "715225AF8D6C30CBE0607EC182EDFC2E5C51E40ABB17998B127D468920414323"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3490
Expires: Fri, 23 Sep 2022 13:33:50 GMT
Date: Fri, 23 Sep 2022 12:35:40 GMT
Connection: keep-alive
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 8a09ec9b7b75dce41b48db6bef4c7722
787b0f1d5d57f442cd979f5c2d0b6c1aacf0dc6e
da9b019b27701394ee6527de4ef0e4240c05d06ad6d4f175313f8577cd3ed105
GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 12:35:40 GMT
Etag: d2fb10bbe122b1a6d518ab0bf927b503
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C1A7BFB106C584DD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?f9f875434168a51f4a3df9c637c0631c
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f9f875434168a51f4a3df9c637c0631c
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 7366bcf4ed8dbc4edf566ea6880c4741
11689f0e2e2115bec55ce6bfd86effa52863f24d
57eb192b0ad565dd05be7638748287aa754c9434ad1c47be09c7711adb56fdbc
GET /hm.js?f9f875434168a51f4a3df9c637c0631c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 12:35:40 GMT
Etag: 535c49b3eccbe4dd3d57b885b7dc7366
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2A5BF89C20C169E7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e719d7ff4ac59934923a1c19c49275bf
7f4d399f587d41034bcb76f388240222e53c77b5
6984498ebe5103696c532e9cd86fdc5d54b8b638c7993313d2f60880f4d3f02d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6984498EBE5103696C532E9CD86FDC5D54B8B638C7993313D2F60880F4D3F02D"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2658
Expires: Fri, 23 Sep 2022 13:19:58 GMT
Date: Fri, 23 Sep 2022 12:35:40 GMT
Connection: keep-alive
www.pgoqd.xyz/template/pgysvip/css/ate.css
173.231.17.179200 OK 202 kB URL HTTP/2 www.pgoqd.xyz/template/pgysvip/css/ate.css
IP 173.231.17.179:0
Size 202 kB (202541 bytes)
Hash 1cac24f3eb9731a2d8e198f80f4e5499
98f2aff168e908107c8f815b3ee6b945841a7c91
e378ef20e0fd78924ebd8ef5bbfc8495a1a37a42380833e734cdfdb653be3d86
GET /template/pgysvip/css/ate.css HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Sat, 24 Sep 2022 00:35:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e719d7ff4ac59934923a1c19c49275bf
7f4d399f587d41034bcb76f388240222e53c77b5
6984498ebe5103696c532e9cd86fdc5d54b8b638c7993313d2f60880f4d3f02d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6984498EBE5103696C532E9CD86FDC5D54B8B638C7993313D2F60880F4D3F02D"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2658
Expires: Fri, 23 Sep 2022 13:19:58 GMT
Date: Fri, 23 Sep 2022 12:35:40 GMT
Connection: keep-alive
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2843fe84f977966e5b8f7bd6f2e0dd22
18311019c744ebcf3fc093e3dd4ba55f4430d441
f126e9da7d2ad6096674591da08928c2dd629a68e364e9bf889ebec7c0b1b03c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:40 GMT
Ali-Swift-Global-Savetime: 1663936541
Via: cache26.l2de2[277,277,200-0,M], cache26.l2de2[278,0], cache1.se1[299,298,200-0,M], cache1.se1[300,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 23 Sep 2022 12:35:41 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516639365407148342e
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Thu, 22 Sep 2022 14:17:30 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: RfwAAAD1asVxNBcX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1663856250
Via: cache15.l2de2[0,0,304-0,H], cache19.l2de2[2,0], cache7.se1[0,0,200-0,H], cache1.se1[1,0]
Content-Encoding: gzip
Age: 80291
X-Cache: HIT TCP_MEM_HIT dirn:3:22547665
X-Swift-SaveTime: Thu, 22 Sep 2022 14:24:12 GMT
X-Swift-CacheTime: 85998
Timing-Allow-Origin: *
EagleId: 2ff62c9516639365410258568e
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d7fe1a8e556fc40ce07a0d028c42fd9
c871310dc9e29174b53f41d3a44f0eb4ee48db28
bfdb1d55b745aea2210f683f46bc4b7a1c0e795fec245e9d7c9d3ceee1028a8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 11:46:37 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2022/09-22/14/okvaf0nim221415okvaf0nim2257287.jpg
172.64.141.29200 OK 9.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/okvaf0nim221415okvaf0nim2257287.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 600ca2d581a3f97b9e8da1e15107e54c
e7a922ac7af89ee78321e8a511c28b3d49e95a41
250ecb7f57f55c3770eade03645b3ad34eb6fc6858f954976fcf05b757a59acc
GET /upload/vod/2022/09-22/14/okvaf0nim221415okvaf0nim2257287.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9452
cf-bgj: h2pri
etag: "a7815ec74aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxShD%2FtHv7WoVFvGK35xLRhK732TX%2FhOpAwJuEYzQ%2Fus91MMaaaYfmJrrMeW7Nw5QE3IXUiMYqgxl%2BbpgatQQuznyY3MfUodtzV5WFphBrn%2FdwWS30JA4d%2BfLZTq9doS5%2Fv%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef67190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/oqpa0rjymmq1415oqpa0rjymmq58289.jpg
172.64.141.29200 OK 9.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/oqpa0rjymmq1415oqpa0rjymmq58289.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash a464281b5048183f86ce1a2601f3ae32
e81a1d77ad3154cdb0ce67c8560302664d342154
93014a91a2a6a73cfb7a6f626c83006f26f31215801e5342effa663abee04a89
GET /upload/vod/2022/09-22/14/oqpa0rjymmq1415oqpa0rjymmq58289.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9922
cf-bgj: h2pri
etag: "fe67e6c74aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAE9MeCZ66560ZN8%2BheHkbAMtiswu1PlbTWAsWX067Q6GspTdfHqJKO7V3b316BO%2FxxuIMr97poxZSrawAdsMG5oKQgbAuS3UFZ7aFnTdIg2N9b7MIbj0zzI0opM3Eb3edng"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef37190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/13/bzkkcixhjyb1331bzkkcixhjyb2313.jpg
172.64.141.29200 OK 8.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/13/bzkkcixhjyb1331bzkkcixhjyb2313.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 29c9eed93d1af785c702578fc3ac2c6e
04e83e1bd6e8386fbef857b0a3870d9146a94911
31f92d8c856132735151367bd91f97490581f10fb316ec557c7e6d21a91209a6
GET /upload/vod/2022/09-22/13/bzkkcixhjyb1331bzkkcixhjyb2313.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8714
cf-bgj: h2pri
etag: "d665658d44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buVI8UVZqggwMjqMFXqgApwhXtIXRYWOJJMiWeuqXW%2B%2BoyCNxHal1sQL4ZlyL%2BC4nVRb87kQxO2ea3KE2nu0dOKb%2BwNaCOTi9%2Flo8Mh23m5dUi5uGR90QI9B%2FwIS98WlqYyE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef87190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/13/0zldwxfdzvl13310zldwxfdzvl2211.jpg
172.64.141.29200 OK 9.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/13/0zldwxfdzvl13310zldwxfdzvl2211.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 20f8124f097f27cb248aedfea35edb64
83c96f36ab018d0d61eda1e7face74239d63dc7c
91249140dc04fc16a326b54d1883c8d0743e68a4db248b664dbbf74dd0b5cc8f
GET /upload/vod/2022/09-22/13/0zldwxfdzvl13310zldwxfdzvl2211.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9377
cf-bgj: h2pri
etag: "7e7edd8c44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51elqffguS3WUwr3dC37deGsF7s06uGnW0gbw2NAami5j4Q2%2BSZlyI3jclDCBxPvfqgFAbT4agoDm9OkHjODOggIRse%2BygstlrUKrRcAXawPKSXCh8xlOOmXgwaWEXkF74Gf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef77190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/zkffkw4nxbl0001zkffkw4nxbl371737.jpg
172.64.141.29200 OK 9.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/zkffkw4nxbl0001zkffkw4nxbl371737.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 435070a8d9d0d2effd8a40b34e7f7e04
fa4f21c64518c27ce1613f8aa1596bfe0c321801
dbaaf4218c297c0edd7587a0194d63b0f7cd5654368c0bed655541a12da64751
GET /upload/vod/2020/08-04/00/zkffkw4nxbl0001zkffkw4nxbl371737.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9700
cf-bgj: h2pri
etag: "e1ea15eaf69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTPaC%2Ffq5Wx36jkwWVmc8zRNWoteLkrhmtQUi0dQDu4Ow81PfCb7htOPuHol0u8LNv2noFK%2BEJHtN2DJ4y1CmQiBdt%2BEp%2FXgJjCiETcQ514mjqfmKopX4pSKrq70M8QdCBJa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563eec7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/13/jdewjxhzpae1331jdewjxhzpae2415.jpg
172.64.141.29200 OK 9.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/13/jdewjxhzpae1331jdewjxhzpae2415.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7c35a398e355462d0f3ffe8762c83162
8cfd91a4aff573536a57666d140bd9de2fd00c40
f6a0d217572c2fe58f084b630aa25ac5a4508caf0345dd6827f9e45ff2010eed
GET /upload/vod/2022/09-22/13/jdewjxhzpae1331jdewjxhzpae2415.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9405
cf-bgj: h2pri
etag: "ede9ea8d44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TQEwm9195jGhZS0AINrx2Q61UctHn9oeFwftMFaS%2FIgAsqZ8yv%2BgZ7mD3q8mHqtTMibTYRJzQRmiW2ybuKEBJCot%2B5QEY9WN33%2BEcV7Ghy3EhlpB0sGOuY9BC4QFdSzRDB0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef97190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 97dcea03f028dd1e81871c28d45f2f3d
ddc70a99af8fd697f5fb88934b45e70b676a1c8c
ee5f80c808ac4a6259afa5f384117843d71072f9baa73de854bc0e255f93d20f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (amb/6B8B)
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2022/09-22/13/usklb041g001331usklb041g00183.jpg
172.64.141.29200 OK 8.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/13/usklb041g001331usklb041g00183.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0e8d34a85ad20a6251f4a2944798db00
2cc17bf9b1d413ff96c0996f8e755046873102da
bb380042a0e524cc0c64e526895151683bfcaa89ba7f103c07b22744eec46d2e
GET /upload/vod/2022/09-22/13/usklb041g001331usklb041g00183.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8209
cf-bgj: h2pri
etag: "ea80bb8a44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vdz2xA6zY7Mc3Zh2oe%2FoXKf%2Bn1yhqKuSq%2BfzG4sk%2F7sPZNoA1qcR38IHU5xlbJr6ZhATPNBRkSudLdvCTVVci%2BZD5Pc27DdAQqTCK2HagOg6U3R%2F7bZUCCxn4epeDD3D09r3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563eee7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/ksnuiygyrq31415ksnuiygyrq326253.jpg
172.64.141.29200 OK 9.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/ksnuiygyrq31415ksnuiygyrq326253.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash c42e1bf0a09c886fa2875db2a953124a
e019d157990f84d53bd890d8988ff20bc1f28621
e2785f477160ed5fc9dd43297c21e4049cf7a229eb1b6fe0a87072d3f987e46b
GET /upload/vod/2022/09-22/14/ksnuiygyrq31415ksnuiygyrq326253.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9057
cf-bgj: h2pri
etag: "423cf7b44aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqIBSm9wMIuWDoSqWu1WKFvvxljKJ9ppL5S82AsO7FQFrFYLDf9%2B4mgbm0HmprpW7w3h1bUR26l%2FLLFXfwANs46UZWE%2BhHcGL4euscnTs65oT9YPjXecwSDtUJC40tiIACiA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f3b7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/13/qjcexsfrnef1331qjcexsfrnef195.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/13/qjcexsfrnef1331qjcexsfrnef195.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f99459e6506f5619e60987d4309dfbe3
3e4288852aed2948c868395cc86fb5c2f51ebcd8
4254578e552dddb60961af744c66dba1e425d50970536cedb0317e74096df1f0
GET /upload/vod/2022/09-22/13/qjcexsfrnef1331qjcexsfrnef195.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10199
cf-bgj: h2pri
etag: "d467438b44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzU2lfHc2nWo9L7DtHgJrvavQ2sSpqbO2%2FOxeL3gkYsp6OXAZDEMqbuLOC3wtf0UaHU%2BxJk4oB%2F7NucJ4QEGGVK6B0PVbq3L0ovSgnbFwHMESC8Faql%2Fnys1Of4DbaoUTCIn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352563ef07190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d7fe1a8e556fc40ce07a0d028c42fd9
c871310dc9e29174b53f41d3a44f0eb4ee48db28
bfdb1d55b745aea2210f683f46bc4b7a1c0e795fec245e9d7c9d3ceee1028a8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1533
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 12:10:09 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 390430adca307de959661e2eee18fd65
4b4586dee061f5bdd3ddda76c985add947917450
01c2afcf1c5aacf13c3c61fd98117043047123bddb5ef13bb177d2ccfe23d56e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01C2AFCF1C5AACF13C3C61FD98117043047123BDDB5EF13BB177D2CCFE23D56E"
Last-Modified: Thu, 22 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11441
Expires: Fri, 23 Sep 2022 15:46:22 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2020/01-05/16/pdje01fnrch1647pdje01fnrch0723.jpg
172.64.141.29200 OK 15 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/pdje01fnrch1647pdje01fnrch0723.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 848074927c8bedd37b3fef14da91c0de
840859d9973c7266cae9510d620f014e338b45ab
4bc0554b6e0b45a8e8d4b4b77a651924a21a0bbb0e9db2156e5e86e70ee95b91
GET /upload/vod/2020/01-05/16/pdje01fnrch1647pdje01fnrch0723.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 14922
cf-bgj: h2pri
etag: "ed9a18b6a4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4244
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ls%2F7P6oLANshE44pN8FUxLqKNlic0dl6UeSym4OHzDGEDa4JzNDyQx%2BbvawOhiOXyIKNA4CTs9bXntuG3VKnkySPcaYL4KMCssx00xWK3ZoKG02KqVEnh%2BRwDrlMkHFILVo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f457190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/e0ujspwjakn1414e0ujspwjakn55211.jpg
172.64.141.29200 OK 6.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/e0ujspwjakn1414e0ujspwjakn55211.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash decd5f8fc8ff7a538e885236ce4e68a2
02c0f51b0b32d1e7a970948b57453e0944236368
8c417df03e0f7ee8556404ad21adc6c9f13da8ddcac443c307db3ba8f8cadc10
GET /upload/vod/2022/09-22/14/e0ujspwjakn1414e0ujspwjakn55211.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 6136
cf-bgj: h2pri
etag: "2bd42ba24aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 976
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Usm40pdgFnX6U4jS4DzZqmjHKthsMtCg0DBSGfIAbJ0nKopgs1bgUF6%2FYKi1cW%2F9JggWGF3MyWnKqget5%2B%2FPBu4gI7fqKu4mwAiJmuoiQMskYbV7k88km%2Bgsk4zGxZ%2Bft6R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f487190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/aknul1s1khs1415aknul1s1khs55283.jpg
172.64.141.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/aknul1s1khs1415aknul1s1khs55283.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 6fdb483834caaa4bba437683e33fcbb2
265f05447675331d2cbd83dc3cd0356ff5e6b6ed
2a815981f6977488de64b13097e24d90b041129afd398d49fd34b8c17173454f
GET /upload/vod/2022/09-22/14/aknul1s1khs1415aknul1s1khs55283.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8832
cf-bgj: h2pri
etag: "93504cc64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8rgRhMUUmd6gfOfaRcqpqHpLTCeOjxN6S%2BXD2yQKVERzeA2zblLrYz9J%2BkkSsKaQJSnavEl8jG0Yg2Ius3TmdEF7HDJoxyz3W0U7MG3tWF4Vur1bgEwqODPTOMhFS2W0e7H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f4a7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/ccujq1cfpji1415ccujq1cfpji56285.jpg
172.64.141.29200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/ccujq1cfpji1415ccujq1cfpji56285.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b801e86b46ee4d651070a06688145bcf
b685130a1eaf6d3bfecd81cc0b33f56d666a72e9
79d3b0b90caf8e4dc58763081641a82d30a5f56dab574d15dd2fcddbdd7f3111
GET /upload/vod/2022/09-22/14/ccujq1cfpji1415ccujq1cfpji56285.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 7477
cf-bgj: h2pri
etag: "238d4c64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ok81dsG4tskNGpLVgnZ3VCZB56vfoNlaUIwOCB3pPFds%2FxvY%2BcXbTr9j8bq%2BxUTKqph8wgzgipSpDWzCxBFh6bQlCgISXTYxtpzbpzu6LQl2D%2FVpVwamSXPI%2FOdloxZprs%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f497190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/eotesmpc1ng1415eotesmpc1ng25251.jpg
172.64.141.29200 OK 9.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/eotesmpc1ng1415eotesmpc1ng25251.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash c5df898fe9e926cf6a323a161c9ea994
8d8adcedf5919a02a78ea483c7f26113f10e1fdd
ad273fe490277adcb7dd5a458bd82ee327e3f8e0a98b359c46feb695768bda35
GET /upload/vod/2022/09-22/14/eotesmpc1ng1415eotesmpc1ng25251.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9752
cf-bgj: h2pri
etag: "ea556fb44aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Or5MH%2BWu1fG4Z8h2XDrjsrE9ieljw73I0CY%2FaH2QaERGFax7oUXzez9af1tFTQQ1H8sXbVXCy8XKhwW38vcD%2BnTRkqMcTe17%2FvNyiN783QhLowSx5DAXuZWAUvVeNMwRqtZT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f3c7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
172.67.143.17200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 172.67.143.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Wed, 05 Oct 2022 01:58:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1593415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fc%2BiI2ygvqPz73pHh%2FLZsRjBdMnmxxhOONNWEh71UNDUTf7eAuM3dp3NcDe3YP4Wyct4ubY3c5dW4WOq33Cfi8cgwyMxTmKEWdmI7IZKeE8M6%2FeAbI2pwx0k%2B3tF4VIufA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352569823b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/xu3l0p2c0pd1647xu3l0p2c0pd1127.jpg
172.64.141.29200 OK 21 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/xu3l0p2c0pd1647xu3l0p2c0pd1127.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 135c7ecbcfdc500c224bf15148eccc3b
ab16f7fbc8de6811bd22f4485b20d92639d0f208
56c75d9e44a61cb0d25094d7ea4409dbf254d6ce27a0047820a95a960ccaeee3
GET /upload/vod/2020/01-05/16/xu3l0p2c0pd1647xu3l0p2c0pd1127.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 21418
cf-bgj: h2pri
etag: "638bc2b8a4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYiwLX55loizgpFKXEfStGZG56%2FK4tysNu34eW%2F3tDZH2j1vK%2BhTv3SgDT4q8Eo8WaDjPCgaDkhCPm2YoRi%2FWjVks9iVvjyYxhz%2FMJh1Xhqb7ydsyj07rVglPbhE6Uw%2BT%2BMt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f3d7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/otcj0y2xkc41647otcj0y2xkc41025.jpg
172.64.141.29200 OK 9.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/otcj0y2xkc41647otcj0y2xkc41025.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f3fe4ab5bab8fee0aec17033808284fb
5046aed06e21f4581389d3a3aa161f1995583822
919a802c675d7214e52ac7992d20c85c8d69f1680d6d9a75f6ebdddf1d9a7d4d
GET /upload/vod/2020/01-05/16/otcj0y2xkc41647otcj0y2xkc41025.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9810
cf-bgj: h2pri
etag: "e8e1f7b7a4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOOX5zq8NqZCo9v6uLlAkR9Y%2Fq5DK6ySycDnWL1hfsvtOhcJf0CpC4Z8BioszFGMNu4FIcXvUqR%2FDjakOoCCcXAzxIHzvZD4u38YQASqDoqldYc8N0kcVzcf3KvWwO97Tkxw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f427190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/ejbtss3hq0q1414ejbtss3hq0q55213.jpg
172.64.141.29200 OK 5.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/ejbtss3hq0q1414ejbtss3hq0q55213.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4d4b9b47a64c275b65e141b85ff9224f
20fa476a0bb083c8ed8e078631a5ef1d135acf7f
74aab57d7150bc44ce84164e8ebe776a234df00803e4179e5b300d63c00e182b
GET /upload/vod/2022/09-22/14/ejbtss3hq0q1414ejbtss3hq0q55213.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 5698
cf-bgj: h2pri
etag: "691db6a24aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYpz1EBvl1nbGX8LuWF3lHxFeWT1qC0XSZ%2BEu2sv6YHtThokxXLwvtT%2F0O54HXXuMnxfOVRfEek62Xb22G59KiGFuxYAnSbTNwdP3AaGwuhyuSakNWEy8SkITvMaOFxYbejW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f467190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/ak5rgh1m0k31647ak5rgh1m0k31733.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/ak5rgh1m0k31647ak5rgh1m0k31733.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a3dfe757f509ac7241987a65436c3cfe
84f63a34ba24138e828ccd502b3e1cbea8431fee
bac3e6a2d17eea37429deeb440f89cbb497c02e99a91e133746b9b99f0a171c0
GET /upload/vod/2020/01-05/16/ak5rgh1m0k31647ak5rgh1m0k31733.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10501
cf-bgj: h2pri
etag: "933065bca4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4244
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbA0ouuv1GLp50zirScLFE644V0%2BtADY98BfhKLVpDykogxYd%2FgNd9CQViHWbeAv4bXkqGINseiXg4tm6a5YoGJ6t%2BeqKZ0I8mtGMg1fmSkyRbqOezUSsN%2FgydtbLrUhnCLF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f4b7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/zsqjgguiqrj0001zsqjgguiqrj361733.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/zsqjgguiqrj0001zsqjgguiqrj361733.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c1441b90da61ae56f1f8dc08c1e51470
c1b12971db208707ff2829e8cafd9921e3fe07e8
340e5993999afb2a695c093619324c94079f58dc9d449e804788d08b42708992
GET /upload/vod/2020/08-04/00/zsqjgguiqrj0001zsqjgguiqrj361733.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10240
cf-bgj: h2pri
etag: "88ed745daf69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M66dopw6X95rWpBjU2jLALDfc2AoW32QxgpBeiSyN6LezA375I1zmbhK%2B7FixiSJc8eEGg7wDGr9y9Hr192teI6xB9TDaYPl3GjFwJ9KIHLkmmd6j%2FhS%2B65DMvdcEOOStixN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f4d7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/s5pz1df0y4t1414s5pz1df0y4t59221.jpg
172.64.141.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/s5pz1df0y4t1414s5pz1df0y4t59221.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0eda61956bd9d476f54c4bfe61974928
14d31a1d2c72cca46458822a84969fcd24a60059
343d9e80f44faa63b2acad2d23d5e5162ac609051bab8c1bdfb57f6e0ccbf206
GET /upload/vod/2022/09-22/14/s5pz1df0y4t1414s5pz1df0y4t59221.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8755
cf-bgj: h2pri
etag: "888fca54aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VRrLNIIUaxpGywO2WsE%2FhXLRLmCQK26WTHJhbU99dwPDxwNN3uDl%2BFJk417pd6ZMWVdg6atpbgvJ5Knobh%2FirEbmqbJSwsbpI9M9ab12i4x5TkD3DHHnykameYICHllXuwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f4f7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/kmchydnf30t1415kmchydnf30t24249.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/kmchydnf30t1415kmchydnf30t24249.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash d5fe41838b6349638784d3fb5c58b58d
e55735b38f996b0b0ff7bb244ba403c22a78bd8a
f07e289a4e7ec4984b5638b9a9a69ad59092b1df0fd843a112c5b50cd9914c4b
GET /upload/vod/2022/09-22/14/kmchydnf30t1415kmchydnf30t24249.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 11572
cf-bgj: h2pri
etag: "b896cfb34aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DrzuYXFwjcr1wNog4RKNulnxlqppEGX9z5ckklsxVdX58ZItQtm94PXr4bmgEI6DfgElcdkCBenopyiesVKlraIpIuxFPhTKfjwOBi8eAyUml9%2BPlwmPc9DVGfXQCkgPoVO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f507190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/t3iu4pjngvn1416t3iu4pjngvn21293.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/t3iu4pjngvn1416t3iu4pjngvn21293.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b0b46dd5f8afa9b4a2d356a55ee52419
c48f7c207a176e15d78919132822e831145a3b9c
92fd1922875e51fb56a8b42536e78c7bb472249d75580acf359d8112c6faaa72
GET /upload/vod/2022/09-22/14/t3iu4pjngvn1416t3iu4pjngvn21293.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10150
cf-bgj: h2pri
etag: "f047dd54aced81:0"
last-modified: Thu, 22 Sep 2022 06:16:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyBYxoQDHPMBcB%2FM3YgTO%2FC95AkKkmbvCYv%2FLPJ5dUsW7a0fmTeiXYk%2BOfhdxJZOz4tU1OW0Ed16VMscupmTuBtdVxqAbazRYPxynd4fPoVHoWFsC8d75%2BdZ0f5fbDJGveg9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f527190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/sakzvh55l0a1415sakzvh55l0a59291.jpg
172.64.141.29200 OK 9.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/sakzvh55l0a1415sakzvh55l0a59291.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 4883aa76ae631e00b70992f71d330298
cf696dc04ba5daff1cb4ddb87ecf5fba40a5f393
6334e782a32bd8a9a22dfbbebe468799d7832fcc589bb726ca731cb6a783e8d9
GET /upload/vod/2022/09-22/14/sakzvh55l0a1415sakzvh55l0a59291.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9694
cf-bgj: h2pri
etag: "b71373c84aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5leUNruduH%2FoksLSyDiqz8jkH5ymjLqI4OUT7UmsdfHwSNL0muY9qpeEJEQNyF74Y13QWlXNxomSG0lWGp15eho7VZivjnPef56gSgqCmG6FtCJSbtssnpVsfPe5fZwi1NNh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f537190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/ywxoxqzev4a0001ywxoxqzev4a381745.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/ywxoxqzev4a0001ywxoxqzev4a381745.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f3a78f93239b1a138d14b78b0a61018a
91d8ff5a04f241d21328c31a2c3f9c0153b29260
36a891e5123a96f7fd97e26656c0c4f70c8370de3be133c733c8e5c95c48513a
GET /upload/vod/2020/08-04/00/ywxoxqzev4a0001ywxoxqzev4a381745.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10386
cf-bgj: h2pri
etag: "637ef75eaf69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8isefIQidbN6eIyIPUaraBcpTSkZHUFKw9KiRJ59AvDfKpsV0ccJkdhhE6aW1WXx1QNUz39H3G0TEymNoRBlKFfLQ0OCR22uONuAqBSrCW1m%2BIsXlFN6vWnGlyYPCQcFHNha"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f557190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/clhlruqe01h0001clhlruqe01h411761.jpg
172.64.141.29200 OK 17 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/clhlruqe01h0001clhlruqe01h411761.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7116c42fd9876a2412ba605435725cdb
e35df90f217ab2d46787f6126c85b9c63d5310be
3e2980b781d3af276c0c4158cf483e92b60aad44779590d9a877c81d465fcae9
GET /upload/vod/2020/08-04/00/clhlruqe01h0001clhlruqe01h411761.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 16699
cf-bgj: h2pri
etag: "dc1cd960af69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aooHQFCUAozD0%2F3dApkIV3IuJ%2FcfEBB9Z9ySY2AGBt8Kvp%2FruCM7CGQWLSvxR3XdTMzryTriERmSDtooa%2F7rNAh3inA4OHoc22ONWU57wfKyLHJYCgB6IQVAAWvTsZlb1PI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f577190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/q5dudohfuqe1415q5dudohfuqe29259.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/q5dudohfuqe1415q5dudohfuqe29259.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 23x30, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 87eadaf647d7581a3e1f5d970d66a98b
c5bfb367230687be9352eaa20f0326e8e8815cc5
648323541fd359dfd2dfebf911847a02059443825137d7163e8acdf92172459a
GET /upload/vod/2022/09-22/14/q5dudohfuqe1415q5dudohfuqe29259.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 11801
cf-bgj: h2pri
etag: "867a98b64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3509
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtR9%2BfW4E7lZdJq%2FTX0Nq4WvGoZhw4q%2B8vGcb00aznf9%2FvejdmYEDN02yutbS%2FtEwof9n62hLJ75cNq1MVr2kUe%2FSaPgnlk5gqDt8E1UOWvAAY%2BL7YmBFZavB4dQdu56%2FfnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f587190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/g2jtd3dbu4m1415g2jtd3dbu4m28257.jpg
172.64.141.29200 OK 9.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/g2jtd3dbu4m1415g2jtd3dbu4m28257.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 23x30, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 2ea218e0d9732e50b92a40a04a9f63a6
bc1ea9ce43208d39d6423bb2a30cf8b7a9c31cb7
db22930edc6b677fd099db32e4986d8e9e5f2297f287889c420a780b86c6cc50
GET /upload/vod/2022/09-22/14/g2jtd3dbu4m1415g2jtd3dbu4m28257.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9387
cf-bgj: h2pri
etag: "ed30eb64aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VK7NWIiaX5qWMEja%2Fx0BcqrMdBfUxWmZkT6CvH%2B74MGKZRbGQSUWP5lrAafEtAX8jjDikYQ5N11xqjj68iMB0qfb61rE%2FrzFABbGgEg44wlfjDvgxtfr77lbjIm26nAPNKY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f597190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/m3uhzfkoe2h1415m3uhzfkoe2h27255.jpg
172.64.141.29200 OK 8.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/m3uhzfkoe2h1415m3uhzfkoe2h27255.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash a550b6baff5d77966451602aaf1daa87
2a6ec735cfcaa45baa2e943a3ff072eeddce2f1f
c25c5f956a8a96e4f19765642316426abb551f9286236918b619bebaa43a05aa
GET /upload/vod/2022/09-22/14/m3uhzfkoe2h1415m3uhzfkoe2h27255.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8699
cf-bgj: h2pri
etag: "8f8581b54aced81:0"
last-modified: Thu, 22 Sep 2022 06:15:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3240
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpYdv3kMyni%2FczuDqyEkXKYrFIYjgLci98ghikC7ZveNz7egTrqhwX%2BQgEgpKLTiyeMcEwrDuJ%2BzRyhUGcrWD8zcl1gFzVfSIjaCR8YHKH6GB1jrAsvbVj2Jg1Cqdl%2FCwkon"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5a7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/13/raz4n1141yk1331raz4n1141yk219.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/13/raz4n1141yk1331raz4n1141yk219.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f72dbc822b86d5e14fe16dec8c49cabe
49f363a971772af14cfa9175ead0af9896461d6c
757178e3ea8c07a58d7a643c67a2e33a6adc23f248c60b7e5a86f8d03a1c610c
GET /upload/vod/2022/09-22/13/raz4n1141yk1331raz4n1141yk219.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10217
cf-bgj: h2pri
etag: "5035538c44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBZGySu9HUNfw%2F09w3LFoiNMXeLbki4g8yb6br5ssDSaUlbbobT0MEXYpTNe89Smadj7%2FVuPWcFORSz5UQJU%2BcdzCUr2ipF2z7APA%2FVCIp6XinkJPz6GZzjk6orKRY1H5Q4j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5b7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/13/mmigszyblln1331mmigszyblln207.jpg
172.64.141.29200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/13/mmigszyblln1331mmigszyblln207.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fa1bb461517ce44f3f375f598d93802e
e6b6f0ea47a122b13ae56ca041db988a40440670
1caa6d8453d562cbafe33d9a56697db4013a533249d9b079213c5eca76d8d518
GET /upload/vod/2022/09-22/13/mmigszyblln1331mmigszyblln207.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 7490
cf-bgj: h2pri
etag: "59ecc88b44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlMlapTRSNVgOkpnLMTZLNRk2tfT%2BMg5EwrdOEEln8BXMyyQjHjA%2Bra1NQUEO49hTlIzv%2BcrfdfsIxPUVz9hLopH11x%2Bg0jnp9nTaz%2FPKzuh5dYua1YNDwN6szTPkduZudbI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5c7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/4r5lyjgdhx314144r5lyjgdhx358219.jpg
172.64.141.29200 OK 9.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/4r5lyjgdhx314144r5lyjgdhx358219.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e8ee969881129d3570f1cef82e4c3dba
8cc2c3860fbb5ee0f4f4f7b6c7d1507a38a05385
a9b04dd63aa2a7b82bc217dbd12ab23d6e25045cfe3db51463c3512644e8111e
GET /upload/vod/2022/09-22/14/4r5lyjgdhx314144r5lyjgdhx358219.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 9024
cf-bgj: h2pri
etag: "374682a44aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obvtvlY7hsHpN%2BZmyZdcI3c99e1aikg3sLdNAm6oK0oUEleYiChk1VYO6cj6KEG3GMcHCIuhVaU9%2FOrFcQyoEC4i9Ma8Ea1otuALShfw80l254VgKApvoXERoBVwmFar%2FFuD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5d7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/2lkfjsfwsmr14142lkfjsfwsmr57217.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/2lkfjsfwsmr14142lkfjsfwsmr57217.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 934dc4a5b0d9650bc9b60d26297735ad
9c67f986a330dfc43f1038699254e85323289664
933da6a3a9ef3f8e34d56661046286ba93c67aa5aa9f22ad982d15e01ba6a0dc
GET /upload/vod/2022/09-22/14/2lkfjsfwsmr14142lkfjsfwsmr57217.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10674
cf-bgj: h2pri
etag: "e4afcaa34aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBkUZ35cgReQR41NKqnFnh4hwTvMKF%2BGlczuSjy2C5JgH7H7gstD36ajxhQBJ%2F0ol5ZBFR5j%2B1IvfXaV9hrRDOjUd%2FmR%2BQjhgo2kaGFj%2F%2BnJ2rV%2BycRKJSMz0N%2BwQjj%2Bitrj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5e7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/14/2yagqvn3hqx14142yagqvn3hqx56215.jpg
172.64.141.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/14/2yagqvn3hqx14142yagqvn3hqx56215.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 70b862f1107da214c5af0ba337cba006
96899a32a3c3577d92cffc9c54c7fa8bed2add2b
cbd1a7686622979a527f7ffc7546fe56e36b5b074d07ff6a425fc57905bebfef
GET /upload/vod/2022/09-22/14/2yagqvn3hqx14142yagqvn3hqx56215.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8477
cf-bgj: h2pri
etag: "49c942a34aced81:0"
last-modified: Thu, 22 Sep 2022 06:14:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKwDqMR%2BPfhvmW%2FfoKei%2BqEJhqx7GD2O1TtJaXnkXUquUaANKyZAOw43zzWarE67w1Y7jBMxBz6VTqxLPVCvLltZEfNntX2Ve2%2BiHzpbqltmPD33KGLm6nOYpyQhM55jZe%2FO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f5f7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/00/lq3ubds331u0001lq3ubds331u371741.jpg
172.64.141.29200 OK 8.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/lq3ubds331u0001lq3ubds331u371741.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f83f895c7b5c0f52863b04f307e045f5
1602467ccdbffaa8ab96cacc5830002d87e72445
6bb7992148a62ebdc58addab6d93b255da4ae0af1c408bf960a34578a125d9d5
GET /upload/vod/2020/08-04/00/lq3ubds331u0001lq3ubds331u371741.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8670
cf-bgj: h2pri
etag: "2d855eaf69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTkXP%2Fxi5yz8WIlkW1eedDZKTH7NvvuoQqr%2BXn1Bu5cUL%2BE5vp8E7zBFtb3h%2FPCTHUlzxwN4pH3pCdwy7d1f2%2BEepQ0DV1AI%2Fw47MU0h9Kl%2FKZ5D%2FOD3QCfKojjUpgP2F46s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f607190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/fnkv13wc1fm1647fnkv13wc1fm1631.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/fnkv13wc1fm1647fnkv13wc1fm1631.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4add45a9874e0eced44e6e3add21ede6
aa17c5f183bdb2416941437c4a49303eb495ab69
f4990c23b9def970de7bab8cfbb5020559f37939b3330208e7735dd2d3595637
GET /upload/vod/2020/01-05/16/fnkv13wc1fm1647fnkv13wc1fm1631.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 10482
cf-bgj: h2pri
etag: "ab6091bba4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4680
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZecdItXNDhs9me8dEl91zX6JDmY2QpFj80nnudQPNd74tARrsMLdO3EE6ofefECKM0kV5yZN6L4CwrWBs9D1oklabM2rZz%2B7fk9zpL0swlM0mzNmKdBanjk%2B2Rc81WdEW3MJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f627190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/09-22/13/zstvz0sgi0h1331zstvz0sgi0h171.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/09-22/13/zstvz0sgi0h1331zstvz0sgi0h171.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b0fcf6a261ffd8f9da8cbcf7c51c5458
361cd1cee42a19dc312e62549a7dbc9357c392e6
b6cf2ab24fc16332131e6041a55fd9c657318db265c37bcda3f5641b1f029e69
GET /upload/vod/2022/09-22/13/zstvz0sgi0h1331zstvz0sgi0h171.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 12067
cf-bgj: h2pri
etag: "8411b8a44ced81:0"
last-modified: Thu, 22 Sep 2022 05:31:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anj%2F3RPkMq1sGmIJhgcRs4SYEUelAkpBjA%2F%2FsZ3lBr4NTam%2BZMEgwOMwTr5u6nCb2Oanu3H4ARomP2t0v59YzTsNUi%2FtMGQFvZIb7q%2BEvr54afhWoIt46dSN6ZcqxT%2FkIHxW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352565f637190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/16/3ewwukhvcrm16473ewwukhvcrm1429.jpg
172.64.141.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/01-05/16/3ewwukhvcrm16473ewwukhvcrm1429.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 9b9a8912588320ae67047eaa235b638b
3c7c1f1f4bed5f45323018a3e9c3d2c2a3f8d63e
812fef4a58a7a0953549ddfe703be246c84b8e5eb7d8202b46e334d2df067d6f
GET /upload/vod/2020/01-05/16/3ewwukhvcrm16473ewwukhvcrm1429.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 8546
cf-bgj: h2pri
etag: "d69f2dbaa4c3d51:0"
last-modified: Sun, 05 Jan 2020 08:47:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CU4KCsvceXzWrX4cxaVJyD%2FXNh2y9pQsHsTYX0vHWAiQDhfXrEOAzxHZrIS4kKTcyZDWCwuGFhbiCK5c8pEErZ1KBTeqHfI1c9gqzXDmUppE3kc9xJGoF3r3Aqgos1bT6aWE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352566f687190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d7fe1a8e556fc40ce07a0d028c42fd9
c871310dc9e29174b53f41d3a44f0eb4ee48db28
bfdb1d55b745aea2210f683f46bc4b7a1c0e795fec245e9d7c9d3ceee1028a8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 11:46:37 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
www.pgoqd.xyz/template/pgysvip/js/jquery.config.js
173.231.17.179200 OK 1.9 kB URL HTTP/2 www.pgoqd.xyz/template/pgysvip/js/jquery.config.js
IP 173.231.17.179:0
Hash ce53d3eaf74091c0aa28e7521eb16fe9
a83bcd0765ef29b13025943eaa4b4b93241aee51
727950f4641844dd02751630d5304a4996ddeb97645938138329d0a7820a95b9
GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Sat, 24 Sep 2022 00:35:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 682de244a038675c85ba22fad40e2deb
7a376713c7bc99183e293bf6444dd85cd1efe82e
7ab17a3bc3bc97c74bab2e47e8471634ec4e1a8af0c4964f57918b67d4d6981f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7AB17A3BC3BC97C74BAB2E47E8471634EC4E1A8AF0C4964F57918B67D4D6981F"
Last-Modified: Wed, 21 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18123
Expires: Fri, 23 Sep 2022 17:37:44 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=79719570&si=f9f875434168a51f4a3df9c637c0631c&v=1.2.97&lv=1&sn=2890&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.tabayyunnews.com%2Fwp-content%2Fplugins%2Ffacebook-comment-by-vivacity%2Fcss%2Ffb-comments-hidewpcomments.css%3Fver%3D4.8.7&tt=%E5%AE%81%E5%BE%B7%E8%B5%9D%E5%8F%88%E6%8A%95%E8%B5%84%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=79719570&si=f9f875434168a51f4a3df9c637c0631c&v=1.2.97&lv=1&sn=2890&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.tabayyunnews.com%2Fwp-content%2Fplugins%2Ffacebook-comment-by-vivacity%2Fcss%2Ffb-comments-hidewpcomments.css%3Fver%3D4.8.7&tt=%E5%AE%81%E5%BE%B7%E8%B5%9D%E5%8F%88%E6%8A%95%E8%B5%84%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=79719570&si=f9f875434168a51f4a3df9c637c0631c&v=1.2.97&lv=1&sn=2890&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.tabayyunnews.com%2Fwp-content%2Fplugins%2Ffacebook-comment-by-vivacity%2Fcss%2Ffb-comments-hidewpcomments.css%3Fver%3D4.8.7&tt=%E5%AE%81%E5%BE%B7%E8%B5%9D%E5%8F%88%E6%8A%95%E8%B5%84%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:35:41 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=236F19546F89D0EB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.pgoqd.xyz/template/pgysvip/images/video-mask.png
173.231.17.179200 OK 107 B URL HTTP/2 www.pgoqd.xyz/template/pgysvip/images/video-mask.png
IP 173.231.17.179:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Sun, 23 Oct 2022 12:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvmaa.com/fc562ab77f499f4a87e7cd55b58bc962.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/fc562ab77f499f4a87e7cd55b58bc962.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /fc562ab77f499f4a87e7cd55b58bc962.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/fc562ab77f499f4a87e7cd55b58bc962.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.pgoqd.xyz/template/pgysvip/images/video-play.png
173.231.17.179200 OK 1.6 kB URL HTTP/2 www.pgoqd.xyz/template/pgysvip/images/video-play.png
IP 173.231.17.179:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/pgysvip/images/video-play.png HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Sun, 23 Oct 2022 12:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 97dcea03f028dd1e81871c28d45f2f3d
ddc70a99af8fd697f5fb88934b45e70b676a1c8c
ee5f80c808ac4a6259afa5f384117843d71072f9baa73de854bc0e255f93d20f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2020/08-04/00/34rg2kcpyqj000134rg2kcpyqj411757.jpg
172.64.141.29200 OK 14 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/00/34rg2kcpyqj000134rg2kcpyqj411757.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c7810997f0f3be9253b69cab6973e8c2
3a22a1e79d03cd4716aad410d97bed92472207b6
0598e1c33666b1fad74e98f932d70d2a858753c2b72eb0f86f80c1f41bd0e337
GET /upload/vod/2020/08-04/00/34rg2kcpyqj000134rg2kcpyqj411757.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/jpeg
content-length: 13730
cf-bgj: h2pri
etag: "5d347060af69d61:0"
last-modified: Mon, 03 Aug 2020 16:01:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fpp9Ulq7xW7yWalqRpkzehfZHE09QPFWZCFv%2BXhgEs0lRzfwS3lI8t3JYYzOMhV2F%2BA4u3RMTrCXnP9RgRIcOOPvZD7%2B2cMw5nfJg%2F%2FsvVmCMrvk%2B1fDxmarOR8k5zxfbsaH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35256afc77190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 682de244a038675c85ba22fad40e2deb
7a376713c7bc99183e293bf6444dd85cd1efe82e
7ab17a3bc3bc97c74bab2e47e8471634ec4e1a8af0c4964f57918b67d4d6981f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7AB17A3BC3BC97C74BAB2E47E8471634EC4E1A8AF0C4964F57918B67D4D6981F"
Last-Modified: Wed, 21 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18123
Expires: Fri, 23 Sep 2022 17:37:44 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive
www.pgoqd.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=2022923Fri%20Sep%2023%202022%2012:35:40%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.179200 OK 3.1 kB URL HTTP/2 www.pgoqd.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=2022923Fri%20Sep%2023%202022%2012:35:40%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.179:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 6f0507efa797777e55fa4262632455ec
43f1a70fd4c3651483b4def2c2c9eab4e672239d
6340b6dc44fc7025ad6b92ff02788793de8ec7001d8b8d1113dfa2384efb4949
GET /template/pgysvip/html9/advertised/advertised.json?refresh=2022923Fri%20Sep%2023%202022%2012:35:40%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: application/json
content-length: 3118
last-modified: Sat, 17 Sep 2022 13:51:54 GMT
etag: "6325d0fa-c2e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
104.21.234.201200 OK 1.0 MB URL HTTP/2 acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
IP 104.21.234.201:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /3acd6109c1789c68133976726c0d3a33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 1024160
last-modified: Fri, 21 Jan 2022 10:02:31 GMT
etag: "61ea84b7-fa0a0"
expires: Sat, 22 Oct 2022 17:10:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 69895
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsYT3JykZsUaQpc%2BDNdCezmWDZM2mgI8TFl08qv8GFcWFYUvqDECYaS2iY%2BhA9EJNCgr5L47mAKELsJeJqDgGtnjSiPrlcUiKavxWhNn4%2BOiiANcyoppXVSzTEP21g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352575b1bdd03-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ed17ada76e40a14976a950a58595c27
0f333892419d64312ae489c7ba930e096f7b2567
dae83a39ec2928df3f91f0183452b88cd75ffb6e3dd21d089327f22d26ba6105
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAE83A39EC2928DF3F91F0183452B88CD75FFB6E3DD21D089327F22D26BA6105"
Last-Modified: Thu, 22 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2208
Expires: Fri, 23 Sep 2022 13:12:29 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8b3838c0c724df62d6101ede3ffbd3f
c51947aaa44bdf5c7e83d8daf1cf0327a9545c98
414a6aa29977086544e96bbd98bb638cddeed387095018ae645d457d7e5ce09b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "414A6AA29977086544E96BBD98BB638CDDEED387095018AE645D457D7E5CE09B"
Last-Modified: Thu, 22 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16604
Expires: Fri, 23 Sep 2022 17:12:25 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 91e565ff3f27acb6edf643d9241743ff
6645389063e162b5ae37946b39fdeff6c7d87016
4ca4a382c6a1c5ea6db08f6391646e5cd7f2dda84460db9eff86e1b191059f52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (amb/6B8B)
Content-Length: 280
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ttsetupian.cc/lm/cstggspk01.gif
172.67.200.154200 OK 246 kB URL HTTP/2 ttsetupian.cc/lm/cstggspk01.gif
IP 172.67.200.154:0
File type GIF image data, version 89a, 320 x 190\012- data
Size 246 kB (246207 bytes)
Hash e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318
GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Fri, 23 Sep 2022 14:30:45 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2585062
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vz0tpdK2t%2FJ%2BPhu8OfzxICgHMc2stT8k26jq53EGAwlmImbu2VwpcQObBAtU%2BSq0lOwuu0AvC%2FQFqi7IyZIi%2BhmFswWZfMb2Y%2BUyZzHhjEu64kFUzyLCIzMnxIKrIm8h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352588ac60b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://kvtbbb.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
nvhbbb.top/fc562ab77f499f4a87e7cd55b58bc962.gif
104.21.55.74200 OK 118 kB URL HTTP/2 nvhbbb.top/fc562ab77f499f4a87e7cd55b58bc962.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 118 kB (118121 bytes)
Hash caaa592fad00ee9d8db810c6fdf0741d
90c218822bb4e8237f8d7ba5ddf73e63ce80fd13
d8307cc1c162ce82416d8dcc966b31fbe2e6834c0e7eaecf021a98baf1a16083
GET /fc562ab77f499f4a87e7cd55b58bc962.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgoqd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 118121
last-modified: Wed, 10 Aug 2022 09:44:15 GMT
etag: "62f37def-1cd69"
expires: Sun, 16 Oct 2022 20:32:53 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 576168
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9xVNl%2BVl5BkdZBkcTFUCzydlBjNCo3QsVKKSWyEuxbLRT%2Bj0bIAGtLvbLdw03We2XMbL%2FTU%2B33EZ6AeO%2FdW1LaWyNL3kBj4G2UwViwPAeLJDCkiLE4S25MD%2BIGK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f352589c670b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
104.21.55.74200 OK 524 kB URL HTTP/2 nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 325 x 143\012- data
Size 524 kB (523775 bytes)
Hash 2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgoqd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Mon, 17 Oct 2022 14:16:06 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 512375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ok9M%2FlHlZfm1pWZFjIUDDqQfbvrMpJa4FlwcTdRh0IhMqxM6fv8xDpDL8EolhgKG7w7e%2BX6N%2F4n%2FpIlO0EUP0K%2FhgOcTYN5yMftEBashHoxBn1B1%2BgqRrhkqAPH%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f35258bc7f0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 040b1b19c3a0912e31a0eeb3b53747ec
64b676e9e3c3f4cd69f9b1375ba3866bed63cf0c
c7a20ebff7f1b1d369a6c78f23af0aff90170899f6804933a91e4d20d9d1cf9c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7A20EBFF7F1B1D369A6C78F23AF0AFF90170899F6804933A91E4D20D9D1CF9C"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2710
Expires: Fri, 23 Sep 2022 13:20:51 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 91e565ff3f27acb6edf643d9241743ff
6645389063e162b5ae37946b39fdeff6c7d87016
4ca4a382c6a1c5ea6db08f6391646e5cd7f2dda84460db9eff86e1b191059f52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f66688c296df9df3880ea9afd8c57f9c
22a7987865907b5a04287ec6c1c565c7cae78cd2
d7b15c25f8d530cb7c977111d0c6e8d314499a6964781e30f14ea55537795fde
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 04:29:51 GMT
Expires: Thu, 29 Sep 2022 04:29:50 GMT
Etag: "22a7987865907b5a04287ec6c1c565c7cae78cd2"
Cache-Control: max-age=488648,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f352591b530b06-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9a506f4a1b0541425a29e45e4668e3b6
ee8595ebac71cfad2e4cf94af250d6b29da3ad56
a51baccbd08fcd6694ed78efb5343de13cdab7683bd138f0cffd30d0cd546b83
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 14:36:06 GMT
Expires: Thu, 29 Sep 2022 14:36:05 GMT
Etag: "ee8595ebac71cfad2e4cf94af250d6b29da3ad56"
Cache-Control: max-age=525023,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f352592e620b51-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash df8a2599749dc6824c7be189785d0cfd
a68a0ce5e0b0faef37d76ca003767cc838beae53
19fd94ca5279f499c5789b8bd66a7f5a51221393945e9d773b5799ed320dd114
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 13:29:09 GMT
Expires: Thu, 29 Sep 2022 13:29:08 GMT
Etag: "a68a0ce5e0b0faef37d76ca003767cc838beae53"
Cache-Control: max-age=521006,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f352591efa0b59-OSL
kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 46f6a230c5367434e3f0cfad8156e2c6
b0d2314a737e081be9607a934b7f963259783993
cfbed59fa3ea8c32269a374adba283277b3657603c2062e61b3b62f25bc6411f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 17:45:33 GMT
Expires: Thu, 29 Sep 2022 17:45:32 GMT
Etag: "b0d2314a737e081be9607a934b7f963259783993"
Cache-Control: max-age=536390,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f3525918ed0afe-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 91f15f859632143930d9bfce660ed668
1db908939520a9e79b77ca5236a8ea3b1ffe1ddc
7075bd8904de886976359d2b3edddb2ee45bcdcb1f0073e5a9eb3f7e0af8e659
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 06:21:33 GMT
Expires: Thu, 29 Sep 2022 06:21:32 GMT
Etag: "1db908939520a9e79b77ca5236a8ea3b1ffe1ddc"
Cache-Control: max-age=495350,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f35259295cfac4-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 230e4b959db13554876e4feff605070c
714f71ae6d8cf918e7a13ba95c927c922a878c45
26e7dd19cc499ff3409a2683fb5be2c2c2cb65db642c7bab21acea159b32ccef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (amb/6B8B)
Content-Length: 279
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.189.203200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.189.203:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgoqd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 12 Oct 2022 23:28:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 911254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t048sS1qOR81Mr7M7vgfM3LWXgW0C91SdqZYUh1zN8Nrve35%2BDfXEeJ%2FHcs8v%2FEQT6I5RXqPEkSdfvi6VNoVKXvHXOqVPADZfWTWPTDIwHIDYaOBPpZ%2FMn%2F8xez5%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3525a9d041bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 230e4b959db13554876e4feff605070c
714f71ae6d8cf918e7a13ba95c927c922a878c45
26e7dd19cc499ff3409a2683fb5be2c2c2cb65db642c7bab21acea159b32ccef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:35:41 GMT
Last-Modified: Fri, 23 Sep 2022 12:35:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 5ecd12b9158047a9212a4606958326aa
c99d225300b7d46cad7084c98ab388357b20b3f0
9ac295950e19c0b38879baf7d788ced5c7c0faa8689dacc50c52ab671241bb53
GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 12:35:41 GMT
Etag: 6564c06928047189be6c3ed55ce22025
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=35FC4ADADE210A8A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b0ffc38e348df59b2605859cb7943760
4dfa43fa260e630388fb6721f550c32bb670e411
4c240280aa947b8e90a56c013efa4ce4b9f866ecf9d174ee22cbe7a2eb30cfce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4C240280AA947B8E90A56C013EFA4CE4B9F866ECF9D174EE22CBE7A2EB30CFCE"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Fri, 23 Sep 2022 18:35:12 GMT
Date: Fri, 23 Sep 2022 12:35:41 GMT
Connection: keep-alive
kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
104.21.43.117200 OK 832 kB URL HTTP/2 kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 104.21.43.117:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 832 kB (832544 bytes)
Hash 8a1b22cb6be2662f8c75ace7480ea0e6
380d85b1d74b702a780ee04965fdb9908ab73171
928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kvkjjj.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgoqd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:41 GMT
content-type: image/gif
content-length: 832544
last-modified: Thu, 30 Jun 2022 12:03:43 GMT
etag: "62bd911f-cb420"
expires: Thu, 13 Oct 2022 13:10:08 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 861933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEIRvsi3qlVCZ%2Fdv%2F%2FQj78rYwV7%2F6IgmKm9nS3LE%2F6rPZ28zRQgpBeQhgRN0OeTh77nxPc3GH31N6MNVLhcMbBL8Q1FPBsv4AaBmKrKKJ5uTAz1myU91BnezsoWI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3525b4b3bb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash edb7d6f8164fd6120975f426099eaf8f
1115ae46979c5d63cd27a65edd54e6d2645c6223
f4a81c98907f95fcc5aad6001d0e2441d3a3381aeb2f3e93ee8847a7ab582086
GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 12:35:41 GMT
Etag: 461073e6a67e33b40bee2bf53613b5c2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2F010E3DA4310127; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b82c85afa3b71ee954a00418aa0775f
7517547265777877baf26a067b433a09f058fad1
f96ddfe4080870bacedf91913849cd4d077ec08920040515c10aa1aefe191869
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F96DDFE4080870BACEDF91913849CD4D077EC08920040515C10AA1AEFE191869"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10401
Expires: Fri, 23 Sep 2022 15:29:03 GMT
Date: Fri, 23 Sep 2022 12:35:42 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b0ffc38e348df59b2605859cb7943760
4dfa43fa260e630388fb6721f550c32bb670e411
4c240280aa947b8e90a56c013efa4ce4b9f866ecf9d174ee22cbe7a2eb30cfce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4C240280AA947B8E90A56C013EFA4CE4B9F866ECF9D174EE22CBE7A2EB30CFCE"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Fri, 23 Sep 2022 18:35:12 GMT
Date: Fri, 23 Sep 2022 12:35:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd4dbac32f5b842bfe5016c34a1752bd
30912c74c64f8c18f9b9ba83fb8d048ba722457b
e2ae407b1fd047973e8825f0425e366ff840b9bcbb537f2153e41164455e9390
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2AE407B1FD047973E8825F0425E366FF840B9BCBB537F2153E41164455E9390"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10392
Expires: Fri, 23 Sep 2022 15:28:54 GMT
Date: Fri, 23 Sep 2022 12:35:42 GMT
Connection: keep-alive
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 02ed64213b805609d7f1e53b87d849cc
4bd3973d2e7a67b356a76b5096f1995a07afaee1
177a91a4fbeabbbd2ead396d5714fa9e35e14a6b6952f2f06101fadddb527b44
GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 12:35:41 GMT
Etag: 9933cb3c1397fc422fed5f3692a52e78
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6451D60BB6D284DF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ece6e8cdda0e7ee6158446e2be23a7b1
4fd32cbd1885c0b17a5009597d24d47072286ebe
42b3e62921601bc66d4c882d24299ca17cee57a565176fcadef3e17de866bb8b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 03:45:38 GMT
Expires: Tue, 27 Sep 2022 03:45:37 GMT
Etag: "4fd32cbd1885c0b17a5009597d24d47072286ebe"
Cache-Control: max-age=313194,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f3525b487a0b51-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1e9354343b44cf392d15ac8e66e0822f
14e06a0fe5172d5d59c577f9e0fc8251c5e71bba
e5a36cc97f63301b87ca9d1751ae5aa435a0440f75737c4813b746a0e1891f2a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 07:10:49 GMT
Expires: Fri, 30 Sep 2022 07:10:48 GMT
Etag: "14e06a0fe5172d5d59c577f9e0fc8251c5e71bba"
Cache-Control: max-age=584705,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f3525c6f1b0b06-OSL
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 521b8b115c445d905a5811e035679efe
8f70cad0e3525061fac734defe87e69bdb0cbc7a
72617930d264d44a3021e27b3c24aa20bdeed9fd7ed4b179b92feacc8d5e347b
GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 12:35:41 GMT
Etag: f1f4b904cd3128110ce25fa166eacbed
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CC782644CEA7F015; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 990207a2a74913a4a8912667944390bb
ccc7cba51cf399aea0418ea516980d8da24fa5ae
bf62469762d3736c16794423b31553b035c2eda75ca83b27c1cb24387dba36d6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 17:53:28 GMT
Expires: Tue, 27 Sep 2022 17:53:27 GMT
Etag: "ccc7cba51cf399aea0418ea516980d8da24fa5ae"
Cache-Control: max-age=364064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f3525bd9560b59-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1584954804&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1584954804&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1584954804&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:35:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=81032756A0034E3B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 114f053d3657b8e12c995ae31dcb6c26
9978f1ae0d812bb39a7185c6aa1bca94a0613541
b197f7ba017a1932826cdb246db0050e6493083aa5d0cde43978ac39db673c3e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:28:42 GMT
ETag: "9978f1ae0d812bb39a7185c6aa1bca94a0613541"
Last-Modified: Fri, 23 Sep 2022 09:28:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3047
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f3525e0a19b515-OSL
pg.doitalie.com/news/index.php
20.205.43.35200 OK 296 B URL HTTP/2 pg.doitalie.com/news/index.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 7e269c0e830b688a0982fae62f340ccc
1e56de5ea2b016681e1c423eb0b1e8df8e1ee76c
7c003dffe544fc3e2f69ec57c0f68585f6160b4b4fd2ddd62891379e7a1488e6
GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tabayyunnews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 23 Sep 2022 12:35:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d0ac6cfcb57ff990af16851a3431d383
cfa33aa44b8d8315521600b781f4906945ba1abc
b5fab16ec197e1305050e4090758eb8b94917c4778b4ff544d3a164c9f7598bc
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:35:42 GMT
Ali-Swift-Global-Savetime: 1663936542
Via: cache8.l2de2[272,272,200-0,M], cache8.l2de2[273,0], cache1.se1[296,296,200-0,M], cache1.se1[297,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 23 Sep 2022 12:35:42 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516639365421301354e
taiwtp1.com/img/960120.gif
220.128.218.220200 OK 121 kB URL HTTP/2 taiwtp1.com/img/960120.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 120\012- data
Size 121 kB (120952 bytes)
Hash 8b1ce22d19b73e71ec05f04491df7cae
101ed504920b13424231d6fb3540fb7dfdba69e3
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
GET /img/960120.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:33:57 GMT
content-type: image/gif
content-length: 120952
last-modified: Thu, 10 Mar 2022 10:55:56 GMT
etag: "6229d93c-1d878"
expires: Sun, 23 Oct 2022 12:33:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1036497530&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1036497530&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1036497530&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:35:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9240DE0B96D6DA46; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
45.61.212.145200 OK 32 kB URL HTTP/2 vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
IP 45.61.212.145:0
File type GIF image data, version 89a, 320 x 240\012- data
Hash 8e006882641a7a80a721cc7067dcf340
f45892ae4a2e8fccd1aa806c478c8311e9b13bf1
c031c60fa1e0afe9efaa02b19c928f634aaa26a52363b1ba5da0d1c23b4f23ae
GET /7f743b72ee5144caa28f7e1d8a8b2ab9.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456dc-7be1"
server: nginx
date: Fri, 16 Sep 2022 14:52:53 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:58:36 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-15
content-length: 31713
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0wut3IuOIN0
163.171.140.79200 OK 51 kB URL HTTP/2 si1.go2yd.com/get-image/0wut3IuOIN0
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7a02a69b00eebfc2977f6d8417cf8141
2203e026eacda489b6e3aa673d5c14bb1526a6dd
e994a6c450acbc20fdca555a5a30d15af3af102f608bbd8a6a5bd295a1ee41ac
GET /get-image/0wut3IuOIN0 HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:42 GMT
content-type: image/gif
content-length: 50826
server: Tengine
x-application-context: application
x-kss-request-id: 385cb47819904891b6a20cdd2df33e9d
etag: "7a02a69b00eebfc2977f6d8417cf8141"
content-md5: egKmmwDuv8KXf22EF8+BQQ==
last-modified: Sun, 09 Jan 2022 13:06:09 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ks135:6 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:4 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:11 (Cdn Cache Server V2.0)
x-ws-request-id: 632da81e_PShlamstdAMS1se91_20548-24786
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=248542803&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=248542803&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=248542803&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:35:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4CEEF38580672CF9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
45.61.212.162200 OK 259 kB URL HTTP/2 vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
IP 45.61.212.162:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (259280 bytes)
Hash 53d090335e8e78b28c5a51a7bcd9f866
42c109960113d98371ae8b95c216ffd7ef1a2fcd
66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc
GET /6218a3c2db7446fb906b0de97f74ff22.gif HTTP/1.1
Host: vcwzfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456f4-3f4d0"
server: nginx
date: Fri, 16 Sep 2022 14:49:42 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:59:00 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-02
content-length: 259280
X-Firefox-Spdy: h2
65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
103.170.15.110200 OK 580 kB URL HTTP/1.1 65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
IP 103.170.15.110:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
Analyzer Verdict Alert quad9 Sinkholed
GET /53218c3090e04eccae534334cb03ed4a.gif HTTP/1.1
Host: 65686232255.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630cc146-8dadb"
Date: Thu, 01 Sep 2022 12:13:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 29 Aug 2022 13:38:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 580315
89958716765.com/14112a98f9104043bc1d7e2e4ec39ac2.gif
103.170.15.79200 OK 584 kB URL HTTP/1.1 89958716765.com/14112a98f9104043bc1d7e2e4ec39ac2.gif
IP 103.170.15.79:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
Analyzer Verdict Alert quad9 Sinkholed
GET /14112a98f9104043bc1d7e2e4ec39ac2.gif HTTP/1.1
Host: 89958716765.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630b2c84-8e959"
Date: Fri, 23 Sep 2022 07:45:00 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 28 Aug 2022 08:51:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-09
Content-Length: 584025
93533557591.com/109e604a3c6249d594c56004b700f28c.gif
45.61.212.225200 OK 720 kB URL HTTP/1.1 93533557591.com/109e604a3c6249d594c56004b700f28c.gif
IP 45.61.212.225:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 720 kB (719745 bytes)
Hash a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
Analyzer Verdict Alert quad9 Sinkholed
GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Sun, 11 Sep 2022 07:55:42 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-25
Content-Length: 719745
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:33:57 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sun, 23 Oct 2022 12:33:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
20.239.174.73200 OK 37 kB URL HTTP/1.1 33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
IP 20.239.174.73:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7ded2042a95c6c192a2c06e07075236e
1fc93212b6c5296bb2e0b403884c9b37e93c27a6
8095fedc5bd55fab27f9e37eed655234aab58b2925ea2494b04dcf5ae089f699
GET /83ba7e533208445fa097e17c23a48e1c.gif HTTP/1.1
Host: 33869213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Jul 2022 07:53:43 GMT
ETag: W/"62dcfa87-b269"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
20.247.82.45200 OK 37 kB URL HTTP/1.1 u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
IP 20.247.82.45:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 320 x 240\012- data
Hash 910f18fdc66120d774b5e52a309b0cfd
cf303808e3664ff87c387824d6f32df1df8af56c
01c54f3caed68e21a22c348b63a3e13e26a36ae0625f12d30d704f6d5d49db41
GET /ee2552e0433e4f19ab771ef923ba5299.gif HTTP/1.1
Host: u0053.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:35:42 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:58 GMT
ETag: W/"629365a2-92cd"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=358998545&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=358998545&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=358998545&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=2891&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgoqd.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:35:42 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5541B2C197677DD1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
n6579.com/b8ca9e8def054d5284828d03b701ef43.gif
45.61.212.123200 OK 654 kB URL HTTP/1.1 n6579.com/b8ca9e8def054d5284828d03b701ef43.gif
IP 45.61.212.123:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
Analyzer Verdict Alert quad9 Sinkholed
GET /b8ca9e8def054d5284828d03b701ef43.gif HTTP/1.1
Host: n6579.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62d16582-9f991"
Date: Mon, 19 Sep 2022 00:44:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 15 Jul 2022 13:02:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-23
Content-Length: 653713
unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
103.170.15.75200 OK 112 kB URL HTTP/1.1 unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
IP 103.170.15.75:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 112 kB (112447 bytes)
Hash 41a695940d0c5bd9d1f0ad33ab681ccf
f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6
GET /1000c6da2a3c4746b97daa78f8f1b65f.gif HTTP/1.1
Host: unpfqc9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62935fa0-1b73f"
Date: Sat, 17 Sep 2022 07:55:01 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 29 May 2022 11:57:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 112447
6655cy.com/cdn/ashkad.gif
154.39.67.144200 OK 311 kB URL HTTP/2 6655cy.com/cdn/ashkad.gif
IP 154.39.67.144:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 311 kB (311408 bytes)
Hash 99ed707e8993e93bff73dbb369e89b3e
21d1ef9c09316253b35c31df246c4cef8766df62
99d1c91a54ee659b7055b38390708fb6405f9b8e8f4d70a20616ced03adbfb62
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgoqd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:35:42 GMT
content-type: image/gif
content-length: 311408
last-modified: Mon, 15 Aug 2022 08:53:58 GMT
etag: "62fa09a6-4c070"
expires: Sat, 22 Oct 2022 14:26:26 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pgoqd.xyz/
173.231.17.179200 OK 0 B IP 173.231.17.179:0
GET / HTTP/1.1
Host: www.pgoqd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:35:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2