Report - www.podcastingmastery.com/

Report Overview

Submitted URL
www.podcastingmastery.com/
IP
23.110.24.220
ASN
#395954 LEASEWEB-USA-LAX-11
Submitted
2022-09-06 19:47:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	5.1 kB	23.36.77.32
acoossi.top	489936	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	1.0 MB	104.21.234.200
kveww.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	422 B	64.32.13.142
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	336 B	1.2 kB	172.64.155.188
cdn.jsjsjs.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	407 kB	104.21.63.42
fmlb.netlbtu.com	187701	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	395 kB	104.21.235.174
89958716765.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	584 kB	45.61.212.48
n0355.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	62 kB	20.24.204.162
img12.360buyimg.com	40786	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	436 B	662 B	163.171.140.79
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	29 kB	34.120.237.76
kvtaaa.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	197 kB	172.67.173.230
cdn.staticfile.org	46426	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	81 kB	47.246.44.211
kvhdd.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	776 B	844 B	78.46.107.74
6655cy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	312 kB	154.39.66.223
93533557591.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	720 kB	103.170.15.87
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	73 kB	103.235.46.191
ocsp.digicert.cn	37572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	47.246.44.205
kvezz.com	237784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	423 B	104.143.94.110
kvhiii.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	903 kB	104.21.234.202
unpfqc9.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	113 kB	45.61.212.53
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.9 kB	13 kB	23.36.76.226
u0071.com	870613	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	259 B	20.24.202.201
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	1.9 kB	104.18.21.226
si1.go2yd.com	325918	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	52 kB	163.171.140.79
acoossn.top	475526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	401 kB	172.67.213.234
33869213.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	37 kB	20.205.43.240
u0053.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	38 kB	20.24.204.250
www.podcastingmastery.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	4.4 kB	23.110.24.220
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.228.200
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	334 B	114 B	182.61.240.101
pg.doitalie.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	856 B	22 kB	20.205.43.35
65686232255.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	581 kB	103.170.15.113
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.8 kB	172.64.155.188
kvtlll.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	778 B	1.7 MB	104.21.68.21
ttsetupian.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	247 kB	172.67.200.154
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	283 B	750 B	182.61.240.101
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	1.9 kB	104.18.20.226
www.pgurg.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	1.6 MB	173.231.17.179
kvkjjj.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	833 kB	104.21.43.117
n6579.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	654 kB	103.170.15.93
kvkaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	844 B	64.32.13.142
kvemm.com	222018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	422 B	45.154.214.206
taiwtp1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	750 B	197 kB	220.128.218.220

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	kvtaaa.top	Sinkholed
2022-09-06	medium	65686232255.com	Sinkholed
2022-09-06	medium	89958716765.com	Sinkholed

JavaScript (25)

	URL	Size	First Seen	Last Seen
	www.podcastingmastery.com/	404 B	2023-03-07	2024-04-18
Pretty URL www.podcastingmastery.com/ IP 23.110.24.220 ASN #395954 LEASEWEB-USA-LAX-11 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 08:01:19 Times Seen2975 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.pgurg.xyz/template/pgysvip/js/jquery.config.js	5.2 kB	2023-03-07	2023-07-10
Pretty URL www.pgurg.xyz/template/pgysvip/js/jquery.config.js IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-07-10 06:46:32 Times Seen30 Hash 242f88320e2fab8358422f78a0ba3513 079ab5ea8453c12cd23d7893c2cf4f2bf3f973e5 3307ac2d9b16148f210070834055add1db4b8e0fd046fa3045ef1d9eee64cdd4 Loading...

	www.pgurg.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgurg.xyz/ IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash a6e45831c0e5008c704b8f06607d4693 22369aa571a9d1bbeb8bc6245b9a44f70a52c7a8 9f6afe3289f88072053e3911de6b95100b3e4b51470dfb073989034e7f2dd707 Loading...

	hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:34 Last Seen2023-03-07 13:14:34 Times Seen1 Hash 0b1d3cb0710604a99037a044dd0677de d716843c868d375104e1b6ff2febb6b326fbf970 52fd43fa553eee600d91be1500de5939b82270e3c52278f5e2bd2a42287533f2 Loading...

	www.podcastingmastery.com/tj.js	520 B	2023-03-07	2023-03-17
Pretty URL www.podcastingmastery.com/tj.js IP 23.110.24.220 ASN #395954 LEASEWEB-USA-LAX-11 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:37 Last Seen2023-03-17 12:27:01 Times Seen1 Hash 5a0bf013f68419e8fb3bf973ca947384 ac130e6e1a8a7bbeff767679dfbb6641daa6da66 f0f27be481ea2df77543a2dd3dc4d841ddbcc338e69a41a2ebf3429a33e362e2 Loading...

	www.podcastingmastery.com/common.js	3.1 kB	2023-03-07	2023-04-16
Pretty URL www.podcastingmastery.com/common.js IP 23.110.24.220 ASN #395954 LEASEWEB-USA-LAX-11 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-04-16 14:51:12 Times Seen7 Hash 33649c66b9a6a9b9891a3e24deec2e3f e3740e085b436cd76dd7fe301db043d236c9ede3 16dcb8ce59dfa9e474a91736c1d9ff7b4ee1830f165e517b3d5b4e110236d186 Loading...

	hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:34 Last Seen2023-03-07 13:14:34 Times Seen1 Hash 776f510d76bb17773f19482d7b02846a 67d3de29f2bee1b4bbb003d6d8adc2fadac5d532 6ead9c046f0c7f479dcc15e2aabfa22538e0543358ca48440088e63aaf83041f Loading...

	www.pgurg.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgurg.xyz/ IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 28c1ae84e70f33425fd999c791ee3dbf 2dec8b0a53819d07f33169d7cc52870499686150 d57c7ad00a438cf92657799ee14adc23a172f9ae57e897dd08aaa278fdd9f5c9 Loading...

	www.pgurg.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgurg.xyz/ IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 6c6c25f97b8fb687803d97c0e38848bc e2b22fee96d32254461606df4b3141f5111401c0 e502f6b7667b4baaf00ea8661e9542ab781f926ad85e56b9dfa6b280a3b5eeda Loading...

	cdn.staticfile.org/jquery/1.9.1/jquery.js	268 kB	2023-03-07	2024-04-25
Pretty URL cdn.staticfile.org/jquery/1.9.1/jquery.js IP 47.246.44.211 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:57 Last Seen2024-04-25 01:34:41 Times Seen43952 Hash 08c235d357750c657ac1db7d1cf656a9 9257afd2d46c3a189ec0d40a45722701d47e9ca5 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40 Loading...

	hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:34 Last Seen2023-03-07 13:14:34 Times Seen1 Hash dc91e9c0bd6978130fbd6e1c31a81e24 8868c460158953e8e9d4d884f1d53259ffa10598 d91b0b70b50bd9f809b46a709d25e86a6db906a893f042787ae596e43e8adc87 Loading...

	hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:34 Last Seen2023-03-07 13:14:34 Times Seen1 Hash 1f0c3ef64c8273d0fc29fbb25abbd7b6 92cc6adb5d24bab785e456866da6dc09cd44d5fd 1923028a49247a97940e00725e9d9f39789897bb22136b2aae5cd523aa2bd0b7 Loading...

	hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:34 Last Seen2023-03-07 13:14:34 Times Seen1 Hash 55682d956d6337de7f62731d95705f3b 878a8afe7aba200f2d98b8d3ba7f75d338471b2c 1b9409341b4c5e3330caa5d4bb9f28260718cc15c6aa70f02e9dfce81a7af6f9 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-25
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.240.101 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 00:31:34 Times Seen18991 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	pg.doitalie.com/news/data.php	252 B	2023-03-07	2023-03-17
Pretty URL pg.doitalie.com/news/data.php IP 20.205.43.35 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-17 12:53:52 Times Seen1 Hash faa247ab08080772d9fed136797c27ab fd0a6cbaea67dda52fb52a70ea779c348cdf54a1 4f50ebc57dabbdba2ed01b130f493c15abb166dde5bc586cb34a2a63e203f955 Loading...

	hm.baidu.com/hm.js?5dea641190925d907fe7444acb87cace	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?5dea641190925d907fe7444acb87cace IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:34 Last Seen2023-03-07 13:14:34 Times Seen1 Hash e572c755dc0f4890063cb4d954d050cf d199c34d7e31b2d4b36deacfeef88b23e3161ce5 a59b489cbe02c8fc2dd01d82f4429dd74072387ecf9ebc6fc4476121208a2794 Loading...

	www.pgurg.xyz/template/pgysvip/html9/ad/zxf88.js	614 B	2023-03-07	2023-03-17
Pretty URL www.pgurg.xyz/template/pgysvip/html9/ad/zxf88.js IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-17 12:53:52 Times Seen1 Hash 5544a44cad5faf09138fde07c5d2ff1a b435357e5621bc4c023c289943638f84c560f644 e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8 Loading...

	www.pgurg.xyz/	254 B	2023-03-07	2023-03-26
Pretty URL www.pgurg.xyz/ IP 173.231.17.179 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-26 04:56:06 Times Seen3 Hash 7b57b693d764afd14b850e634ceb4dc5 1babd76f0725a7d134c882ed8a8b9aa2f7d91455 438193789ec9443d24e904f4032802401361c5aee6e8537afc301a4af5cff5af Loading...

		Size	First Seen	Last Seen
	#1 Write - 59cf81439a8bf9b569e5577fe5aa0de8	77 B	2023-03-07	2024-04-03
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-03 10:05:58 Times Seen1648 Hash 59cf81439a8bf9b569e5577fe5aa0de8 7310f3ea09ddff6601e9da7bf0665b0edd6d1435 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4 Loading...

	#2 Write - 541fdbf27fee487a6a7abc7bea135420	87 B	2023-03-07	2024-04-03
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-03 10:05:58 Times Seen1031 Hash 541fdbf27fee487a6a7abc7bea135420 25b31600313f8e557d0c9c863dc9bdec7cf69ff8 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9 Loading...

	#3 Write - 47f289a5cafd63d486ff2559f067731b	182 B	2023-03-07	2023-04-16
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2023-04-16 14:51:12 Times Seen5 Hash 47f289a5cafd63d486ff2559f067731b 0660b615f9c2ef7f49bc0702530e99fc825b5b10 d11ba4e523ac4988ae751c55dd6429af48a06e3cf158a7f5a4115a3676778a14 Loading...

	#4 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-24 22:48:41 Times Seen11438 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#5 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-19 06:49:25 Times Seen3761 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#6 Write - f354e4723d6f8a8c55507076f1ede231	318 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2023-03-17 12:53:52 Times Seen1 Hash f354e4723d6f8a8c55507076f1ede231 0c65fe89c03b5054ef4b052d320b3bb1b2f0298f 7e04099921ecc9c0597e2fba4001c974fe4dd405733b40ab6a5a85397d4fd2be Loading...

	#7 Write - 78ac2aa5ccc29c90a345c90aab40b442	103 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-19 17:37:58 Times Seen2026 Hash 78ac2aa5ccc29c90a345c90aab40b442 cac604932faa4add2955602b41de8a8bff362ebd 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e Loading...

HTTP Transactions (141)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 19:04:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1dUwIcOnR25K9jj9qEyAQGngaUF1lr9KOUWXhNuHiWZLomA77XcxiQ==
Age: 2560

www.podcastingmastery.com/

23.110.24.220

200 OK

791 B

URL HTTP/1.1
www.podcastingmastery.com/
IP
23.110.24.220:0
ASN
#395954 LEASEWEB-USA-LAX-11

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
791 B (791 bytes)
Hash
0d111d60dff90fdf32a2d08b0189f186
ea869b7b5215568eb3841784cff3bffc1b50907d
2d8242e71ef4845675f72b214dcd6b2af6d3da3e5ed139890f86a67a75afd9ab

HTTP Headers

GET / HTTP/1.1
Host: www.podcastingmastery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:47:02 GMT
Content-Type: text/html
Content-Length: 791
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8155
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 19:47:02 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pCS8M5V0D57eGux1wQ1lbnwkGbj_wyGF9ygOg9GVfSjyLvMbP6a2GQ==
age: 66705
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.podcastingmastery.com/common.js

23.110.24.220

200 OK

1.1 kB

URL HTTP/1.1
www.podcastingmastery.com/common.js
IP
23.110.24.220:0
ASN
#395954 LEASEWEB-USA-LAX-11

File type
HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Size
1.1 kB (1093 bytes)
Hash
b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e

HTTP Headers

GET /common.js HTTP/1.1
Host: www.podcastingmastery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.podcastingmastery.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:47:02 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.podcastingmastery.com/tj.js

23.110.24.220

200 OK

520 B

URL HTTP/1.1
www.podcastingmastery.com/tj.js
IP
23.110.24.220:0
ASN
#395954 LEASEWEB-USA-LAX-11

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
5a0bf013f68419e8fb3bf973ca947384
ac130e6e1a8a7bbeff767679dfbb6641daa6da66
f0f27be481ea2df77543a2dd3dc4d841ddbcc338e69a41a2ebf3429a33e362e2

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.podcastingmastery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.podcastingmastery.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:47:02 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 19:38:19 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 19:42:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WX78bJ0h8Mn3A7cVXV5H1LF5SIZvWoj3vksjVWmBLlkWHBY9blzSRA==
Age: 525

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3688
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:47:03 GMT
Last-Modified: Tue, 06 Sep 2022 18:45:35 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

www.podcastingmastery.com/favicon.ico

23.110.24.220

200 OK

1.2 kB

URL HTTP/1.1
www.podcastingmastery.com/favicon.ico
IP
23.110.24.220:0
ASN
#395954 LEASEWEB-USA-LAX-11

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.podcastingmastery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.podcastingmastery.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:47:03 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 11 Sep 2022 19:47:03 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
b0957900581b3b61dd1fd34460f88246
f762a8b59476cfcc3213e470dbda0fb068570122
a1418031073a817cbd12eb1b7e80c164b340c2e8ee98e511fd7d8d47a079311d

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:03 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 15:46:15 GMT
Expires: Sun, 11 Sep 2022 15:46:14 GMT
Etag: "f762a8b59476cfcc3213e470dbda0fb068570122"
Cache-Control: max-age=416950,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469b6db09c3b4eb-OSL

push.services.mozilla.com/

54.148.228.200

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.228.200:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A7qN1L1nXcW+ETb+qfjaRQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: myUw0evX8cnoOaoB3tRFSMN6n5g=

push.zhanzhang.baidu.com/push.js

182.61.240.101

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.240.101:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.podcastingmastery.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 06 Sep 2022 19:47:04 GMT
Etag: "4078521116"
Expires: Wed, 06 Sep 2023 19:47:04 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CF61C0188F58BBF2D3F791F7A8929EDE:FG=1; max-age=31536000; expires=Wed, 06-Sep-23 19:47:04 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

api.share.baidu.com/s.gif?l=http://www.podcastingmastery.com/

182.61.240.101

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.podcastingmastery.com/
IP
182.61.240.101:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.podcastingmastery.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.podcastingmastery.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 06 Sep 2022 19:47:04 GMT

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
66d84ec8e2e1563b40e738c833b736b6
ad4fdccf8745c2c2e5e3a88334ba7e43133c348d
8290daa6c405c3ef10d8168fe229ad8a5179434714e6224e6685132a21ad366f

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Sep 2022 17:25:33 GMT
ETag: "ad4fdccf8745c2c2e5e3a88334ba7e43133c348d"
Last-Modified: Tue, 06 Sep 2022 17:25:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1364
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7469b6e0ac2e0b02-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9438
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:47:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9438
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:47:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9438
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:47:04 GMT
Connection: keep-alive

pg.doitalie.com/news/data.php

20.205.43.35

200 OK

13 kB

URL HTTP/2
pg.doitalie.com/news/data.php
IP
20.205.43.35:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
13 kB (12869 bytes)
Hash
406b6edd1ed2058ebc7f8a7583cd5f8c
a6b32c1f17826798acfef835055328861f800ab3
6c473b054c959a8b8852fcaf97ec3ea064c4f2f115609e3c97b8142823d9a8d0

HTTP Headers

GET /news/data.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Tue, 06 Sep 2022 19:47:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4426 bytes)
Hash
c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 40318
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6656 bytes)
Hash
983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 79351
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5775 bytes)
Hash
1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 78424
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7855 bytes)
Hash
8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 78590
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pg.doitalie.com/news/index.php

20.205.43.35

200 OK

8.2 kB

URL HTTP/2
pg.doitalie.com/news/index.php
IP
20.205.43.35:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
8.2 kB (8182 bytes)
Hash
8e35f2ac052fbfdf3fd6a1083e28b983
c22604b855a5f9ee610a606874549d6ad2f7500e
5f236908b31e5d9e07e00d1873ecd5133ae1e9eef60c6822742acc69c1e19a27

HTTP Headers

GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.podcastingmastery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.21.6
date: Tue, 06 Sep 2022 19:47:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3e0cdaaf822f6e020519ccc67c3b3c2a
af136fe57930077bacbb17b518a6abf09ecace32
6cba7b311572a51c5e7cf8ab45ebef35660e8834b7692b7eec0c2f4c61d8eeec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CBA7B311572A51C5E7CF8AB45EBEF35660E8834B7692B7EEC0C2F4C61D8EEEC"
Last-Modified: Tue, 06 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=960
Expires: Tue, 06 Sep 2022 20:03:05 GMT
Date: Tue, 06 Sep 2022 19:47:05 GMT
Connection: keep-alive

hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (625)
Size
11 kB (11338 bytes)
Hash
2bf541bbcdf129c55ac02b0119390d1a
6fbdbddf7f032c22e49671341a852f8e3360f2fc
bb13d15f0529061ace069a114dc8293ad247ae7e8722d3c3b32bd06eb350e0c5

HTTP Headers

GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.podcastingmastery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Tue, 06 Sep 2022 19:47:05 GMT
Etag: 32ddf71ed3ddb0ac07bdd22c8b176110
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1D93DEACFBAD287F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?5dea641190925d907fe7444acb87cace

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?5dea641190925d907fe7444acb87cace
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (627)
Size
11 kB (11340 bytes)
Hash
779acf03e6264addc6365e40d72eebd6
cd6f691ece1c76658f4353af1c8069a9638a4509
74808cb997aa3a899069bb2eec310557455fca040b18f5d4337ce97f9ea8478c

HTTP Headers

GET /hm.js?5dea641190925d907fe7444acb87cace HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.podcastingmastery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Tue, 06 Sep 2022 19:47:04 GMT
Etag: 5498d8fd9e002375d387ca4632e86c2e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5110D9979ECD283C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

www.pgurg.xyz/template/pgysvip/css/honglou.png

173.231.17.179

200 OK

19 kB

URL HTTP/2
www.pgurg.xyz/template/pgysvip/css/honglou.png
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Size
19 kB (19004 bytes)
Hash
d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e

HTTP Headers

GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:05 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Thu, 06 Oct 2022 19:47:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pgurg.xyz/template/pgysvip/images/1.gif

173.231.17.179

200 OK

254 B

URL HTTP/2
www.pgurg.xyz/template/pgysvip/images/1.gif
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:05 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Thu, 06 Oct 2022 19:47:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pgurg.xyz/template/pgysvip/html9/ad/zxf88.js

173.231.17.179

200 OK

614 B

URL HTTP/2
www.pgurg.xyz/template/pgysvip/html9/ad/zxf88.js
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
614 B (614 bytes)
Hash
5544a44cad5faf09138fde07c5d2ff1a
b435357e5621bc4c023c289943638f84c560f644
e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8

HTTP Headers

GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:05 GMT
content-type: application/javascript
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Wed, 07 Sep 2022 07:47:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=403718218&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=1740&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.podcastingmastery.com%2F&tt=%E5%BC%A0%E5%AE%B6%E7%95%8C%E8%8B%AB%E5%84%87%E5%BB%BA%E7%AD%91%E6%9D%90%E6%96%99%E9%9B%86%E5%9B%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=403718218&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=1740&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.podcastingmastery.com%2F&tt=%E5%BC%A0%E5%AE%B6%E7%95%8C%E8%8B%AB%E5%84%87%E5%BB%BA%E7%AD%91%E6%9D%90%E6%96%99%E9%9B%86%E5%9B%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=403718218&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=1740&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.podcastingmastery.com%2F&tt=%E5%BC%A0%E5%AE%B6%E7%95%8C%E8%8B%AB%E5%84%87%E5%BB%BA%E7%AD%91%E6%9D%90%E6%96%99%E9%9B%86%E5%9B%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.podcastingmastery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Sep 2022 19:47:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D7B4DF417F3B53F9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.pgurg.xyz/template/pgysvip/css/zui.css

173.231.17.179

200 OK

20 kB

URL HTTP/2
www.pgurg.xyz/template/pgysvip/css/zui.css
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
data
Size
20 kB (20174 bytes)
Hash
296ee7e98dbea3ee835087872c56214a
a3660500cf52d84fd2ca9be902c82c998b4f32dd
019107811ebe66b0ea6ca2954e652a7f0027734c088bebcfb3e8b29a4bd44a10

HTTP Headers

GET /template/pgysvip/css/zui.css HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:05 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 03:05:22 GMT
vary: Accept-Encoding
etag: W/"62621b72-16462"
expires: Wed, 07 Sep 2022 07:47:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.pgurg.xyz/template/pgysvip/css/ate.css

173.231.17.179

200 OK

6.1 kB

URL HTTP/2
www.pgurg.xyz/template/pgysvip/css/ate.css
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
data
Size
6.1 kB (6087 bytes)
Hash
beca8989e896df5b5ce608714e5de4ba
37d66974b708b308e1ebd51081412266dcd6e87f
146fb954a04ef6b7baf6af9aa720cf96d84993843e9a322336ecb5582857daad

HTTP Headers

GET /template/pgysvip/css/ate.css HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:05 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Wed, 07 Sep 2022 07:47:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif

172.67.173.230

200 OK

196 kB

URL HTTP/2
kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
IP
172.67.173.230:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
196 kB (196497 bytes)
Hash
d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Fri, 30 Sep 2022 14:11:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 538559
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgHViGiaulmZULjAvz73aeI2G%2B8Y9bWNY2xRq7KbP9hyRM7px9lGZp3Ql219zp0mHHqFvMAeRnzZcB%2Ba9ktg7NiP757EZxErm49cdo%2B%2BhzXGlUEdTmpdg%2BPuzAWJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6ee5e4e0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
0346759559c521503543757d7f3300a3
0fc4b00a894a30de5640f63d8323d8745bef61b0
8c360419c4a8347efc92fe987c1ea7e6c578ea26e94e79b9814cdb5c8430bac7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:47:06 GMT
Ali-Swift-Global-Savetime: 1662493626
Via: cache14.l2de2[188,188,200-0,M], cache14.l2de2[190,0], cache1.se1[212,211,200-0,M], cache1.se1[213,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 06 Sep 2022 19:47:06 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516624936264855171e

cdn.staticfile.org/jquery/1.9.1/jquery.js

47.246.44.211

200 OK

80 kB

URL HTTP/1.1
cdn.staticfile.org/jquery/1.9.1/jquery.js
IP
47.246.44.211:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
ASCII text
Size
80 kB (80123 bytes)
Hash
a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab

HTTP Headers

GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Tue, 06 Sep 2022 14:15:08 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: 4DgAAABSM6IHSxIX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1662473708
Via: cache15.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache7.se1[0,0,200-0,H], cache8.se1[1,0]
Content-Encoding: gzip
Age: 19918
X-Cache: HIT TCP_MEM_HIT dirn:11:44890952
X-Swift-SaveTime: Tue, 06 Sep 2022 14:29:30 GMT
X-Swift-CacheTime: 85538
Timing-Allow-Origin: *
EagleId: 2ff62c9c16624936267145671e

cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif

104.21.63.42

200 OK

406 kB

URL HTTP/2
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP
104.21.63.42:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
406 kB (406419 bytes)
Hash
91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507

HTTP Headers

GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Wed, 05 Oct 2022 01:58:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 150500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GboXy5%2FWyLb8VdVLEtqLdnkQ4i%2B1c3fqLYhpyNYft82IrVlmeoIJ3uS%2FMQi67lIIZHPO%2B7hel4iLXvbGX%2F88eY2Dpspiqpiw5Ev6m2%2FgAYwONc91Qo3m6Qe%2B5dZeHFWkvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6ef9b251c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-05/12/3enjz1axcwg12433enjz1axcwg371223.jpg

104.21.235.174

200 OK

15 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-05/12/3enjz1axcwg12433enjz1axcwg371223.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
15 kB (14773 bytes)
Hash
547150a3d5319cd8519119c619e2cdae
a9d000afba7c20cf35a720b9684860e95ef240f2
e3430498537854c7fb4f289a69951e0e33a4bf3d05f6e5d659973c5870a65723

HTTP Headers

GET /upload/vod/2022/09-05/12/3enjz1axcwg12433enjz1axcwg371223.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 14773
cf-bgj: h2pri
etag: "fac74410e2c0d81:0"
last-modified: Mon, 05 Sep 2022 04:43:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6992
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpJEdLNYrhrzJvtjVaLGlNikHZzNfXYQKLAZR%2F0jVE%2BcdFitpI9X33kOFN1GdlVG0wmMvrihZ5rfGyoM9bR3VqlvPxyxQDkKFSTpEDVnwI5rYUn3hxbUgf16TUf9kxdVcdwK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f00c82dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/ubjesfcob530354ubjesfcob53407786.jpg

104.21.235.174

200 OK

8.3 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/ubjesfcob530354ubjesfcob53407786.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.3 kB (8255 bytes)
Hash
cad0d6d1399a7ce458390612b7cd36e1
077f294848bcf3a3f188099057cd1c0477f63655
1dc0547fbc76cb5079d1c3b132c8d218a3c96ee2744716d01fe3db519e090eb5

HTTP Headers

GET /upload/vod/2019/11-08/03/ubjesfcob530354ubjesfcob53407786.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8255
cf-bgj: h2pri
etag: "d730a531a595d51:0"
last-modified: Thu, 07 Nov 2019 19:54:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FogdoKkl7drchCpjItztGulaiH5FmCPNCa3aSxZK9s2vKp32KPjy2BEe4pBpRMrBe8Ef%2Bu%2F4xrEkG1oHLRjKCOp6Ir1LBFA0vrxtr8AmyLH4ANzdrysS3YslCuq%2Fd91iuO10"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f00c8add80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c2f24ab89c24f9249296950d18defcf1
abb7192f88a20112393d304bff6b4d13f4bdea4c
38dea82cab192640a86a6f220435cfa39c05747636d1398fb5cac66264566ce4

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "38DEA82CAB192640A86A6F220435CFA39C05747636D1398FB5CAC66264566CE4"
Last-Modified: Tue, 06 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1013
Expires: Tue, 06 Sep 2022 20:03:59 GMT
Date: Tue, 06 Sep 2022 19:47:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d60cc419f1a096cf8d03e281744f7f59
490402291a49a6b568d6eb14fd1da09a807ac182
f5d5f41b3ba87af15ce929c2c1747b3359658ea0b138f7d2253ed0b6b082e526

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5D5F41B3BA87AF15CE929C2C1747B3359658EA0B138F7D2253ED0B6B082E526"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14032
Expires: Tue, 06 Sep 2022 23:40:58 GMT
Date: Tue, 06 Sep 2022 19:47:06 GMT
Connection: keep-alive

fmlb.netlbtu.com/upload/vod/2020/02-27/19/k4uxiqelja41941k4uxiqelja4112761.jpg

104.21.235.174

200 OK

8.7 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/02-27/19/k4uxiqelja41941k4uxiqelja4112761.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.7 kB (8653 bytes)
Hash
c3d456a58918067b1b04eaba890eb8ab
d41aad32ce81be72e4bf8ee14ce3a351b527f90f
264562b5881c9de089d09840858656369a46c6283bb65f134ae55a96bb7a6c9b

HTTP Headers

GET /upload/vod/2020/02-27/19/k4uxiqelja41941k4uxiqelja4112761.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8653
cf-bgj: h2pri
etag: "d6c04ccf62edd51:0"
last-modified: Thu, 27 Feb 2020 11:41:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfvd%2FPoWMbygHmRgbIya5pNL%2B%2BieuFnpHPCQNtaHx5h2hkqcZa6xKYOLfdfyb2cHkOTKc7BEIFpG6wgWWZJ5yiJ9jgC9ty%2Fu%2FWgqInWXS0mJpRz6lhCPczftuRgH8NtVK4%2Bt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cc4dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-06/13/2ueqfiwzplm13392ueqfiwzplm591365.jpg

104.21.235.174

200 OK

9.3 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-06/13/2ueqfiwzplm13392ueqfiwzplm591365.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size
9.3 kB (9255 bytes)
Hash
344ed2ec9b5f2a27b57a68d3bf03f41c
f92e2f687f0c5851197a80150c0febf2e235e74d
6f2191d720658c7180008d49d646dd192356ae72f0bf1ad0bf7b76ed83d111dd

HTTP Headers

GET /upload/vod/2022/09-06/13/2ueqfiwzplm13392ueqfiwzplm591365.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 9255
cf-bgj: h2pri
etag: "992da21ab3c1d81:0"
last-modified: Tue, 06 Sep 2022 05:39:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1657
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5eUI5NiqpK1iC%2FBKTnHQ7lCXibuRpMv0aly4oZzEPth1uSD3Ecu3Y2l4nToO6Gz1AH8%2BxZ1TTM8JcJmqkz6PhweLQDJkgKch8ZpmBTL7xLJw%2F7RakbuCkU0DYvN2SDBMzk8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f01c9edd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d60cc419f1a096cf8d03e281744f7f59
490402291a49a6b568d6eb14fd1da09a807ac182
f5d5f41b3ba87af15ce929c2c1747b3359658ea0b138f7d2253ed0b6b082e526

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5D5F41B3BA87AF15CE929C2C1747B3359658EA0B138F7D2253ED0B6B082E526"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4262
Expires: Tue, 06 Sep 2022 20:58:08 GMT
Date: Tue, 06 Sep 2022 19:47:06 GMT
Connection: keep-alive

fmlb.netlbtu.com/upload/vod/2020/02-27/19/2rvjmp5bj1d19412rvjmp5bj1d292763.jpg

104.21.235.174

200 OK

13 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/02-27/19/2rvjmp5bj1d19412rvjmp5bj1d292763.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
13 kB (13198 bytes)
Hash
2bf65def29403655980b538bf770044e
7686935a8ce0fc910d549510b3177c5068a1673d
587e3ed3d894140b05a5b34954a43cbf210c6ebde885555ba89f26b9b050ae14

HTTP Headers

GET /upload/vod/2020/02-27/19/2rvjmp5bj1d19412rvjmp5bj1d292763.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 13198
cf-bgj: h2pri
etag: "c7cdf5d962edd51:0"
last-modified: Thu, 27 Feb 2020 11:41:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQ6P59%2BiviXh8iE05tP8rP4wsy85I0f0F7qyEO%2B9%2FkToSnE42%2BcvI4pJB%2Bk3CbujDiqQaoIvUeLVQlPeZr2ptjuF8Qn6laOBWTURvlcZYD3TfUd%2BaABqk%2BEVzAuiknrlvbkU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cc6dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/degvhebxo1c0334degvhebxo1c215809.jpg

104.21.235.174

200 OK

6.5 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/degvhebxo1c0334degvhebxo1c215809.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.5 kB (6479 bytes)
Hash
cd6bea072fc414b0ecbc9d95cce4d97c
5d6b249869588591b1efdb5a6903a1fe01aa4a98
89f1687d746891ff5e77007c3c2e29c1b8b843262b92a2f0c70e5ebd01b60dc7

HTTP Headers

GET /upload/vod/2019/11-08/03/degvhebxo1c0334degvhebxo1c215809.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 6479
cf-bgj: h2pri
etag: "99f6a95aa295d51:0"
last-modified: Thu, 07 Nov 2019 19:34:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV5YSUSWrYsOUWtNU49er3rmS4GqWhLQNV99KIal9r9RHGvG7qOGmI1KMX8JO7DZ%2FssaIOq%2Bwc3Kksoe13wIxAdQVBjaWIPDL96fkgO8tGfdi88nKimvDGsJz7jmXOSoZTho"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02ccadd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/md14gem5ba00356md14gem5ba0107920.jpg

104.21.235.174

200 OK

6.0 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/md14gem5ba00356md14gem5ba0107920.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.0 kB (5955 bytes)
Hash
3467b5b964c1f9ef49191d2323647b17
72591591eae72640b7ece943d8cd15a3737edbc1
89849f8ba6597f80797d69e31b99472dd1ee39474c2175c762d55c0b07f56bd2

HTTP Headers

GET /upload/vod/2019/11-08/03/md14gem5ba00356md14gem5ba0107920.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 5955
cf-bgj: h2pri
etag: "bf101867a595d51:0"
last-modified: Thu, 07 Nov 2019 19:56:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qOsDK2JVB3J6YXQXO1Y1osOc%2FLaDflTefYxaAtfaQQRwyfn%2F84Vty3hSdaXB3ycTrLR4mU%2B8KVE2DBFnPkIlylkI27a9S%2BvbSwRg8%2B3uFL2HT%2Bg8EViDeN5dWJ%2Bm%2F%2BYfwAZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f00c9add80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/04-23/18/knykxtrndyp1806knykxtrndyp3211617.jpg

104.21.235.174

200 OK

11 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/knykxtrndyp1806knykxtrndyp3211617.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (10669 bytes)
Hash
038a26718c17e1d2d8e2ca27ee7783ae
d44208d64c66dcc49c3687cfe9627a1322f8db9b
816a19184a686dce5616be2d8dfbd11bbb7d0a8f586a4ef2f07a61cb780638fa

HTTP Headers

GET /upload/vod/2020/04-23/18/knykxtrndyp1806knykxtrndyp3211617.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 10669
cf-bgj: h2pri
etag: "df668add5619d61:0"
last-modified: Thu, 23 Apr 2020 10:06:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tBACUXcI0c635tcymeCx1AfPWu2lKRJ4B7NXbnpYM%2FbBq8WJ0rGyC0JsnR2acrXGH34L7a8EvBw2l48aqQhMBD9mad3IlQuw3L5ANrQWUxTvJ8B9%2B8zzPTzfPXuIbBfOLAd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cccdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/vik5fiin2gn0355vik5fiin2gn537891.jpg

104.21.235.174

200 OK

9.5 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/vik5fiin2gn0355vik5fiin2gn537891.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.5 kB (9524 bytes)
Hash
271d0c4d47124f417c627f99f58f76ce
d8f02fa275123581e717079c65da39b02be646dc
fbfc8cf570c4434339d3998c25e39aaa8ca513934db47c1d4ea019176a190e2a

HTTP Headers

GET /upload/vod/2019/11-08/03/vik5fiin2gn0355vik5fiin2gn537891.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 9524
cf-bgj: h2pri
etag: "56db85ca595d51:0"
last-modified: Thu, 07 Nov 2019 19:55:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvD%2FWBUycfGbAv69VG3OIgRDFAqUiYbbSXMn%2BjhhR724XrKCJu%2BYaHAUQlbSeaoe486VNWJNFO7Vk%2FyTxpRh1E%2Bc0v93DilDV6UJ64WDMni%2BI9ShIQ%2BNGrRz4ns1J2KYcMLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f00c97dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/1ryji0rbqqf03541ryji0rbqqf597812.jpg

104.21.235.174

200 OK

9.6 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/1ryji0rbqqf03541ryji0rbqqf597812.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.6 kB (9578 bytes)
Hash
1b2fd2424b438ef5ba577284cf695f47
98ec9ae07affee7fd91be991828f4cc6c10e5580
5c913f3b6dccd6ed5271b530f7e9d7599530d95da1d144a2d624d7f9e8b99a13

HTTP Headers

GET /upload/vod/2019/11-08/03/1ryji0rbqqf03541ryji0rbqqf597812.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 9578
cf-bgj: h2pri
etag: "2a86c13ca595d51:0"
last-modified: Thu, 07 Nov 2019 19:54:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6523
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4Svj25vcPKGddORTowrbQVAdOYQdJbxDxk1zNpcxWmPsMSqmgK5BHxUMFAU5u%2FmEwLRKIH7yoDMuav4l3II0ggTqw2oB02qIW4RT1x18fVegSo378CFo8pkZNHaWVlnDow8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f00c8edd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/eprd0132imx0355eprd0132imx327863.jpg

104.21.235.174

200 OK

8.4 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/eprd0132imx0355eprd0132imx327863.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.4 kB (8431 bytes)
Hash
7bf395335f69c34a050d2f80cd20a2a9
b7f88bf2faad0689e94ea762caefda8b0e087087
bf6b66d97b7471ce682f8dac30ebd5c573476d07e84d4b614f76c1ba83927866

HTTP Headers

GET /upload/vod/2019/11-08/03/eprd0132imx0355eprd0132imx327863.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8431
cf-bgj: h2pri
etag: "b9abed50a595d51:0"
last-modified: Thu, 07 Nov 2019 19:55:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HblymSBL6e62vRcdAmiMlMojjwIso59kA5q0ktqiMKzgE7i9RHguI1KCnlGn8e1zSkzmEAHZGEo1ykp8BFpu4pSg5brnqO0ma0Iw%2F5KbMM0DTROQAFc7cFjZvtxyQ5LqUmNV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f00c93dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-06/13/tnbziqd0gsh1340tnbziqd0gsh001367.jpg

104.21.235.174

200 OK

8.9 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-06/13/tnbziqd0gsh1340tnbziqd0gsh001367.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size
8.9 kB (8874 bytes)
Hash
54e9b64f51a62af2d69d7a485b032625
468ab5989c658d1b622475d4c93435fd6c6c51f5
5807fa53ec4b8f218aff39740e84d08d53c476b844dc1894eac4adfd69923c71

HTTP Headers

GET /upload/vod/2022/09-06/13/tnbziqd0gsh1340tnbziqd0gsh001367.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8874
cf-bgj: h2pri
etag: "5bd5271bb3c1d81:0"
last-modified: Tue, 06 Sep 2022 05:40:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPzsVRJqRVwWuX%2FvMJU8ZJ1Cxn%2FkBTzjGW22K88e1BWN6Wdxl2l48oOuKkRIfpz1hAzA1tCAEAMVawICwG9KfRUCgQT6Ow%2FXL%2FuIlMIBURAAJwxV81e%2FKtm6PSKafAowW1KO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f01ca9dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/odqz2kf1xbh0334odqz2kf1xbh375835.jpg

104.21.235.174

200 OK

11 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/odqz2kf1xbh0334odqz2kf1xbh375835.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (11430 bytes)
Hash
8bc1b2f77b168e292b024e13a3126989
1b999933dc64069cdc918d8f807986f571df8e93
55bbcb9176601bfcadd8535b54f60efe09b771fd4d7002db9d86f01a8eda7c9f

HTTP Headers

GET /upload/vod/2019/11-08/03/odqz2kf1xbh0334odqz2kf1xbh375835.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 11430
cf-bgj: h2pri
etag: "d8261964a295d51:0"
last-modified: Thu, 07 Nov 2019 19:34:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FzyKny8ww3i5wwQzX7WNRce%2BNrcB2USyvnDP9quDePWLeUpznhbrD0xqUyRtbXvdJfBQlHD5vQ6ze48jcS2CDlwqkSTYJADr1qBPxjjl9FhX%2FhRhHGnjpzkLsoPCctQjN9p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02ccbdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/04-23/18/2gmm3itisjw18062gmm3itisjw3311619.jpg

104.21.235.174

200 OK

12 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/2gmm3itisjw18062gmm3itisjw3311619.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (11762 bytes)
Hash
d73689a62b9e65a8d4ccaabe64a25388
87b4765e9ba20d5fd8a5c956a95ca791ea7d8962
ef67967dc0ddde2d0081a81e46571f176b3cf1f28cfe775cdce789e6e8d81835

HTTP Headers

GET /upload/vod/2020/04-23/18/2gmm3itisjw18062gmm3itisjw3311619.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 11762
cf-bgj: h2pri
etag: "27409de5619d61:0"
last-modified: Thu, 23 Apr 2020 10:06:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UxcLxR%2FaeJYCdLsfsIo0mLGk09oHb5imqb5y18mBCKKzNxGZ7PuTnOlwHcNpYZLrdlBUOENb0txY8RHJHaZYp9hh9qg2a%2FlTmIg2KXE%2F5c0TBfUENQ4fTfp2iYoMzZIOQcD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cd0dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/04-23/18/jjofhk2m5ro1806jjofhk2m5ro3411621.jpg

104.21.235.174

200 OK

14 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/jjofhk2m5ro1806jjofhk2m5ro3411621.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
14 kB (13647 bytes)
Hash
770a33b0f1002b03b905da6c1a0a1430
37773449980af3d93812bdba7ad7c5069951e496
3796f4d7f3a29c69b3a4da47f556ecbd63a627023c8d8f78acd005a58d93fd6c

HTTP Headers

GET /upload/vod/2020/04-23/18/jjofhk2m5ro1806jjofhk2m5ro3411621.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 13647
cf-bgj: h2pri
etag: "107185de5619d61:0"
last-modified: Thu, 23 Apr 2020 10:06:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZIOPim9xIcwR7RJRYuzzLFfNToYOGqT%2FMtkNOYUshrWfsy9vgQYklgIqS%2FU2ep0f7KBnRU5kBYcqLPoX%2FTdQPBf0nIbb6ngIQOdoxdmofmZi4tz%2BxMfP1owDl5jsWTR1XRO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cd3dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/54afnd1ddeu033254afnd1ddeu485657.jpg

104.21.235.174

200 OK

8.5 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/54afnd1ddeu033254afnd1ddeu485657.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.5 kB (8475 bytes)
Hash
f0473b2523d7d04d3c565edb9b94bbf5
10912dcd770ddf7962ab586a701ed81c346016d3
8ba1bb2a5e2f6a47bad85e103fddb29f0460f1a4ded2db3a3e8d01e8facea2f9

HTTP Headers

GET /upload/vod/2019/11-08/03/54afnd1ddeu033254afnd1ddeu485657.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8475
cf-bgj: h2pri
etag: "4cc5f322a295d51:0"
last-modified: Thu, 07 Nov 2019 19:32:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cD9xbvMAcZf4XTXsx5MAqkiBJ%2BtXfQYAaRKK6lMSeTOcJA5xevvd7qTjdSbhU4YL749KZhKzLlgcdop726U7zLYReOfcY611hQnfnpr%2FUyC0QWz780Lf0dJGBK%2F3%2FwVBY2X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cd6dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/mk5tjmllkt50333mk5tjmllkt5035689.jpg

104.21.235.174

200 OK

9.8 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/mk5tjmllkt50333mk5tjmllkt5035689.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.8 kB (9751 bytes)
Hash
fb56243ab6681aa9fb5c70f3f4cefa6f
24f8e82f8dc003e8047b92c06bc13d6baa5ced8d
49e646439edb0c1c099565f9061cd64b87e2811fe36396d814e09a1fce53cce6

HTTP Headers

GET /upload/vod/2019/11-08/03/mk5tjmllkt50333mk5tjmllkt5035689.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 9751
cf-bgj: h2pri
etag: "72dd6e2ca295d51:0"
last-modified: Thu, 07 Nov 2019 19:33:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTPDDUmNoYl4GfGLEVy6QzasdpXJkc9FrjuwCrsjD7FNXYn8boA8Ci3YH3I%2Br2m6ArPw8gorlKtDdnJ4VgoN4IUKuh4MegZ8g6gIL1%2BvOeSgOQ83TIXVwz4KbatgzWDR%2B0NT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cd8dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/upeiobidpdc0333upeiobidpdc195716.jpg

104.21.235.174

200 OK

12 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/upeiobidpdc0333upeiobidpdc195716.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (12125 bytes)
Hash
5bd5f72a245986bdecb172104dc64afb
67e9490ae83ac36d8a45cd4c77764cf2687d11a4
1d84665ea1e97fbb71be21d64f7a32324d9b9352398ba51d58191bf991dcba8f

HTTP Headers

GET /upload/vod/2019/11-08/03/upeiobidpdc0333upeiobidpdc195716.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 12125
cf-bgj: h2pri
etag: "8ad3c335a295d51:0"
last-modified: Thu, 07 Nov 2019 19:33:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SLbvrjowqWD4gXOX30SCvZUAyyZ1vfg2lPPbZ3iJPEwt6ASg7mH1a4SzXInMd4b4M2OZNJLfeK77A%2FTfUGJej7eUDNMOFQhEkuIhPkje8dNf2EBji%2F%2B%2BwBOp7qopDEMrsup"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cdadd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-06/13/0um1gxjg3cj13400um1gxjg3cj041371.jpg

104.21.235.174

200 OK

7.7 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-06/13/0um1gxjg3cj13400um1gxjg3cj041371.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size
7.7 kB (7669 bytes)
Hash
94598686270a4f7463d2a9ba576e342d
7220bad19c9704fba633a624fa93277e3da15f9a
f43339b373c3036c97f2dc5852b6ac20ec09a770374d521a1c5db9eeb5303a3c

HTTP Headers

GET /upload/vod/2022/09-06/13/0um1gxjg3cj13400um1gxjg3cj041371.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 7669
cf-bgj: h2pri
etag: "a1bc391db3c1d81:0"
last-modified: Tue, 06 Sep 2022 05:40:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1657
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdZPhQtjZDrtFGmL%2BMf33j%2Bf2avuhGZ9JHIjk0er2XGiNKWJikKVzdrohgQEhEfNTTiUDLz4WBh7noKMleDXXw4XTzKl9pPA8ICIc%2Fn6eyYB9W06q%2F%2BqrhgMkfbi%2BB8NXBUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cdddd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-06/13/csjcfhpp0lc1340csjcfhpp0lc021369.jpg

104.21.235.174

200 OK

8.1 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-06/13/csjcfhpp0lc1340csjcfhpp0lc021369.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size
8.1 kB (8134 bytes)
Hash
3fcd31eef2ab8812ae34ea7fd24d9ca1
897fc8f2705331530e37de4b27273b3322c9ffed
932a1e0b6ebab5bcbbfca0e67fd720cc0d8be2c5e9ef09fef73b65e1d8c0af04

HTTP Headers

GET /upload/vod/2022/09-06/13/csjcfhpp0lc1340csjcfhpp0lc021369.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8134
cf-bgj: h2pri
etag: "32573a1cb3c1d81:0"
last-modified: Tue, 06 Sep 2022 05:40:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnAzaQXE1fJvKbEVV5VtRrkLEW%2F2fHaPqtfGGP8vf0GHARKgty3A1UGDqrnOLf0rYEMAs4tjWyjEF2CajJEaLrqF5rfVJoeOwvbXrlwZdJlOfOTzPlXb3C6jsiBbyLs0INxM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cdedd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/ailbuhtx5lg0334ailbuhtx5lg055789.jpg

104.21.235.174

200 OK

12 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/ailbuhtx5lg0334ailbuhtx5lg055789.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (11753 bytes)
Hash
c7d5a007a28ac4f0f4458392f63ef2d6
4ac1c7529fc6175b1d1ce6237a662fb28aee1123
2b8658c3eac3a2f2597ac8cc49573cb78a90c26019957f042658f9d8c39ea42e

HTTP Headers

GET /upload/vod/2019/11-08/03/ailbuhtx5lg0334ailbuhtx5lg055789.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 11753
cf-bgj: h2pri
etag: "451bec50a295d51:0"
last-modified: Thu, 07 Nov 2019 19:34:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bII5WzdtyJ89OQ0%2BPV%2FOhuAV0li0gBVPToHftHXXH%2B0p1cJ7RfqhdVKfrsX5aw6adIqP1Rwi5NJ2v%2Ba8pYum05la5K7HFHCBOVUx%2FMlh%2FNQ80hOpui2A51aSuNnKmOnnTyv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02ce1dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/0bymgyxc5ps03340bymgyxc5ps535865.jpg

104.21.235.174

200 OK

8.5 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/0bymgyxc5ps03340bymgyxc5ps535865.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.5 kB (8479 bytes)
Hash
0bf6bea7c0f24d4d425c1251f2e9bb06
b8658557ece8ef1068c549d2c767daf116a0c7b2
c32a4dfbf30ec5785708e613969a7aa5e6e00a3e6ee043c086ffe5af4d75e529

HTTP Headers

GET /upload/vod/2019/11-08/03/0bymgyxc5ps03340bymgyxc5ps535865.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8479
cf-bgj: h2pri
etag: "1f53886da295d51:0"
last-modified: Thu, 07 Nov 2019 19:34:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnNFUi0yRPgD8HSPyu6iM9IE1BzCtVKYApdX%2BHGdYmmAni%2F0cyiqcHO3pXY8KJMxjCUnntnKsFzFyAYZ7V106H06mbx9KY07uDM%2Btii62tKxlCcOVxlrtkyhDjC%2FnunpCg%2BU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02ce2dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/sbl50v030pj0335sbl50v030pj095895.jpg

104.21.235.174

200 OK

9.2 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/sbl50v030pj0335sbl50v030pj095895.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.2 kB (9208 bytes)
Hash
a2d2a9e9ac9b84196218be37b3740a18
1ae83d3d64f0cffea427af52c9a3b286bc976e6a
cf084336590316a5064fca0c533ccfef63a832a213fdd94592a022b3a780bbdb

HTTP Headers

GET /upload/vod/2019/11-08/03/sbl50v030pj0335sbl50v030pj095895.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 9208
cf-bgj: h2pri
etag: "fc7f1677a295d51:0"
last-modified: Thu, 07 Nov 2019 19:35:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSBdNswFlIaGBTb6LNLc9%2BrGTIl7%2BVm7uC8vroiiYqMHU%2Fbke8AyTKHhJNwv3P4c0e4FNba%2BYaAEOGCFVdO8oXISdcqJq7FsUD5nUXXIJdEXb4YpEGIncTQYH3efvyhu%2FDiB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02ce4dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-05/12/t1tbtn0kkpz1243t1tbtn0kkpz361221.jpg

104.21.235.174

200 OK

12 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-05/12/t1tbtn0kkpz1243t1tbtn0kkpz361221.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
12 kB (11887 bytes)
Hash
2877f01282d8def627cb372519fa35e8
50fd71cf44442c9ef046c6f3f2c54e1d9231bd2b
2fae8fcbf36eacdaf7f92f738c8f5ff98b5cfbb5e54bf7e664ee99812a5e565f

HTTP Headers

GET /upload/vod/2022/09-05/12/t1tbtn0kkpz1243t1tbtn0kkpz361221.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 11887
cf-bgj: h2pri
etag: "311cb8fe2c0d81:0"
last-modified: Mon, 05 Sep 2022 04:43:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4703
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=334SDAQoVHIMS9tKLe546nF1lkhIVu8Os563MHQ00ldL4m2H8VvA%2BpT2LTpwXcrcuy1XEM8riWnhwqD7mJLtWB5iXcNBVs3g5bJ72zsJOL58XCYA0z2xzIe5xKfVpRItFQ41"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02ce5dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-05/12/cvrjkzg1dep1243cvrjkzg1dep351219.jpg

104.21.235.174

200 OK

7.8 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-05/12/cvrjkzg1dep1243cvrjkzg1dep351219.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
7.8 kB (7801 bytes)
Hash
8af47bd16148226176f4cf4fe768a48a
927798e4d83b10635d5b915ff288873cf823beb4
ebddd6552cd9900148152bffced46d2e88d3424c30043235153d5f9c55033725

HTTP Headers

GET /upload/vod/2022/09-05/12/cvrjkzg1dep1243cvrjkzg1dep351219.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 7801
cf-bgj: h2pri
etag: "819732fe2c0d81:0"
last-modified: Mon, 05 Sep 2022 04:43:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6992
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHnzRxLlKQZimPsHguKeb5xqQHXa3HAgz3ZCz%2FuW2QfYl%2FK%2BEgSOH1XCTd757xK5%2BOOV%2BgGLE6t%2FYKd6%2FEriJ0O39H4vGVCilfgXLZgzn41OuEGoEzLpMzXsH%2BM%2BxQZMjvo9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02ce8dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/02-27/19/girzn1k2set1940girzn1k2set382757.jpg

104.21.235.174

200 OK

8.4 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/02-27/19/girzn1k2set1940girzn1k2set382757.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.4 kB (8417 bytes)
Hash
ce67d4a7a6c35810dbb5eb3a77e87780
effa17c40c7bf96024cec62aca803770db51c32a
37dcf8e675afd36f33794d3d8f75aae2688cc50735ec6943a577734fcb059c89

HTTP Headers

GET /upload/vod/2020/02-27/19/girzn1k2set1940girzn1k2set382757.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8417
cf-bgj: h2pri
etag: "b237cebb62edd51:0"
last-modified: Thu, 27 Feb 2020 11:40:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zi%2F3iWfPZABTH1E6I54BW5w2VkxF6gp4Hi9KOtbF%2BkFMcq6efqWdZwM2KQI9tOgzFaBge2%2FLAfy%2Fx7xg7M%2BWCqJqCG1t0eLRyZ98c4Lhjk3K%2Bvc%2BPnamR%2BR1kI8Fuivfypr8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cefdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/02-27/19/05ekspbihox194005ekspbihox222755.jpg

104.21.235.174

200 OK

6.4 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/02-27/19/05ekspbihox194005ekspbihox222755.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.4 kB (6422 bytes)
Hash
6359c963898679a6e9c1ad194eb1827f
9cda6c9c3b493966d27be7dd0dd035aee5d16ff2
b9af399f8b253af1a9e5359ea90f5f500baff8fdbb4a8e6a9cf54ae980353c5a

HTTP Headers

GET /upload/vod/2020/02-27/19/05ekspbihox194005ekspbihox222755.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 6422
cf-bgj: h2pri
etag: "793925b262edd51:0"
last-modified: Thu, 27 Feb 2020 11:40:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYf7ouNKaaU6mdSmcBPoXxt4BsTTsii9okWeK0AHezCIJe4Y1XBFY7VynOdP1q94LY20xI9BB3rywsc7eAWsULvkuwZa4l9WyQEqkJMR%2B%2Bv%2FdzK2OJvGVYpaX5owaEUV1L0N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cf2dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/04-23/18/ip4irqnhknc1806ip4irqnhknc3111613.jpg

104.21.235.174

200 OK

9.8 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/ip4irqnhknc1806ip4irqnhknc3111613.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.8 kB (9750 bytes)
Hash
7dce33539dbe5b06ce3d8729269908a2
a474208195d597d6b50b75e78c6cfaddff6a6b88
47fb520ce16763a57574df227d8564641758d38f0267086c0265b13fbf7a207b

HTTP Headers

GET /upload/vod/2020/04-23/18/ip4irqnhknc1806ip4irqnhknc3111613.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 9750
cf-bgj: h2pri
etag: "a9fb7cdc5619d61:0"
last-modified: Thu, 23 Apr 2020 10:06:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tbuy3H34Ig6QTK%2FrQP3ItSABUU5qK1MCEc9QN%2B1twtbPoOiSWyz0EVfJ1gwCLk6MKjztmdQqHuJ3yJp%2BF2omPHB26iVsvhYSfreSS2H92dVGX3pVCOyPtFL85ekQeJOVqwKF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cf5dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/02-27/19/qclmcv2poa51941qclmcv2poa5452765.jpg

104.21.235.174

200 OK

7.2 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/02-27/19/qclmcv2poa51941qclmcv2poa5452765.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.2 kB (7195 bytes)
Hash
d84241b3af7bb56223a133b0b53b30d0
1eb02ce33e92c3d5b865cff1787ada2675e1da6b
8f125d5d1f654a3f89a4fcabf686bc193d4e7b7078a622a66f35880caac93820

HTTP Headers

GET /upload/vod/2020/02-27/19/qclmcv2poa51941qclmcv2poa5452765.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 7195
cf-bgj: h2pri
etag: "2b7366e362edd51:0"
last-modified: Thu, 27 Feb 2020 11:41:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VM7Vz4411AsvSUdh2AHCucAwOSuADFp%2FD0LKokcxFUp7OKG%2FzDli%2BoX4vnDP0HNPhFhlnZf1FeztEmPlRhVkUm3Op7%2FcPl6OVFXlPyTt35nJqsHwQZei2gW03Xbly6xeHOnS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cf9dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-05/12/rpy5fzgfb3q1243rpy5fzgfb3q341217.jpg

104.21.235.174

200 OK

9.1 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-05/12/rpy5fzgfb3q1243rpy5fzgfb3q341217.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
9.1 kB (9075 bytes)
Hash
f0da8ec44bdfb10e0eaa04b8135b4091
0742fe9454f51f1702dbf8aefb7629b0e9445b97
8b31c3052f89abdd514132479f8a3a177dfa13eaf636a88b82daa26fea959e20

HTTP Headers

GET /upload/vod/2022/09-05/12/rpy5fzgfb3q1243rpy5fzgfb3q341217.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 9075
cf-bgj: h2pri
etag: "a389a3ee2c0d81:0"
last-modified: Mon, 05 Sep 2022 04:43:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6992
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COwqiDTz1cfr9nslttrvmIXH26MJ82d6K6bBIj7teBZxEd%2BiBtmGegz6kir9BcmVyv1kNt%2Btg7TmxBEvgiN8TF2fiWRsptMag9bCl8h4lhHNQwqFqUhoTkACMZPFNmt4AJz2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cfcdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-06/13/n3xgmssgomt1340n3xgmssgomt051375.jpg

104.21.235.174

200 OK

7.3 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-06/13/n3xgmssgomt1340n3xgmssgomt051375.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
7.3 kB (7262 bytes)
Hash
c130b229b9cd1953b03111bac0589062
d6bebd2d81d4f632a76bf9a4074d6b9c321b5c28
e1646d92234528904c3afc98a67fd31c10cc821bb9f6683847ae359da8beb132

HTTP Headers

GET /upload/vod/2022/09-06/13/n3xgmssgomt1340n3xgmssgomt051375.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 7262
cf-bgj: h2pri
etag: "32a84e1eb3c1d81:0"
last-modified: Tue, 06 Sep 2022 05:40:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3965
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1Aqd%2BAgGTs9imZecBjiGRZZCATOskTjLkPHC%2Fyu1QpFhWAlrYjQVCmCKN23xMO%2BnMySJ%2F6uFbKa2LVCOv%2FtWC8cEO8z%2FnR2%2FM%2BRaKTwbrNsNeJdPS75ooMRcht%2FRfIF3R1y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02cffdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-06/13/0xhtokvgnv013400xhtokvgnv0041373.jpg

104.21.235.174

200 OK

9.5 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-06/13/0xhtokvgnv013400xhtokvgnv0041373.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
9.5 kB (9534 bytes)
Hash
65edd4a1b95d65ca43de83355a30eba3
d4d149cde9503a42298dd55b4e56779ae4afe670
7c39465f04b5bcea8e76d40aa27f57501c51211605ed02fcb6c33ec02870d370

HTTP Headers

GET /upload/vod/2022/09-06/13/0xhtokvgnv013400xhtokvgnv0041373.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 9534
cf-bgj: h2pri
etag: "6c6c41db3c1d81:0"
last-modified: Tue, 06 Sep 2022 05:40:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5M7N6L%2BR5IJsK5DWSQtSxPSzp2M%2FRanUM%2B0soaoQmknJotkC3oaTtxdwD3egffn%2Fo2uzWxi9DwNu2XQn3olK2hQrCgGK1bRtE3RN4Oyo6SqrKhimlOSUABWwNwihv8hcigx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f02d03dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-05/12/3lzpchfzch212433lzpchfzch2391227.jpg

104.21.235.174

200 OK

8.3 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-05/12/3lzpchfzch212433lzpchfzch2391227.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.3 kB (8289 bytes)
Hash
f8839e1e368625d319bb489d8f20c696
f15db70e673a9605b1e53f18288bdd659cbdd236
309809407e7d68c943006516ec5926b758f5d4b348fd2f901b07e7f0d9543643

HTTP Headers

GET /upload/vod/2022/09-05/12/3lzpchfzch212433lzpchfzch2391227.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 8289
cf-bgj: h2pri
etag: "8ad14f11e2c0d81:0"
last-modified: Mon, 05 Sep 2022 04:43:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18DEh1J95WIp131myjsMaMDWBg5%2FmoqKn%2BMjoYBlMmQ22v3a0Wn%2Bqaj4fBepDB5gfqkiUsIT947Ex4wD2jtdq6D10w%2FmZJi%2BeiynwnKHco%2BURzohWE970ffG8Z0C9AJ3RvKI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f05d28dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvhdd.com/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif

78.46.107.74

301 Moved Permanently

162 B

URL HTTP/2
kvhdd.com/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
IP
78.46.107.74:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/04-23/18/o05xaruyesh1806o05xaruyesh3711629.jpg

104.21.235.174

200 OK

16 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/o05xaruyesh1806o05xaruyesh3711629.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
16 kB (15765 bytes)
Hash
2a52e8e2541d1d5cd99967371775b265
fd88ef63fa3a2b36c172648ba5b91a92f013cf9d
4360f0b13ab3e616d2448903ff8d3b343242a2c6c4f2789d9598b7067ef78f6e

HTTP Headers

GET /upload/vod/2020/04-23/18/o05xaruyesh1806o05xaruyesh3711629.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 15765
cf-bgj: h2pri
etag: "a33d7fe05619d61:0"
last-modified: Thu, 23 Apr 2020 10:06:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0hbhA1EPT252pVkJpVw1gM6ZFYF5YQ1L1%2BEvs9%2FCze5uS7AAPSZ81u5GTfHGm%2Bz%2BswfNxWytpkYAP7cIqP5arxbQkGiRpEmweLaP%2F2er%2FRd%2Bn24JXdybDhgudyuKwxFJRCu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f05d2cdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/09-05/12/33fqf3p43ki124333fqf3p43ki381225.jpg

104.21.235.174

200 OK

7.6 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/09-05/12/33fqf3p43ki124333fqf3p43ki381225.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.6 kB (7605 bytes)
Hash
47baec366d4d658e9c846b917c8a480c
f1efedbb577adede5c7a857bc43457506723e5f4
2b51448656c99e0fa83735071ae0acacc9deda2fbf2055235356a2c65d2f5fae

HTTP Headers

GET /upload/vod/2022/09-05/12/33fqf3p43ki124333fqf3p43ki381225.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 7605
cf-bgj: h2pri
etag: "974dca10e2c0d81:0"
last-modified: Mon, 05 Sep 2022 04:43:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyOnxeVNh1P81PP2YizmQTg2gGgmDdtVoj87g8AVd4bZUbHSjZhBdndTUxIHK1SKTJZ98Tr2UyVaVnYBFZphOxwFdqyZkCnEHx89%2BQH%2Bv2E4Zl8XJ3pOy3kE2PfZ72l2tG8l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f05d32dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/02-27/19/0eneiz0fwlb19400eneiz0fwlb552759.jpg

104.21.235.174

200 OK

11 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/02-27/19/0eneiz0fwlb19400eneiz0fwlb552759.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (11110 bytes)
Hash
cafeb460cadba158770baa63568b1c28
3d5724651bdef982adab93b4c4c0518b0834d108
b84b8d3b81919aeb2025c5e055f47e6cebb4f7d303bb82d0738587663500eebc

HTTP Headers

GET /upload/vod/2020/02-27/19/0eneiz0fwlb19400eneiz0fwlb552759.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 11110
cf-bgj: h2pri
etag: "623565c562edd51:0"
last-modified: Thu, 27 Feb 2020 11:40:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3202
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJsfrbV4OPguR7%2BYwFs%2BVpkbe%2Bs%2F2mvVAcPAyQE80tfkH%2B%2FhHGg92WqYNuo8TrXtBxd3FlxmFuVCJTyenT98DL7sA3N5U6Nfoqu0i7%2F5Q2Kf5clHfQioITA3nV%2B%2Bb%2BvfpwYJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f05d2add80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvhdd.com/3a18042ae802ca6796e7d42a7d4a8b3a.gif

78.46.107.74

301 Moved Permanently

162 B

URL HTTP/2
kvhdd.com/3a18042ae802ca6796e7d42a7d4a8b3a.gif
IP
78.46.107.74:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /3a18042ae802ca6796e7d42a7d4a8b3a.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2020/04-23/18/ctfg5itzi0f1806ctfg5itzi0f3511623.jpg

104.21.235.174

200 OK

13 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2020/04-23/18/ctfg5itzi0f1806ctfg5itzi0f3511623.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
13 kB (12621 bytes)
Hash
2d8930c5c1af01f9bd2b7342d206c6f7
d2cab91f8497e67497f4c63deeb9b3f2c359f9c7
9be1bb6a1106bfb00ab34f9d7f23b8b0af89faac5a0dfc06fb637b991b8dbad4

HTTP Headers

GET /upload/vod/2020/04-23/18/ctfg5itzi0f1806ctfg5itzi0f3511623.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/jpeg
content-length: 12621
cf-bgj: h2pri
etag: "bbcc8df5619d61:0"
last-modified: Thu, 23 Apr 2020 10:06:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwbX3ZYK%2BVOBU0jELAg1lq%2B%2BYeuoLopUWWvlIrFvNTaZBsV%2BLXr7MVJHLMj8062FqdLV8JSxKyh3YMpH81e98d2IZR5CKlAq2XMYr9A0rowbdQxiqQicVxWpsVfxt%2BPYsF4R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f05d2ddd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pgurg.xyz/template/pgysvip/images/video-mask.png

173.231.17.179

200 OK

107 B

URL HTTP/2
www.pgurg.xyz/template/pgysvip/images/video-mask.png
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

HTTP Headers

GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Thu, 06 Oct 2022 19:47:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pgurg.xyz/template/pgysvip/images/video-play.png

173.231.17.179

200 OK

1.6 kB

URL HTTP/2
www.pgurg.xyz/template/pgysvip/images/video-play.png
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/pgysvip/images/video-play.png HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Thu, 06 Oct 2022 19:47:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2019/11-08/03/luzn2d4aohf0356luzn2d4aohf287938.jpg

104.21.235.174

200 OK

8.0 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2019/11-08/03/luzn2d4aohf0356luzn2d4aohf287938.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.0 kB (8039 bytes)
Hash
342c6fbb7d5e28923f12afcb62375a1c
0cbcce1aee4afbfa43daf9d96384bcf6a13b4a20
6910f65a1e6e6a1d207ffdeb2187a898beda1d865f92239812741acac98ed9f7

HTTP Headers

GET /upload/vod/2019/11-08/03/luzn2d4aohf0356luzn2d4aohf287938.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/jpeg
content-length: 8039
cf-bgj: h2pri
etag: "12a98171a595d51:0"
last-modified: Thu, 07 Nov 2019 19:56:28 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRe8foiIkJB7aftPdfSiTS56SiQI2YRvAOATWg2rvIzP0j65fCIsGHwKt3qaik7ITBWwfD388idAC5xcZgsBgRXYj5acPf9pOF6Q7NhQcppNjO6dV609sHjGiOQ8mjndhTPg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f00c9bdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c2f24ab89c24f9249296950d18defcf1
abb7192f88a20112393d304bff6b4d13f4bdea4c
38dea82cab192640a86a6f220435cfa39c05747636d1398fb5cac66264566ce4

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "38DEA82CAB192640A86A6F220435CFA39C05747636D1398FB5CAC66264566CE4"
Last-Modified: Tue, 06 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15868
Expires: Wed, 07 Sep 2022 00:11:35 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

www.pgurg.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=202296Tue%20Sep%2006%202022%2019:47:01%20GMT+0000%20(Coordinated%20Universal%20Time)

173.231.17.179

200 OK

3.1 kB

URL HTTP/2
www.pgurg.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=202296Tue%20Sep%2006%202022%2019:47:01%20GMT+0000%20(Coordinated%20Universal%20Time)
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size
3.1 kB (3083 bytes)
Hash
7e2ab1db554297f4b9fd0d06cf5ba4fe
c65fdf752d0a4885529625e7fe2a7b6cf50cfc48
5f545fdc187a2303f79c1cb96bc1977f6aaad75bde6c6a6c584ababd48a0077e

HTTP Headers

GET /template/pgysvip/html9/advertised/advertised.json?refresh=202296Tue%20Sep%2006%202022%2019:47:01%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: application/json
content-length: 3083
last-modified: Wed, 24 Aug 2022 12:58:26 GMT
etag: "63062072-c0b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

acoossi.top/3acd6109c1789c68133976726c0d3a33.gif

104.21.234.200

200 OK

1.0 MB

URL HTTP/2
acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
IP
104.21.234.200:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
1.0 MB (1024160 bytes)
Hash
52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6

HTTP Headers

GET /3acd6109c1789c68133976726c0d3a33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:06 GMT
content-type: image/gif
content-length: 1024160
last-modified: Fri, 21 Jan 2022 10:02:31 GMT
etag: "61ea84b7-fa0a0"
expires: Thu, 06 Oct 2022 09:51:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 35717
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqv%2BCZUF%2Fh7Speg5CwDkA4MEe%2BiprIMzCseINYL9%2FmDd23OmLdAqFYFR7R4Ke36G%2BkgXIBMCayul7e84%2BKJ3n9JsWdtYdpsECRak%2FX6Z4pUkVG8npHNaMX8zMwWuaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f05f1171fa-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b8e8376abb14ac634d65411f2a29365
8e7504f206660dcb91e6564f98fd079290e5c2c4
0710ba49ee4d071fcfc4511c7a105be5dab023dd57463f2048a388d6942e63ea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0710BA49EE4D071FCFC4511C7A105BE5DAB023DD57463F2048A388D6942E63EA"
Last-Modified: Mon, 05 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17893
Expires: Wed, 07 Sep 2022 00:45:20 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a7fb784ae2daf0409dbc6341f6721a77
3244c8f4fbd24ba2b5885721a1841baf0b80bdb7
1932681c9c4f4af30a97609db88130b510a98dbeb7f0651163ad830816d29a04

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 02:36:07 GMT
Expires: Mon, 12 Sep 2022 02:36:06 GMT
Etag: "3244c8f4fbd24ba2b5885721a1841baf0b80bdb7"
Cache-Control: max-age=455938,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469b6f1db9cb4fd-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
37bd69d53e1db0abbd522440ce0fba07
be280da3df8f87886001bd94799ca78249844292
c190f14bea67c0a81c64601ea06d5c4f503c14153b36b2d0e8a48452bccdcf22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 05:45:33 GMT
Expires: Mon, 12 Sep 2022 05:45:32 GMT
Etag: "be280da3df8f87886001bd94799ca78249844292"
Cache-Control: max-age=467304,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469b6f1d8e9b505-OSL

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
3ac22d173d3577d7cd6f7ab8ad7278ed
994c6cc7e4f609241597f3622ce50a7aaab914c3
5a0986ea71947fa265315cb509eac648a18c238b96b49cad011fe882c706fb40

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5A0986EA71947FA265315CB509EAC648A18C238B96B49CAD011FE882C706FB40"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7247
Expires: Tue, 06 Sep 2022 21:47:54 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
3ac22d173d3577d7cd6f7ab8ad7278ed
994c6cc7e4f609241597f3622ce50a7aaab914c3
5a0986ea71947fa265315cb509eac648a18c238b96b49cad011fe882c706fb40

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5A0986EA71947FA265315CB509EAC648A18C238B96B49CAD011FE882C706FB40"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18666
Expires: Wed, 07 Sep 2022 00:58:13 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9078e2e04173b221c737e9c4636071f7
c3845d53a9ef9cd2b44564bb56ce6f1992dc3d60
3fa4935e3c198623c8edc7c36892d5a24e9c6f0cf8c514f8d219b672a6676dff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FA4935E3C198623C8EDC7C36892D5A24E9C6F0CF8C514F8D219B672A6676DFF"
Last-Modified: Mon, 05 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3180
Expires: Tue, 06 Sep 2022 20:40:07 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
258f174885c200be903bf46500b20e09
4a53eb13952452b668bbbad725b08bf2e147aae3
c9652d84768b493aa73d8bf5b826094d17369f8c1e8781365c6e3544cbad4cbd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9652D84768B493AA73D8BF5B826094D17369F8C1E8781365C6E3544CBAD4CBD"
Last-Modified: Mon, 05 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18342
Expires: Wed, 07 Sep 2022 00:52:49 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af58eaa8cb9b94f696d1ba3dae7e002
f5ab7ee23ee3b161af8864d916a9f124e4ba1f2e
8622752192615128aab507e4133a002c5c098325ff6b01aeffcc0076916a9f40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8622752192615128AAB507E4133A002C5C098325FF6B01AEFFCC0076916A9F40"
Last-Modified: Sun, 04 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12
Expires: Tue, 06 Sep 2022 19:47:19 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

kvtlll.top/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif

104.21.68.21

200 OK

729 kB

URL HTTP/2
kvtlll.top/b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif
IP
104.21.68.21:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
729 kB (729369 bytes)
Hash
53d9d1d54befa25cdc0fffcae0123c91
50faead5d2778663e39eb8f7c99f0d6e0b9b7d54
db9f74a15518df5af75769bd98d3d72eb69641c257ea220e9b52cd4cc98cd112

HTTP Headers

GET /b1cdf3ca8d11b7c0b5f95c8cbe5f0f86.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/gif
content-length: 729369
last-modified: Sun, 07 Aug 2022 13:16:57 GMT
etag: "62efbb49-b2119"
expires: Sat, 24 Sep 2022 08:31:12 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1077355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f758LlOf5FLH3Gv0j4nYUHbhIMKJcWVSwafKcUXVUkteki9XHBSuBLWionInWl8tiWVeDtUqOrRxRp4nPktAwULynlkZ3rqlkyKumaZjqRjm7aSv1YeFFTSBFQph"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f28c01b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif

45.154.214.206

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP
45.154.214.206:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: text/html
content-length: 162
location: https://kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif

104.21.68.21

200 OK

1.0 MB

URL HTTP/2
kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif
IP
104.21.68.21:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
1.0 MB (1001238 bytes)
Hash
4bd2014f3b4f56252da35a5af5628cfd
0a6f7d35317885b9e4a6d5a388c6f44686628f27
ed7fdbb2d11646a7ceb15c6531bd911fd2dc5989afff8219c124e1d61a81b315

HTTP Headers

GET /3a18042ae802ca6796e7d42a7d4a8b3a.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/gif
content-length: 1001238
last-modified: Wed, 17 Aug 2022 05:38:46 GMT
etag: "62fc7ee6-f4716"
expires: Sat, 01 Oct 2022 01:03:51 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 499396
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv8dYiJmvsD5SfE%2BQPgqiZTKjSm1GYSFK8yY%2Fv%2FXohsv4s9cFp3n3BhoF%2BWiB%2FRVPE6lVBn0dnAxixK5yDLKSuf6QL%2BMLdlGgF%2B2Q8WTqUEvmK8mVA7FJyH6MDc3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f28c0eb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ttsetupian.cc/lm/cstggspk01.gif

172.67.200.154

200 OK

246 kB

URL HTTP/2
ttsetupian.cc/lm/cstggspk01.gif
IP
172.67.200.154:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 320 x 190\012- data
Size
246 kB (246207 bytes)
Hash
e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318

HTTP Headers

GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Fri, 23 Sep 2022 14:30:45 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1142148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22qtjuP2lUFd4%2B%2FBTO9tzpOnB186Es8LuO2i353FVuGEhd1bdXgmQPIinHrsexIw7RNulyyvuPm5BwxnNFArwiD3TWxw13whtrPsoNXv5xDCzHPkmHybbZ%2B4Jl4BRGYk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f299b70af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
3ac22d173d3577d7cd6f7ab8ad7278ed
994c6cc7e4f609241597f3622ce50a7aaab914c3
5a0986ea71947fa265315cb509eac648a18c238b96b49cad011fe882c706fb40

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5A0986EA71947FA265315CB509EAC648A18C238B96B49CAD011FE882C706FB40"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7247
Expires: Tue, 06 Sep 2022 21:47:54 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif

104.143.94.110

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
104.143.94.110:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: text/html
content-length: 162
location: https://acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: text/html
content-length: 162
location: https://kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8ae3da15a0661e144d2d8f9d8e4133f6
3f1d07aba8f7e4f4275cf13c41db855e6418b594
4d9607ed51292ae48bfc0d074fca2e7efa636735823658652dcfb989fc22198b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 01:29:06 GMT
Expires: Mon, 12 Sep 2022 01:29:05 GMT
Etag: "3f1d07aba8f7e4f4275cf13c41db855e6418b594"
Cache-Control: max-age=451917,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469b6f28cc0b4fd-OSL

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
3f982804c323557f693c70786ebdf6d6
c63e2fa6088079ee59be90bc38f2ecaa5896c6a8
ec8e19e4b853d974a94a3a7ef3cce8be61e8cb80db7194470518db9b0d4e2383

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:47:07 GMT
Ali-Swift-Global-Savetime: 1662493627
Via: cache19.l2de2[181,181,200-0,M], cache19.l2de2[183,0], cache1.se1[204,203,200-0,M], cache1.se1[205,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 06 Sep 2022 19:47:07 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516624936272635828e

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
2aa009cc2f7e21c51f3fc305712c5749
8fe391aa24f156687ffccef1cc0aa61dd281ee1e
b4faabbbdde8ef2e77007fd8155dab7ebd7d6ab08fee0d307053419aae1bfd3f

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Sep 2022 17:43:12 GMT
ETag: "8fe391aa24f156687ffccef1cc0aa61dd281ee1e"
Last-Modified: Tue, 06 Sep 2022 17:43:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7469b6f3c8ecb529-OSL

si1.go2yd.com/get-image/0wut3IuOIN0

163.171.140.79

200 OK

51 kB

URL HTTP/2
si1.go2yd.com/get-image/0wut3IuOIN0
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 320 x 240\012- data
Size
51 kB (50826 bytes)
Hash
7a02a69b00eebfc2977f6d8417cf8141
2203e026eacda489b6e3aa673d5c14bb1526a6dd
e994a6c450acbc20fdca555a5a30d15af3af102f608bbd8a6a5bd295a1ee41ac

HTTP Headers

GET /get-image/0wut3IuOIN0 HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/gif
content-length: 50826
server: Tengine
x-application-context: application
x-kss-request-id: 385cb47819904891b6a20cdd2df33e9d
etag: "7a02a69b00eebfc2977f6d8417cf8141"
content-md5: egKmmwDuv8KXf22EF8+BQQ==
last-modified: Sun, 09 Jan 2022 13:06:09 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ks135:6 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:4 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:11 (Cdn Cache Server V2.0)
x-ws-request-id: 6317a3bb_PShlamstdAMS1se91_46274-56223
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9746b28afee47cf437fbd6334a55ee32
53be94b5a6ce6b1c0db820c9fda8e023613a2e72
750564a4428096393c59dd826d7ee1534eff07c4650d6a9a0456dff2d8d20349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750564A4428096393C59DD826D7EE1534EFF07C4650D6A9A0456DFF2D8D20349"
Last-Modified: Sun, 04 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6431
Expires: Tue, 06 Sep 2022 21:34:18 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (625)
Size
11 kB (11338 bytes)
Hash
90d0bb54e4ae0667b8e5648fa00bd555
93b32dc0cf7e0ec6e3dfedb7bf40c8a6b2ebc81d
a714820a0261ece040ce162e20e0ff032972a7db4a9f3f80d92e4ae85f0d638c

HTTP Headers

GET /hm.js?825d1f32fc06ddc604b6ed5cc0c7d6cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Tue, 06 Sep 2022 19:47:07 GMT
Etag: 824a2fb5a1c7dfa35739a7c1cbbe9968
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5CCDBCD544FD948D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

172.67.213.234

200 OK

400 kB

URL HTTP/2
acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
172.67.213.234:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
400 kB (400264 bytes)
Hash
b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossn.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Tue, 04 Oct 2022 08:56:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 211841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yTCYmxVOg0gHcx3o0He%2FhrEC2pv6teQNGh7l%2Bej8B3W%2B5pTy7Dej9cv3u%2B9EJe6NXQ2EdLDmmz7a7Vdh4shXQebOxHEHyXL2h3mlIWRvSxqkXOBoC8n8iULaL46%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f47cebfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (626)
Size
11 kB (11339 bytes)
Hash
469bd22deab27c0c2ee923cdefe7dee4
9553afab718d2051d23f25281fc2091fcdb68db5
a11464d9be3808849acccab9ead8e148d9e277309ce3c6a1d7d9986353a07328

HTTP Headers

GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Tue, 06 Sep 2022 19:47:07 GMT
Etag: cdb3f9063829d74b12d8acfac7854ba5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=826BE34002352774; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6a0ae3acfc9b763429916b303cac13b5
ae991af1fd5020d318fd8275b8a9a6465b882b15
86a3acfc9e883aa650099cb546b2c0799d3cc01686631ac0ecfda049e07dfcab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 16:29:52 GMT
Expires: Sun, 11 Sep 2022 16:29:51 GMT
Etag: "ae991af1fd5020d318fd8275b8a9a6465b882b15"
Cache-Control: max-age=419563,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469b6f1d873b4ff-OSL

kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif

104.21.234.202

200 OK

902 kB

URL HTTP/2
kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP
104.21.234.202:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
902 kB (902313 bytes)
Hash
8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002

HTTP Headers

GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Sun, 02 Oct 2022 11:09:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 376666
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BhM%2BAOrBuYHWhQQVC6XnnhJNW9D8mZbvpbNP%2BzRtL9dWbSOHrech%2FOKl4YH1YOvR2Fkc6NqGUrkOqoqPGb9ZJEDp3px8LDq882UxqWlQPp%2BXcDgTabw8seei4dG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f41df7771f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
fd96026cde25fd89936d3c65e63ee0de
bb99152cb589f3632d121a71b3b469d42ab7c9a5
540f50e1511b84af18c5945168504b681c658c09105d0a8947188decca27acf7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "540F50E1511B84AF18C5945168504B681C658C09105D0A8947188DECCA27ACF7"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21499
Expires: Wed, 07 Sep 2022 01:45:26 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif

104.21.43.117

200 OK

832 kB

URL HTTP/2
kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
IP
104.21.43.117:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
832 kB (832544 bytes)
Hash
8a1b22cb6be2662f8c75ace7480ea0e6
380d85b1d74b702a780ee04965fdb9908ab73171
928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0

HTTP Headers

GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kvkjjj.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pgurg.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/gif
content-length: 832544
last-modified: Thu, 30 Jun 2022 12:03:43 GMT
etag: "62bd911f-cb420"
expires: Wed, 28 Sep 2022 18:06:54 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 697213
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsqOOt1ROmdbO0Rqqp03bDWjjJTPvfw5amCF1LVKUHceq7BEvpIoyAE0PDSbYezk1jg87Q0VqAg%2B3szbapXRbQv2iAAfYp06xLhHcEWJ9aEWvKkvkK7OmePfkPeO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7469b6f58c69b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
fd96026cde25fd89936d3c65e63ee0de
bb99152cb589f3632d121a71b3b469d42ab7c9a5
540f50e1511b84af18c5945168504b681c658c09105d0a8947188decca27acf7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "540F50E1511B84AF18C5945168504B681C658C09105D0A8947188DECCA27ACF7"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21499
Expires: Wed, 07 Sep 2022 01:45:26 GMT
Date: Tue, 06 Sep 2022 19:47:07 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
bb6b7ec09f93d6405822baf1f388ede6
32d4a165ca310b8c90d567aba2a3f60a2f5910be
3178fa09e9aaa6996e8ab46ead93961c39a0982f43824342d2ac8d86b060acf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 19:10:52 GMT
Expires: Mon, 12 Sep 2022 19:10:51 GMT
Etag: "32d4a165ca310b8c90d567aba2a3f60a2f5910be"
Cache-Control: max-age=515623,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469b6f60a9eb4fd-OSL

hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (625)
Size
11 kB (11338 bytes)
Hash
d11a1b8637851d9c89c5e3f412dd5df1
f125bec5198689a12f0dd33811c9a88ba40529db
8d7827abd8ca7ee8402c54831ad2e22f6f8f8c1eed8ac4feddedd7abbbb0df9f

HTTP Headers

GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Tue, 06 Sep 2022 19:47:07 GMT
Etag: 497f2d0c9d94ab7a6115ad768fe719a7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=56D3A24331FF3855; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (629)
Size
11 kB (11342 bytes)
Hash
92424c8939bd207b6111b3e72f17bbde
451cb472e8262a222f3e9d9a20b2b28c179aaaaa
dc33e8cf4bf98ff3b7ddbfbdffb6832b4d6695058eee4879fc6fd9541c796105

HTTP Headers

GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Tue, 06 Sep 2022 19:47:07 GMT
Etag: 1309202dcea8ba1ebbcb8a64176b83d5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F0A88B79DC74ABD5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872358453&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872358453&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872358453&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Sep 2022 19:47:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=14F34096697DD78B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0fe512ff154f46ad63c8841588e64927
4ffce6192091f1e15b5258a4c7ffbcc44dc41d04
6067dfa6f639a22f4a7ea3443d782344519c59ca581be71808654d18d305d5f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6067DFA6F639A22F4A7EA3443D782344519C59CA581BE71808654D18D305D5F1"
Last-Modified: Sun, 04 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Wed, 07 Sep 2022 01:46:28 GMT
Date: Tue, 06 Sep 2022 19:47:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62b1de1ac8be68445ceaa870a59faf3
fe887f1c903a22cc51c496b6098bd79cabefcc5c
d72db5deec8e47e3d91fbc1ae2d730c49e78fd047b0bddfd51a14f9306a47901

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D72DB5DEEC8E47E3D91FBC1AE2D730C49E78FD047B0BDDFD51A14F9306A47901"
Last-Modified: Tue, 06 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Wed, 07 Sep 2022 01:46:41 GMT
Date: Tue, 06 Sep 2022 19:47:08 GMT
Connection: keep-alive

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1321529376&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1321529376&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1321529376&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Sep 2022 19:47:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7A56552B4D61DA3A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3f10f37659c27efd2a5045da0fa59ca9
020d42b1ab84977ff23b4ea59d0f6199f0280950
0018f5d8891ca35e526d532b768d081855930752c9e196ac23c063cd1eef1a54

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0018F5D8891CA35E526D532B768D081855930752C9E196AC23C063CD1EEF1A54"
Last-Modified: Sun, 04 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Wed, 07 Sep 2022 01:46:53 GMT
Date: Tue, 06 Sep 2022 19:47:08 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
cd4c00c6e07c253769c50f245c2984e7
ccb06309c629c402ae887e94cd4bfcb27c771384
530345bd146e96146fb9defd487cc4f87f5f68b4dd0cc4aa85da2cc6fd1c5402

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 17:53:28 GMT
Expires: Tue, 13 Sep 2022 17:53:27 GMT
Etag: "ccb06309c629c402ae887e94cd4bfcb27c771384"
Cache-Control: max-age=597378,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469b6f67b23b4fd-OSL

65686232255.com/53218c3090e04eccae534334cb03ed4a.gif

103.170.15.113

200 OK

580 kB

URL HTTP/1.1
65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
IP
103.170.15.113:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
580 kB (580315 bytes)
Hash
1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /53218c3090e04eccae534334cb03ed4a.gif HTTP/1.1
Host: 65686232255.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630cc146-8dadb"
Date: Tue, 30 Aug 2022 03:42:47 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 29 Aug 2022 13:38:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Length: 580315

n6579.com/b8ca9e8def054d5284828d03b701ef43.gif

103.170.15.93

200 OK

654 kB

URL HTTP/1.1
n6579.com/b8ca9e8def054d5284828d03b701ef43.gif
IP
103.170.15.93:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
654 kB (653713 bytes)
Hash
6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37

HTTP Headers

GET /b8ca9e8def054d5284828d03b701ef43.gif HTTP/1.1
Host: n6579.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62d16582-9f991"
Date: Fri, 15 Jul 2022 13:07:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 15 Jul 2022 13:02:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-23
Content-Length: 653713

taiwtp1.com/img/960120.gif

220.128.218.220

200 OK

121 kB

URL HTTP/2
taiwtp1.com/img/960120.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 960 x 120\012- data
Size
121 kB (120952 bytes)
Hash
8b1ce22d19b73e71ec05f04491df7cae
101ed504920b13424231d6fb3540fb7dfdba69e3
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce

HTTP Headers

GET /img/960120.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:45:33 GMT
content-type: image/gif
content-length: 120952
last-modified: Thu, 10 Mar 2022 10:55:56 GMT
etag: "6229d93c-1d878"
expires: Thu, 06 Oct 2022 19:45:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

taiwtp1.com/img/200200.gif

220.128.218.220

200 OK

75 kB

URL HTTP/2
taiwtp1.com/img/200200.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 200 x 200\012- data
Size
75 kB (75259 bytes)
Hash
03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

HTTP Headers

GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:45:33 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Thu, 06 Oct 2022 19:45:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=12303515&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=12303515&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=12303515&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Sep 2022 19:47:08 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E928A1BF90364122; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=414078109&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=414078109&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=414078109&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=1742&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pgurg.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Sep 2022 19:47:08 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2FE344C025E4FC01; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

89958716765.com/14112a98f9104043bc1d7e2e4ec39ac2.gif

45.61.212.48

200 OK

584 kB

URL HTTP/1.1
89958716765.com/14112a98f9104043bc1d7e2e4ec39ac2.gif
IP
45.61.212.48:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
584 kB (584025 bytes)
Hash
ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /14112a98f9104043bc1d7e2e4ec39ac2.gif HTTP/1.1
Host: 89958716765.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630b2c84-8e959"
Date: Mon, 29 Aug 2022 14:56:44 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 28 Aug 2022 08:51:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-18
Content-Length: 584025

unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif

45.61.212.53

200 OK

112 kB

URL HTTP/1.1
unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
IP
45.61.212.53:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 320 x 185\012- data
Size
112 kB (112447 bytes)
Hash
41a695940d0c5bd9d1f0ad33ab681ccf
f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6

HTTP Headers

GET /1000c6da2a3c4746b97daa78f8f1b65f.gif HTTP/1.1
Host: unpfqc9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62935fa0-1b73f"
Date: Mon, 05 Sep 2022 08:52:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 29 May 2022 11:57:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-23
Content-Length: 112447

33869213.com/83ba7e533208445fa097e17c23a48e1c.gif

20.205.43.240

200 OK

37 kB

URL HTTP/1.1
33869213.com/83ba7e533208445fa097e17c23a48e1c.gif
IP
20.205.43.240:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 320 x 240\012- data
Size
37 kB (36943 bytes)
Hash
7ded2042a95c6c192a2c06e07075236e
1fc93212b6c5296bb2e0b403884c9b37e93c27a6
8095fedc5bd55fab27f9e37eed655234aab58b2925ea2494b04dcf5ae089f699

HTTP Headers

GET /83ba7e533208445fa097e17c23a48e1c.gif HTTP/1.1
Host: 33869213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:08 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Jul 2022 07:53:43 GMT
ETag: W/"62dcfa87-b269"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif

20.24.204.250

200 OK

37 kB

URL HTTP/1.1
u0053.com/ee2552e0433e4f19ab771ef923ba5299.gif
IP
20.24.204.250:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 320 x 240\012- data
Size
37 kB (37225 bytes)
Hash
910f18fdc66120d774b5e52a309b0cfd
cf303808e3664ff87c387824d6f32df1df8af56c
01c54f3caed68e21a22c348b63a3e13e26a36ae0625f12d30d704f6d5d49db41

HTTP Headers

GET /ee2552e0433e4f19ab771ef923ba5299.gif HTTP/1.1
Host: u0053.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:47:08 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:22:58 GMT
ETag: W/"629365a2-92cd"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

93533557591.com/109e604a3c6249d594c56004b700f28c.gif

103.170.15.87

200 OK

720 kB

URL HTTP/1.1
93533557591.com/109e604a3c6249d594c56004b700f28c.gif
IP
103.170.15.87:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
720 kB (719745 bytes)
Hash
a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

HTTP Headers

GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Wed, 10 Aug 2022 04:48:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 719745

6655cy.com/cdn/ashkad.gif

154.39.66.223

200 OK

311 kB

URL HTTP/2
6655cy.com/cdn/ashkad.gif
IP
154.39.66.223:0
ASN
#174 COGENT-174

File type
GIF image data, version 89a, 200 x 200\012- data
Size
311 kB (311408 bytes)
Hash
99ed707e8993e93bff73dbb369e89b3e
21d1ef9c09316253b35c31df246c4cef8766df62
99d1c91a54ee659b7055b38390708fb6405f9b8e8f4d70a20616ced03adbfb62

HTTP Headers

GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:07 GMT
content-type: image/gif
content-length: 311408
last-modified: Mon, 15 Aug 2022 08:53:58 GMT
etag: "62fa09a6-4c070"
expires: Thu, 06 Oct 2022 00:20:48 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

n0355.com/4cb9d81b8882419cbeeb73a2ee309b60.gif

20.24.204.162

200 OK

61 kB

URL HTTP/2
n0355.com/4cb9d81b8882419cbeeb73a2ee309b60.gif
IP
20.24.204.162:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
61 kB (61318 bytes)
Hash
44edaa80b1d87596adf175568094c18b
f20c58d0c530e784ade70225f96fff2dda338c84
eaeea622e721a473ec72198b329571eca43dd56b999e76c18fb927c7b2bde5d0

HTTP Headers

GET /4cb9d81b8882419cbeeb73a2ee309b60.gif HTTP/1.1
Host: n0355.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:08 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 29 May 2022 12:22:27 GMT
etag: W/"62936583-eb62"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

img12.360buyimg.com/ddimg/jfs/t1/139066/39/15574/959138/5fbb91e3E3869a786/8b3504e1a1356dd4.gif

163.171.140.79

404 Not Found

62 B

URL HTTP/2
img12.360buyimg.com/ddimg/jfs/t1/139066/39/15574/959138/5fbb91e3E3869a786/8b3504e1a1356dd4.gif
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
35345e84ce91218b0a5b76b672dc9091
2d5ae90e1fe8ad1eec3c6b47e0d4b0552e4c76de
7adf8138ed1c9dd83091779bb2e02e3b5f263d61b3ef8de74906e19affb0f054

HTTP Headers

GET /ddimg/jfs/t1/139066/39/15574/959138/5fbb91e3E3869a786/8b3504e1a1356dd4.gif HTTP/1.1
Host: img12.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 19:47:09 GMT
content-type: application/json;charset=utf-8
content-length: 62
server: nginx
cache-control: max-age=60
via: http/1.1 ORI-CLOUD-ZJ-MIX-198 (jcs [cHs f ]), http/1.1 JN-UNI-2-MIX-19 (jcs [cSsSfU])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 404-1662493580106-0-0-1-8-8;404;404-1662493629249-0-0-0-18-18;404-1662493629263-0-0-0-29-29
x-via: 1.1 PSdgflkfFRA1bc200:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:19 (Cdn Cache Server V2.0)
x-ws-request-id: 6317a3bd_PShlamstdAMS1se91_44737-61268
X-Firefox-Spdy: h2

www.pgurg.xyz/

173.231.17.179

200 OK

1.5 MB

URL HTTP/2
www.pgurg.xyz/
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type
data
Size
1.5 MB (1507819 bytes)
Hash
27d3c2dd97d05cb560c4848631f7ba57
a86eb06a03ef2f0d87753bfcf53b228413d6825a
59c55949abf5abed94f1f33862dab955bdb3c99db37a760c9a9cf75320e856ec

HTTP Headers

GET / HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

u0071.com/9ef4f1d640934338bea53d331173f9a1.gif

20.24.202.201

200 OK

0 B

URL HTTP/2
u0071.com/9ef4f1d640934338bea53d331173f9a1.gif
IP
20.24.202.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /9ef4f1d640934338bea53d331173f9a1.gif HTTP/1.1
Host: u0071.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 19:47:08 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 29 May 2022 12:22:41 GMT
etag: W/"62936591-4f6da"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.pgurg.xyz/template/pgysvip/js/jquery.config.js

173.231.17.179

200 OK

0 B

URL HTTP/2
www.pgurg.xyz/template/pgysvip/js/jquery.config.js
IP
173.231.17.179:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pgurg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pgurg.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:47:05 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Wed, 07 Sep 2022 07:47:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations