firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e6jqkUoN-fJiQ4WVvMjpzKNurw_F5M_RQ61RPW6g-Rns3BTKgT33Pw==
Age: 57673
mypopcircle.com/index.php
172.120.206.91301 Moved Permanently 0 B URL HTTP/1.1 mypopcircle.com/index.php
IP 172.120.206.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /index.php HTTP/1.1
Host: mypopcircle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 07:48:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.mypopcircle.com/index.php
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5905
Expires: Thu, 06 Oct 2022 09:26:56 GMT
Date: Thu, 06 Oct 2022 07:48:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.99200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.99:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eOKqBOnd7EHMmud4Xkq9mq1kTZmABfQRV3HtD2G1zslsuEZNV0QKdg==
age: 13559
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 07:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 07:59:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OTasa-6MpiB2cQG8TQ7k-2kipT5F7-zNk9OyuRBTBaU2ySffCUvcwQ==
Age: 1130
www.mypopcircle.com/index.php
172.120.206.91200 OK 785 B URL HTTP/1.1 www.mypopcircle.com/index.php
IP 172.120.206.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 19c6d3d4dfa85c99fff2abd5eec5238e
e43bb41732f83c6921de6c2acfb80d8f94bf8b9a
23cbec4f84670adfbb26ad3a3d694b6ea50ef41eccc0679309a583740a89bd82
Analyzer Verdict Alert fortinet Malware
GET /index.php HTTP/1.1
Host: www.mypopcircle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 07:48:33 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5732
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 07:48:32 GMT
Last-Modified: Thu, 06 Oct 2022 06:13:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.mypopcircle.com/tj.js
172.120.206.91200 OK 520 B URL HTTP/1.1 www.mypopcircle.com/tj.js
IP 172.120.206.91:0
File type ASCII text, with CRLF line terminators
Hash be5007b1f85544e98db2cd6a789f56f2
1cf747b44880dc53753bfa31e2e3bf8c169055be
8a7a4060dba641671ad4ad96169155475ae7f93fe35b72f35f97527da8d433e4
Analyzer Verdict Alert fortinet Malware
GET /tj.js HTTP/1.1
Host: www.mypopcircle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mypopcircle.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 07:48:33 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.mypopcircle.com/common.js
172.120.206.91200 OK 1.1 kB URL HTTP/1.1 www.mypopcircle.com/common.js
IP 172.120.206.91:0
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash b3756430558b9abf41edbf97e2585631
9dcc86de0fa3f8a668356153b0bb1c26f5d275cc
d049a61472df33a1e060571cd10d5a1b7f7be228fdbb5396058584e8c3aab84e
Analyzer Verdict Alert fortinet Malware
GET /common.js HTTP/1.1
Host: www.mypopcircle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mypopcircle.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 07:48:34 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DYr7N6jRHtdsKlCeH56ybw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b3zB2gZxn8A6zEAQDlagRiHfyWU=
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mypopcircle.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 06 Oct 2022 07:48:32 GMT
Etag: "4078521116"
Expires: Fri, 06 Oct 2023 07:48:32 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=AECE8D002B7AAC4640A7FEC44DDA3AD7:FG=1; max-age=31536000; expires=Fri, 06-Oct-23 07:48:32 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash c9821058afd5c3c3ad189e2694a85412
4c78c637fc01e70cabdc9b9a49218b31b11ddc15
3cf5e5118d7bd9c0ea9b62f951819661f613eab2adaab685000d6de6125ff49d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 10 Oct 2022 04:48:06 GMT
ETag: "4c78c637fc01e70cabdc9b9a49218b31b11ddc15"
Last-Modified: Thu, 06 Oct 2022 04:48:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 252
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ccb9a4f6eb512-OSL
api.share.baidu.com/s.gif?l=http://www.mypopcircle.com/index.php
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.mypopcircle.com/index.php
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.mypopcircle.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mypopcircle.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 06 Oct 2022 07:48:32 GMT
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 289a76fe11235def883a74b4c8a7021a
06c58955213f4c92c57b73e8b7c92ae330a1ac24
b0bc71c5198a40c6246e7184cd4b186439c9b93f237bbdd58514dbb08a9c039a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:33 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 03:46:16 GMT
Expires: Thu, 13 Oct 2022 03:46:15 GMT
Etag: "06c58955213f4c92c57b73e8b7c92ae330a1ac24"
Cache-Control: max-age=589661,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccb9afef3b509-OSL
www.mypopcircle.com/favicon.ico
172.120.206.91301 Moved Permanently 178 B URL HTTP/1.1 www.mypopcircle.com/favicon.ico
IP 172.120.206.91:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /favicon.ico HTTP/1.1
Host: www.mypopcircle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mypopcircle.com/index.php
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 07:48:35 GMT
Content-Type: text/html
Content-Length: 178
Location: http://www.mypopcircle.com/favicon.ico/
Connection: keep-alive
Expires: Tue, 11 Oct 2022 07:48:35 GMT
Cache-Control: max-age=432000
www.mypopcircle.com/favicon.ico/
172.120.206.91200 OK 785 B URL HTTP/1.1 www.mypopcircle.com/favicon.ico/
IP 172.120.206.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 19c6d3d4dfa85c99fff2abd5eec5238e
e43bb41732f83c6921de6c2acfb80d8f94bf8b9a
23cbec4f84670adfbb26ad3a3d694b6ea50ef41eccc0679309a583740a89bd82
Analyzer Verdict Alert fortinet Malware
GET /favicon.ico/ HTTP/1.1
Host: www.mypopcircle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.mypopcircle.com/index.php
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 07:48:35 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 07:48:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 07:48:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 07:48:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 07:48:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 07:48:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: f3cb33c4-26b6-4fd8-9293-dfb42be34600
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZiEZ4IAMFvLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-424459547db8b3d721d75e54;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: q70sezhl0h-lASzUDh5_WQ6KraRa3fWYl_tO0iuE0CpbJ5GeiihgMw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
age: 36687
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 34755
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2e00e7f6054a915275111712ae68feb
016d84f56f97f1ab12c4046177e3e809aa861729
d042df692c87770504eaa80dae07601163a3b330061b5b9ec7b66a2bec759150
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11478
x-amzn-requestid: a09aebdb-ec16-4f21-b972-6f97eda93ac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjRNiHLGIAMFcFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfbf0-28d33fc650641df56dfb5b06;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:49:36 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: RqNGDz8fc7-Et0JSVOTstRITabta3ruIF-gtPFu7jtBRbiLDBv_cGg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:48 GMT
etag: "016d84f56f97f1ab12c4046177e3e809aa861729"
content-type: image/jpeg
age: 35385
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af17f003b33d854fd024dcd3980fea27
1282572af57f7d04cae3f736a9b9fcb378efdf70
5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 13:09:19 GMT
age: 67154
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 746e3c38e01d58e6fa0728798221a830
b19dd1d42995ea4242505b152e77835442341581
c524a2e7e29690030b7402077f711e643674c8f42de071214f3909b447fb1e3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6933
x-amzn-requestid: aa50b0cd-e931-49a9-bce3-00366738aea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtNGKPoAMF6UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df987-77a4f8306103dcdf3de7d1fd;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: aRwLcesGtAJ-M6BLPyzdprcMh8tvcxVH6AOG2LJc8aSYLR0BR9WAwg==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:09 GMT
etag: "b19dd1d42995ea4242505b152e77835442341581"
content-type: image/jpeg
age: 34764
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:50:38 GMT
age: 14275
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?a003bc555cb7a55f093ee9b839eb6f87
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a003bc555cb7a55f093ee9b839eb6f87
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash aa1ef8b96f2ec951e144f2eea2158eea
9d0f3f1246517c399324b074a64f0b7d41b2d6d6
4380fa27ea20164fa10de8c2e931ad54088d09bc69e7bcceaedc19a793530412
GET /hm.js?a003bc555cb7a55f093ee9b839eb6f87 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mypopcircle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 07:48:33 GMT
Etag: e60c6f0988696712130f8628c7b1f4c1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=35DE681B0E4241EE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3ab4d7900bc286fab05881fe19fc34c8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 2b7f01879e72b0264e4b22223fff5c8d
0ec959c4b967702b1a51b2d86a6d7264c07fb422
0e97044d78409d981fda8bf00cdd234549544ab7745bff3365f6d6686c623b53
GET /hm.js?3ab4d7900bc286fab05881fe19fc34c8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mypopcircle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 07:48:33 GMT
Etag: 95830daff105e1815de80274cc08942f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=13C1A17D9022201B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=581749105&si=a003bc555cb7a55f093ee9b839eb6f87&v=1.2.97&lv=1&sn=60304&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mypopcircle.com%2Findex.php&tt=%E8%BE%BD%E9%98%B3%E6%95%B2%E7%B0%87%E5%AE%9E%E4%B8%9A%E6%8A%95%E8%B5%84%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=581749105&si=a003bc555cb7a55f093ee9b839eb6f87&v=1.2.97&lv=1&sn=60304&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mypopcircle.com%2Findex.php&tt=%E8%BE%BD%E9%98%B3%E6%95%B2%E7%B0%87%E5%AE%9E%E4%B8%9A%E6%8A%95%E8%B5%84%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=581749105&si=a003bc555cb7a55f093ee9b839eb6f87&v=1.2.97&lv=1&sn=60304&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mypopcircle.com%2Findex.php&tt=%E8%BE%BD%E9%98%B3%E6%95%B2%E7%B0%87%E5%AE%9E%E4%B8%9A%E6%8A%95%E8%B5%84%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mypopcircle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 07:48:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=64CB947EC2D0564E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1057406388&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=60304&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mypopcircle.com%2Findex.php&tt=%E8%BE%BD%E9%98%B3%E6%95%B2%E7%B0%87%E5%AE%9E%E4%B8%9A%E6%8A%95%E8%B5%84%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1057406388&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=60304&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mypopcircle.com%2Findex.php&tt=%E8%BE%BD%E9%98%B3%E6%95%B2%E7%B0%87%E5%AE%9E%E4%B8%9A%E6%8A%95%E8%B5%84%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1057406388&si=3ab4d7900bc286fab05881fe19fc34c8&v=1.2.97&lv=1&sn=60304&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.mypopcircle.com%2Findex.php&tt=%E8%BE%BD%E9%98%B3%E6%95%B2%E7%B0%87%E5%AE%9E%E4%B8%9A%E6%8A%95%E8%B5%84%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mypopcircle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 07:48:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C5DD8C6CFC423751; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03255fabddfd0e8a5afe1246f3649110
a653a4809bd90c8ae2436cf29708d788d1c3a88f
3f968d1eb5b8576fa792abc864b93ea5422df1d37e4c6ad866479f54e9301be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F968D1EB5B8576FA792ABC864B93EA5422DF1D37E4C6AD866479F54E9301BE9"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 06 Oct 2022 13:48:34 GMT
Date: Thu, 06 Oct 2022 07:48:34 GMT
Connection: keep-alive
www.pguev.xyz/template/pgysvip/css/honglou.png
173.231.17.179200 OK 19 kB URL HTTP/2 www.pguev.xyz/template/pgysvip/css/honglou.png
IP 173.231.17.179:0
File type PNG image data, 255 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash d4c105833ccca617cb46bee0056a3c41
a2f68b0ede6aa3dd8d3f0e4107edeca86db20d1e
a8afa5703a09165e8d7ed63daed1d4ea87e49a3598a8b16c118d37366975f45e
GET /template/pgysvip/css/honglou.png HTTP/1.1
Host: www.pguev.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:35 GMT
content-type: image/png
content-length: 19004
last-modified: Sat, 22 May 2021 11:01:31 GMT
etag: "60a8e48b-4a3c"
expires: Sat, 05 Nov 2022 07:48:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pguev.xyz/template/pgysvip/images/1.gif
173.231.17.179200 OK 254 B URL HTTP/2 www.pguev.xyz/template/pgysvip/images/1.gif
IP 173.231.17.179:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/pgysvip/images/1.gif HTTP/1.1
Host: www.pguev.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:35 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Sat, 05 Nov 2022 07:48:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pguev.xyz/template/pgysvip/html9/ad/zxf88.js
173.231.17.179200 OK 614 B URL HTTP/2 www.pguev.xyz/template/pgysvip/html9/ad/zxf88.js
IP 173.231.17.179:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5544a44cad5faf09138fde07c5d2ff1a
b435357e5621bc4c023c289943638f84c560f644
e3e64dcfb2cb1868e64c1e44053032a1477e862b982567ae0003203f77115ba8
GET /template/pgysvip/html9/ad/zxf88.js HTTP/1.1
Host: www.pguev.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:35 GMT
content-type: application/javascript
content-length: 614
last-modified: Wed, 17 Aug 2022 09:23:39 GMT
etag: "62fcb39b-266"
expires: Thu, 06 Oct 2022 19:48:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fd1e82c55a066bd69cde3fd619dc867
6ce340c03a4cbbaa3eb221a39d1ff7d34bf16c94
3d50112fc45af29a927dbcf2677c1c7446cf86321ddee34cbaddc328c4023bdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D50112FC45AF29A927DBCF2677C1C7446CF86321DDEE34CBADDC328C4023BDD"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5827
Expires: Thu, 06 Oct 2022 09:25:42 GMT
Date: Thu, 06 Oct 2022 07:48:35 GMT
Connection: keep-alive
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0d60b272004873e82c03238ef7db6f8a
f96f87529feac19e4a224949880bf7f366f32d25
f6064789dbd8008813b0099b515d4a906ac8ba47ae1d5f6260b03aaecc219b9e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 07:48:35 GMT
Ali-Swift-Global-Savetime: 1665042515
Via: cache11.l2de2[139,139,200-0,M], cache11.l2de2[140,0], cache5.se1[162,162,200-0,M], cache5.se1[163,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 06 Oct 2022 07:48:35 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916650425157936155e
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Wed, 05 Oct 2022 14:18:25 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: uPQAAABmzwcKMhsX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1664979506
Via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], cache7.se1[0,0,200-0,H], cache7.se1[1,0]
Content-Encoding: gzip
Age: 63009
X-Cache: HIT TCP_MEM_HIT dirn:11:213564388
X-Swift-SaveTime: Wed, 05 Oct 2022 14:36:09 GMT
X-Swift-CacheTime: 85337
Timing-Allow-Origin: *
EagleId: 2ff62c9b16650425159727568e
www.pguev.xyz/template/pgysvip/css/zui.css
173.231.17.179200 OK 20 kB URL HTTP/2 www.pguev.xyz/template/pgysvip/css/zui.css
IP 173.231.17.179:0
Hash 891f46feb59c2f2050e34f2a3c66bc7b
58be14aeb15001e4781499f7fd0d76c84ab8a179
cb7b089d01a8d1d5ac8a68a62fe060e483ad2a08e9382d58014ca448f6edfa48
GET /template/pgysvip/css/zui.css HTTP/1.1
Host: www.pguev.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:35 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 03:05:22 GMT
vary: Accept-Encoding
etag: W/"62621b72-16462"
expires: Thu, 06 Oct 2022 19:48:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3c52792939dec2a456e9f2a839a41642.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pg.doitalie.com/news/data.php
20.205.43.35200 OK 18 kB URL HTTP/2 pg.doitalie.com/news/data.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c1a22d0c44b822dbc13899f05808b3cd
97859ca3ada26bb6277333469e624908d080ac4c
b0ebbc602fb42a63c1e571c2a3d386542ee6cced0e66fedfb5a637c500e14ab6
GET /news/data.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pg.doitalie.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 06 Oct 2022 07:48:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/zstb10mxxoc1149zstb10mxxoc095083.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/zstb10mxxoc1149zstb10mxxoc095083.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash d5d54b9d5793a000f3bcfa3087a6d8c6
642b1270db995cc64a537108edc4624ed506fb14
9d7d81ecf85ce37713b29faad44e1d0e67308e9042087025b3186e76ed62fee4
GET /upload/vod/2022/10-06/11/zstb10mxxoc1149zstb10mxxoc095083.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 10673
cf-bgj: h2pri
etag: "c545369736d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXTyO5ykaa2MHDp%2FCFUGpCwn74FLRoFJE9LCKdAc3ryHhU21cw9KmU7lfXrThMA1vmgc%2BJbPuM%2BYgQlMugaEPRYQNS0lPNjeC7Wkd7ciI7W1IMWVyXeZbHOrC5gib8sainuS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadcba4745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/05/hf0d0ahhiuq0512hf0d0ahhiuq5613892.jpg
172.64.141.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/hf0d0ahhiuq0512hf0d0ahhiuq5613892.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1364d975d24e226a04bcc6e7fc708a13
ae133467fd5648141710d0e312ad87568aa12a54
5b47204e808e7d517d359e6ec06ff88da625c75b554f63f7a57dd4d09f3b31e4
GET /upload/vod/2019/11-08/05/hf0d0ahhiuq0512hf0d0ahhiuq5613892.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 8470
cf-bgj: h2pri
etag: "1e765920b095d51:0"
last-modified: Thu, 07 Nov 2019 21:12:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mendOy3BWeUmsSgCjYhieYvre193mUCVzfVTD1T69jsPgPeIc6OUMOjQR7s8RYcDuE%2BrpbJ%2B087ggV3FBtcxPTEwQOrO6rVc7nC10GPxnZ7BejrJYJ3TfUsDTeKKRLR0YoPB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadcba2745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/05/3o2o4zrwkpc05123o2o4zrwkpc2413864.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/3o2o4zrwkpc05123o2o4zrwkpc2413864.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7596db8e4c19cb4810a27a9afb76e75a
c83fdb2396b339da9f2b4e8b310ca4dc95e4a60f
23a69b1e295b469dd72b2986d96b12ed21eaecc0383a9e7f6965de0671e86d8f
GET /upload/vod/2019/11-08/05/3o2o4zrwkpc05123o2o4zrwkpc2413864.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 11666
cf-bgj: h2pri
etag: "c5c259db095d51:0"
last-modified: Thu, 07 Nov 2019 21:12:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBDQktmEgPLgAkpG5cOoyBZppH9P0X6XKvXQKvGfF8x7UF6zwQcMYx5UmiBHSdFvi5CtbMya83PbZMQA7NAUBm%2BjuAanfEQd%2B3RLt%2FUpubZd8FZ7n9qNMWY0YZe2ANpyRQoz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadcba1745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/4vwveuo5ysv11484vwveuo5ysv515051.jpg
172.64.141.29200 OK 5.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/4vwveuo5ysv11484vwveuo5ysv515051.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 2c969ce722428fb4dcde69228d94dc33
92b7207712cf9a10c78aafebc3dac04c2e1019f3
8a979f098eb04419c067a4f80ca4f7a68dc7b93a9490fda40aae5e91639543c4
GET /upload/vod/2022/10-06/11/4vwveuo5ysv11484vwveuo5ysv515051.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 5425
cf-bgj: h2pri
etag: "53bd808c36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggNMMPRkr7pKOmNhhQAbwxdjL1bp9un%2BYauo8%2BQI0hV3rXr4NrhAoJhWI6yeb9BgFE99FhHZ9i6oZlFwhBm4GnNdr7NOlUvkIgYL9BaFZfPIUFcHxvgK7mCIBVoG5xolldBX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadcba7745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/x3aclsfqyb21148x3aclsfqyb2505049.jpg
172.64.141.29200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/x3aclsfqyb21148x3aclsfqyb2505049.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash fb47ec1f2438d30756cf2588b542aa2c
8af422efcae1e4be2242b3f9fdfe47e5fe7036d8
63d2ea56218f5699a9040cce92ad2fe719caa535f30d2ed585a06c5b2428c6f4
GET /upload/vod/2022/10-06/11/x3aclsfqyb21148x3aclsfqyb2505049.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 12712
cf-bgj: h2pri
etag: "cb8ef88b36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUnlPSBdFiMyJBuMUZRPgTo8zB5zrpqG4x5frmRtZpUN4iJqjWHKdIUAI8mUBB8aeppdazArwZIuJqZN1LfIxxjvED0%2F5XOZ%2FEkj6WbQ8bvEZbV7CoSkb89zswfekUuV1YTk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadcba8745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
172.67.143.17200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 172.67.143.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Fri, 04 Nov 2022 02:11:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 106602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sjt2a95fX%2BecQMii%2B65%2F9C0R2qNSlc4i3CZpDSllKxt4ijWO%2F9uCrkFeDMVkw5H4kr0kjhx2u1uVoRdMMSyVBBeJgVjooyciThB8w40oKvnzhbT4xEQplSyHINNUh4exw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaded79b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/05/dgcmivcvjvb0513dgcmivcvjvb1213906.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/dgcmivcvjvb0513dgcmivcvjvb1213906.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 42e3b3b8101bb93ca10eebbfcc9f8afe
512a11a692d347997a2885aee727574d2ae9ffe7
865e1aa73ca1abfabacf3ceff1e521de63c75f972b52df9cbdeaea6e991ffde6
GET /upload/vod/2019/11-08/05/dgcmivcvjvb0513dgcmivcvjvb1213906.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 10011
cf-bgj: h2pri
etag: "318fd29b095d51:0"
last-modified: Thu, 07 Nov 2019 21:13:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSA6367BWLJEopB6HaQohHJhLvqyeX5NRe472WWw0Zh8OZ5Q2pXKb1zNa9mET2IwVcGBO2OqT2Ua9J%2FnlSKDK3TWjPZMF2jT4XBm9hxC5OkMiLTXx8zuYWpGcUniJfyzczIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadcba3745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/qa2hewmek0e1148qa2hewmek0e495047.jpg
172.64.141.29200 OK 8.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/qa2hewmek0e1148qa2hewmek0e495047.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 9d9cdfd3456c8423829957dd3bed46f1
30e1d8c5c4831abfdcf48bacf29394da27c144c9
a6fe37a00ddc6e500b6b1b2e3d9485364dd06688f360c82d64a8c8cc2b50bea9
GET /upload/vod/2022/10-06/11/qa2hewmek0e1148qa2hewmek0e495047.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 8314
cf-bgj: h2pri
etag: "63a7708b36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Olk1m7kIhvUp8CICtJixowp3G2IgZ6AUZqqNIS2XuMpRCzftcgWjg4Dm84ZEblfvbEDL0292IMji7kTZ1GopA1OaBTb%2BbDHDHuCLwm790kktDaeXifiaetk2IoWaX3muZeaL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadcbaa745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0173ecf755541533d35bcf78df4207d3
ed6edbbb3019f348cf35addde880436153c73797
d8bf49878be32ecc06eec22f8acf562a500b3d19232e16412acb35913f121e07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5508
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 07:48:36 GMT
Last-Modified: Thu, 06 Oct 2022 06:16:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
fmlb.netlbtu.com/upload/vod/2019/11-08/05/gbvmxqamtxt0513gbvmxqamtxt2813920.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/gbvmxqamtxt0513gbvmxqamtxt2813920.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8b966b6187630314ce688447ef1ec4d8
550645449e2f9a06219cbdbc3de4266f3ce062eb
d1e2cc0a0b3cb54f40c2bfffecfc4073c540701c7b94a344134bf449907d63e0
GET /upload/vod/2019/11-08/05/gbvmxqamtxt0513gbvmxqamtxt2813920.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 12120
cf-bgj: h2pri
etag: "c6a7133b095d51:0"
last-modified: Thu, 07 Nov 2019 21:13:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5IsThYR%2BAgUanCo3QsRvwewwwIN3T%2BWUell252nGI0dKsXQHCs80i7ZP4cyIUxI6lXNsDrgHhEsG4PXq82Bblt6iT89SclNfATP%2Br4MTh1%2FkqQGc9bfGKkHr5u2ddDVmk31"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadcba6745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/ezy325bhff01149ezy325bhff0135093.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/ezy325bhff01149ezy325bhff0135093.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 166387519edc0b1cc67703f39faa8c08
e27e1df546b915ac7fdd58f742f64add10ad5907
2b84e2739d4fd5549363fb13f40ef0e51743540946424f9bd4a5f1fb469dfdc4
GET /upload/vod/2022/10-06/11/ezy325bhff01149ezy325bhff0135093.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 10671
cf-bgj: h2pri
etag: "b5a2cf9936d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7gzj%2B3c%2FkHhHcFec%2FLcorLcWWweaumvqh1ebOi5EJL6HhNQU0twhlIENcuu9Q%2FHDNLINr9UpGafqEqEr7f3V6GWC2%2F7zUzjAtibyAMcTFqn4d8sC9rwSCzqaDFJVVHDcr94"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbb7745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/n2s044zknp41149n2s044zknp4135091.jpg
172.64.141.29200 OK 9.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/n2s044zknp41149n2s044zknp4135091.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash ee25cb2e9f67c0849cfc09841129ce82
04931af30b90035e64d97289d3dc2b1313b5af65
7c1806a0aff067f0535adc088a9820c6ccb6fcce40fc32fb54092a8787fc7fd5
GET /upload/vod/2022/10-06/11/n2s044zknp41149n2s044zknp4135091.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 9023
cf-bgj: h2pri
etag: "68e24e9936d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PB%2FWZvjQXq0o5uAA0wP5GTt0yTtQVEFjhMKsNbWPZBth%2B49wmvB%2FTM5bJz7kVt1M0mxBwVcGZaDrg3CRU2KsAkIE09%2BoRcSxbtgkb4XtK8cPbl%2FucvgTxDdf5HcGHp6w5Ey%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbb8745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/xawopxuvekq1148xawopxuvekq225015.jpg
172.64.141.29200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/xawopxuvekq1148xawopxuvekq225015.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0d989bb823e83e3307c1217f80ca9504
67359ba5dfd8d158f0d4d167ac66d02c7200ee4e
e0f4999bdecfc95861a8469bc16bd088838174ba658ee178f80b47ef4f0c61d2
GET /upload/vod/2022/10-06/11/xawopxuvekq1148xawopxuvekq225015.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 13203
cf-bgj: h2pri
etag: "963f697b36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1EihNYY3vSHXTOBRebtKn9TTX%2F8pr6j2lRjIQ4c%2BwXBTPPDVlVBFyw0QPqVNGiQ8pfqzMKsXjr%2B3ZbEyW2d6ORDL7wn85njErdzdmKaByyJFwM8McoBRNGOmp9K8Qj552dn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbb9745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/xq3rl2rf1wh0816xq3rl2rf1wh4020856.jpg
172.64.141.29200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/xq3rl2rf1wh0816xq3rl2rf1wh4020856.jpg
IP 172.64.141.29:0
Hash e54f503c6bfda5ddc98aae3e2de63482
6b1f90b2bfd272a67cd8390fb0fb77692f6b55ec
7bc99b97abe1517b111d698147956f16302c7cbc0b9e8f4fa6f001053e33bb62
GET /upload/vod/2019/11-08/08/xq3rl2rf1wh0816xq3rl2rf1wh4020856.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 7250
cf-bgj: h2pri
etag: "a6d2eccac995d51:0"
last-modified: Fri, 08 Nov 2019 00:16:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 835
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hvhqtG5YulrTvZrRknDDtRtbb1loY4r019AoDAYRGSDIijPYOsCaxoDf3OCiPLlKRqE4%2FpMfC5mA0O%2BWSIvVNjRr%2FJsOrj3E%2FzzAkMLUiA25eqRCsICt4fgvf3C8Far7oGm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadebff745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/ptsd1gtc0rn1148ptsd1gtc0rn225013.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/ptsd1gtc0rn1148ptsd1gtc0rn225013.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3b2b7e98fa3e256b760c78c5b5e4013d
a96d4ed404f6e1409a53739fdd397e6b1151aec9
ae12e419fd964abb6bfce9feed86e3e4827d7a21afb70c548d94d3584c1b5578
GET /upload/vod/2022/10-06/11/ptsd1gtc0rn1148ptsd1gtc0rn225013.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 11848
cf-bgj: h2pri
etag: "3fbae37a36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mu6IJ1EGGARAaHjUk83IbmWJEZmoTJG%2BtYR9vyF6bMLD49y%2F87GrLwlwGxHmEYZqoZ9TcNLxz3JSStyPg432GRLD6LgOHNycKINvaa6OBi%2BuTIyv5LT2i2gJOviRYEjYMYcn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbba745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg
172.64.141.29200 OK 9.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 41b481766a540b769f7315663aa97b38
f568219dacca45dc8e23fc4dd56a4a4e25bf2b59
b7c6bb271a51a48f7e669b901e2f9e4a7d5bf02eaac5cf03b6100491e74f44a8
GET /upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 9594
cf-bgj: h2pri
etag: "1d4188e36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bIBOAsluEiyMge%2FHzqpw92x5KHQ3WIque9UDKL7XhTTj86wwOxJebnKdfcOgDy4qFuRzAU4F%2Ba%2B9VNF3NLO1eAxIlS%2FHWAvqQWtlRSbfsOfSMIOAhx9pHBS9oSudvpJ%2BsMJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbbb745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg
172.64.141.29200 OK 8.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 6515b428812ee0938a3bd77f6f2a17f2
f9babb54d289c90562d6541315d39da09cf76919
086a58422c77df96f57f2ca4c0773c63ab07f8ac492ef7f63aeb8b8641774247
GET /upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 8644
cf-bgj: h2pri
etag: "e6bd908d36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BFPefCnxIOEdFryKbdstM%2F4QXLApSMziMoHdDk2KbAK2W0sunSsIC2h%2FXa0jCdb8NOFa4gKMcjSe0w5DhGbHy%2Fx9uPOhObi5rjAYJoYf3kZaspzfCKS%2FWA4TUBKUtQ%2F090i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbbc745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/shl0wqixzca1148shl0wqixzca525053.jpg
172.64.141.29200 OK 6.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/shl0wqixzca1148shl0wqixzca525053.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 286f3540a23958ed0166e1508a7cf88e
a2f554ee0333ca7bdb480f1482a347620cf58ebc
da38c2325069ce44959cd13ee154b6f2c08acd083b8660a132e6c0cfa3cdded4
GET /upload/vod/2022/10-06/11/shl0wqixzca1148shl0wqixzca525053.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 6152
cf-bgj: h2pri
etag: "27cf88d36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eASAIqwN3zVslsuamCSGSwEFjeR41UEM6Sm%2F0nlyOKg5qtCTPWf67R9fm%2FgDsbfUSmQ3jMEaoPwVjHtxJEChjZJ3tRQ1fD6vycox7mPQSJv3zl%2Fldwfs0339RdA5KYcTlovo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbbd745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f2a8789ed6ea14341492d37fac4595f9
c88bf5860453ad667dc58c27deb31873acc61cd5
5b8460b19f3d79f29044eb4884447e61a5894d58d2dbb232eeb991313dabede4
GET /upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 12196
cf-bgj: h2pri
etag: "72f0c1dde169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6455
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w85%2FRKWCV%2FbWOqI9ud%2B%2FB52J3TR8hN1wffSI1YH3KlllC59mMmx8yuzEDGOBZYy3b%2BgWXU%2F3x%2FSOLcp%2BWrgkgj4JlVnS6RiFt3F6XKHs%2FOdoU%2B%2Bw4yfxkQJGO9pQaebhbr0B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbbe745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/42s2zrmf5yr114842s2zrmf5yr265023.jpg
172.64.141.29200 OK 7.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/42s2zrmf5yr114842s2zrmf5yr265023.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7f1d7ec30b7cb8b041de0e080e53286d
91ae641ced066fc3a24170a393226170cc8f2a24
63bcfdb5e2d05fd4bcb3aa388b11621ec5c42df5a060180e69db8c11d2cffda8
GET /upload/vod/2022/10-06/11/42s2zrmf5yr114842s2zrmf5yr265023.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 7056
cf-bgj: h2pri
etag: "1afaa77d36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm9pF0KnCutXh2IFbLfMdzwwi7IsvoNinvlkbRJqEXzV%2BvMdzIC8XyksHT%2FrWcgaw3Tl%2Fsc5ENSFvQAW3pDgwh8dO%2FFK8brkuDdU4iGMQSDC%2FFDHGY5vcsf4Q6lSj98meLUU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbbf745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/arikpgw1ap41148arikpgw1ap4255021.jpg
172.64.141.29200 OK 7.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/arikpgw1ap41148arikpgw1ap4255021.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bb7197d04e797e2f9947eb8980e64c25
89fd901800e155f7e5f17b78403de024376227db
206cbde9191e61a479eb8045db830cfa2bf965661906bddd62b9be0aed8c2c39
GET /upload/vod/2022/10-06/11/arikpgw1ap41148arikpgw1ap4255021.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 7913
cf-bgj: h2pri
etag: "63d7247d36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FL5Ij0RGIXf6TW%2B4hVudzMyD6d54GBtn5oFSnbnws2TF5mjIljtK24enQYVnagJYSgYRPoeXJVccYY6amH8A6YACW5xOfUwV1LNwMRHydMaK4d8FEoWjHfDvVbKw26NfrBP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbc2745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/3hzaknuwf3i11483hzaknuwf3i245019.jpg
172.64.141.29200 OK 9.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/3hzaknuwf3i11483hzaknuwf3i245019.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 807134232e869db5ad8c4bc5e32ee550
c150155459b5d9e88c283450ae7799312c4a51a9
1f1c327e0d0cbe61364f53fb6f2b8a8ca4b2ed90330fecca9ae0a7aa3b8dbe32
GET /upload/vod/2022/10-06/11/3hzaknuwf3i11483hzaknuwf3i245019.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 9930
cf-bgj: h2pri
etag: "57df9c7c36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr4WID46ImmwmmsvG86syb0rB1RABCkibay4a34Pqi%2BRsgv%2BC4TnPccDvatSxXiOZyNen0mgYvzg%2F%2FhoZBKsmhqmZxjqxpxm8kStDL5O0RPY%2FofTcH9x9FEyCiEUwMyj7U6U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbc3745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/43t22p522kk114843t22p522kk235017.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/43t22p522kk114843t22p522kk235017.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 87225eaeddc35e246a3d8fe596c916b5
b24ead2dcbf436a79c4cb968bc605211ac4b9ec5
07dcebf7366489dbce2b8ad6723c9eef17d3b5fd35b49e8103e368233205b427
GET /upload/vod/2022/10-06/11/43t22p522kk114843t22p522kk235017.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 11735
cf-bgj: h2pri
etag: "5426f17b36d9d81:0"
last-modified: Thu, 06 Oct 2022 03:48:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtEwedln%2BWavCR9iZA6vO37O4FvO3K4F8d%2Fu570HRwuTQSfdyxpOeDFY35XgEJXBlbwXPPo8oYIXxEUezvL%2BQqjUNepSWWhaGuAPEmcBJwCkQyERbSxMorJDfCXH9FQPprF5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbc4745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
172.64.141.29200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b567dbb6fb1db9f38bd0459ee707f4a9
a78cf16102114a17aef64addc6e1ca8db381600a
7c80046668ca43bae8a195d776c6afc2895a45869fa18e8dc239fa279f7102d3
GET /upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 9264
cf-bgj: h2pri
etag: "9a84eee1e169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6455
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzvx9mQMHF21y0UPQJ%2BD1v%2BE%2F%2B58M6IVdKQOf4qMgAQon7lHzfrMhlDOR72I0QHaARS3jz6rKRjPxqdMThDu2Nx9FM%2B9yGEBP0URO%2FL5QMwgeHtYIjlZ7Qyub8MJufggOdtk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbc5745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2c45eda38d46f5acd58867ef8b570bb2
26b02ebb1c069acd757c04f2ffcc81a085470907
a8a0ed14544bd1b8eca15c0faeaeb4cace07a7da700cc21ef7a0b47fa38daffd
GET /upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 12006
cf-bgj: h2pri
etag: "c23253e1e169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6454
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp%2BLj%2BBTOWUwK%2FVb5Zq5eGnv02eEy1R3zzlMbhLGePyqBUYx5NyrxhHRjCbMo5S4fKPgX43FPRRUJ6YhRDwSTgnLwHWTJx9RYqq1mrSSWay5GYvurkjZDhL%2BtS7%2FreiD9ZUX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaddbc6745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 34ff69ac005a1758f959b2e19def96ca
17413ac3a9fb102c5550118f38cb659effeeeb23
f72cf38f8da2e02865cd9be56d03b884d3dfe727ea06884ced64e38811329ac2
GET /upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 10559
cf-bgj: h2pri
etag: "604dace0e169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=968rTVeQVH1dNZPtHJn0dwxML5%2FCZgS6SZlnvKRugRNXHaxREYsFbbckTbvthHFunRiPV3Hvk2LRUNxjr46ikeXADZc%2BGtim%2BDXptoH4iemUS%2BPdA0EPum7yNs3fSa42L0qi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadebfa745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
172.64.141.29200 OK 6.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 58ea27a500bcb3f3d868101711779560
a162c0e988323069e6396902f2fabc9da1205eb3
583dda68ba080f07505f0ba01f8d5395ef9afaddff065cbff72906e9f61aecca
GET /upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 5954
cf-bgj: h2pri
etag: "23f7adfe169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEiLlODcxm8IFlQHJJQuzvHuksQhdSVrMCkQ1FP2yKv3SDzLV2mD8erYtzPL9AfBQ61K8QWWmuVz%2FL6sYGf%2FX9ThBdGWTvsWOMSqKGXIXi9FoZnTL5%2BeoRKXUIQvLVnjN4uF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadebfc745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
172.64.141.29200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4de69e86cac1b908c088cafd5a7b0b6e
cd030960d031bb1ce4e5d46a39bcda1ae56e0064
a9da837629b12da43d48dccbce14f1c401280a7d67afb0a58f556abf402122e6
GET /upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 13417
cf-bgj: h2pri
etag: "78394cdee169d61:0"
last-modified: Mon, 03 Aug 2020 22:03:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkAzqRafvINXVZh9dkjvUdAs6Kr2qy2jcpJdOBkVspdnw%2Bm91PTyM073WH76A4xmvVkFS%2FIefNWE%2FnyNtqDZO%2FmcgLyOzHcH89HISgFLAhYM9vxjDt7azPV%2BAINIWAssMj6b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadebfd745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/epwrez5wcjl0816epwrez5wcjl2420848.jpg
172.64.141.29200 OK 7.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/epwrez5wcjl0816epwrez5wcjl2420848.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 59b8c65d0f5e6cb0567e089128a6e6af
5ca0e660761e9548a99cb83c7503334e3322f9d4
c8672b3bb2bbaa7ddf1579355033858c389fe580f9e45c098bcfa4340ac63229
GET /upload/vod/2019/11-08/08/epwrez5wcjl0816epwrez5wcjl2420848.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 7688
cf-bgj: h2pri
etag: "8fb871c1c995d51:0"
last-modified: Fri, 08 Nov 2019 00:16:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvxB5NopxmqEmVOBq3gJATfd8oyGhlu8f5F5cexhbmHVIxFLAA%2FZoTlWvvwW5JS%2BcmEl%2BNPmc4ktku9%2F8Uk8ZFWEPCNp%2Fqvnyto2oDZMA%2Fi4I6lJrOGVK6UtFfn0LrXBDMtu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadec01745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/lnrzxizv5sj0816lnrzxizv5sj0820840.jpg
172.64.141.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/lnrzxizv5sj0816lnrzxizv5sj0820840.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0c538b8efdc2b603ec6645db5fd2a829
4d7fdb9a4e88c013b93c01011b1332df9d3e48de
8e08d63e0b25c007ce718a9a793bf460520c93ac0b66adbbc32dc26e77b2096d
GET /upload/vod/2019/11-08/08/lnrzxizv5sj0816lnrzxizv5sj0820840.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 8804
cf-bgj: h2pri
etag: "d0c5fdb7c995d51:0"
last-modified: Fri, 08 Nov 2019 00:16:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 835
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Od5nMkLd8DcB2jGpjOVSAYCq2ofE3c2GJZUN0C3VPGnWhV%2Bvst76Z83XRwL%2BOmdfmN9Q%2FxJUJYeqSudq3bH6EnBCvIVT86znzVLUbAi%2Fb438IUQ3mNM11QRXCV2Ryl9YCyz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadec02745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/0vqz41nki2p08150vqz41nki2p5220832.jpg
172.64.141.29200 OK 9.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/0vqz41nki2p08150vqz41nki2p5220832.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7ce45f499100503a339d765138fc5d5f
7a992e9153945d18f927db4d83ec6ae04452064e
6cd4125c07b22c0ec9f8ac5cf7038dbac931e1f29924b1e9e57751ac0bd7cffe
GET /upload/vod/2019/11-08/08/0vqz41nki2p08150vqz41nki2p5220832.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 9337
cf-bgj: h2pri
etag: "54358caec995d51:0"
last-modified: Fri, 08 Nov 2019 00:15:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 835
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zjq9%2BffL4RP5so2fSKhMSOaKFtB4y775iWcDJvcWaP%2FIeM4usKKZ%2Bo4mVr5SXNqrDzxZB9NyT9v%2BFPHJTkD0e9L8zGPrku%2F0xZlMbpn61Hxpdie6nma5zmq7F5Z7LdjCV7p3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadec04745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/pz12fkksoe20815pz12fkksoe23620824.jpg
172.64.141.29200 OK 7.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/pz12fkksoe20815pz12fkksoe23620824.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8560d66deef18411fb3aca68c04bab55
87f2fc793928b5aeffc2678c7fabf9d63569b5b5
4045fd5662c56d2034b09e9aff8e4897d2f7fb3cb59cde3264d39d1991a87084
GET /upload/vod/2019/11-08/08/pz12fkksoe20815pz12fkksoe23620824.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 6984
cf-bgj: h2pri
etag: "5a1b11a5c995d51:0"
last-modified: Fri, 08 Nov 2019 00:15:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 860
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rz5EOrkLRCCPmA8pit9FAUJIor9p8pAigxtTAxUIfc6Z2K5ijsnkOrPpE7d4bU1LbT7P9wkbV%2F7lRg1%2Bw1sKFT5mQR7W9y8NrNnuYD%2BQa8EA2DJ4LdCUg2blywlWXBsXKdr3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadec05745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/psmbryelsga0817psmbryelsga2720880.jpg
172.64.141.29200 OK 7.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/psmbryelsga0817psmbryelsga2720880.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a6cb7987e81b4a2b0719e29858ced95d
b499f90e4477cd7b56777b185e705d2f05f364de
9a65d275d6d2843ec463944bc822bfdd4c769f2a5292e3abbc89d03e4907ccbf
GET /upload/vod/2019/11-08/08/psmbryelsga0817psmbryelsga2720880.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 7931
cf-bgj: h2pri
etag: "518441e7c995d51:0"
last-modified: Fri, 08 Nov 2019 00:17:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 835
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lyh66K4RnMG2udACXDjTjPCiTq%2B2x7xW7yEbCg1ovuhRt%2BLptCBCetP0MzfszeC%2Fa%2FmTjD4Va%2BlshKVFEgMGLyPELFpLJ8XouEAGBf6iYlpV1s4cOF5KY%2BhUD2%2B5bZ1BsXc2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadec08745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/c1mv4k1vfkd0817c1mv4k1vfkd1120872.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/c1mv4k1vfkd0817c1mv4k1vfkd1120872.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash be7a2c4b4b443d5ec35114b35afefbd5
a6828d96ab76bbb5bfbd6760641f8e911e3c48e3
321e756361b3485771951e966f8063ee60c37e1646817461bf098329e789da3f
GET /upload/vod/2019/11-08/08/c1mv4k1vfkd0817c1mv4k1vfkd1120872.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 10129
cf-bgj: h2pri
etag: "b9f3cfddc995d51:0"
last-modified: Fri, 08 Nov 2019 00:17:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcuiabc4enoeuRs6FChs8CiMvDDVR23ryxKM1kGePQ%2B0hBkm2nd9%2FaawnlQm%2FUv4FQvI1x7kbKktfKfYSpuiD7oYLjPHEO%2Bsr4bJzlcJBmIu2IahoQQL06E4oUgG7AlSIXtW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadec09745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/08/pxoee4k4yna0816pxoee4k4yna5620864.jpg
172.64.141.29200 OK 8.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/08/pxoee4k4yna0816pxoee4k4yna5620864.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 26635x19976, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 73e0ea1b063ea1d7a794d51f114f4b0f
3e4596e4da86d64487bf98dd5bcf1e97e0fef7f4
eac9fb79c5823cce24a86107a4f92cbf3c5b9bed645259637e726869001d17fe
GET /upload/vod/2019/11-08/08/pxoee4k4yna0816pxoee4k4yna5620864.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 8471
cf-bgj: h2pri
etag: "a705cd4c995d51:0"
last-modified: Fri, 08 Nov 2019 00:16:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJtGgTsm9eKOTPU0z%2FFQyWhegxD0Arh0LU0CtoMtKD73VSDKRQtv4I45YwegeWWG6EDJ4UuAdT9hzyfXA6r4OCMIEZvaY5q5vy52ADuMO5yMOL83b4WCqNWEIjarPRBjGi22"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbadfc0a745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/05/wzetw0qkgp30512wzetw0qkgp34013878.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2019/11-08/05/wzetw0qkgp30512wzetw0qkgp34013878.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c7c84a6346f334eae0e19b76f17ca9b0
77b61a14f95266b3a5fd890f5bec8380618511ee
a4d58f20146edd5cb12d5249ec30659e52df671aa964b3dac1fb44094226e2bb
GET /upload/vod/2019/11-08/05/wzetw0qkgp30512wzetw0qkgp34013878.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 12312
cf-bgj: h2pri
etag: "ced016b095d51:0"
last-modified: Thu, 07 Nov 2019 21:12:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MR%2FYZiSZEa9IdDWr6rA4IOTtnotMkpY3o0t6SQdFo7aO8hi04cEIJpVsBaCITt7t32acb58yYJj6WZWPcRZ0rVHkRO6NvPtX6GtNz7yGE6jxlhdyZNqe%2BmjM1E7ZdGhrAuO5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbae0c11745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/fo0mpx55wu41149fo0mpx55wu4125089.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/fo0mpx55wu41149fo0mpx55wu4125089.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash c68743ba0e2965a7ee1cdac06f796763
eeaf1156807944bcb447dbbb758fc0ee2b3fd0c4
c4f7aab69d0c4d47188238ba799c9bc018bc4dc5de24195eebebc7539b549006
GET /upload/vod/2022/10-06/11/fo0mpx55wu41149fo0mpx55wu4125089.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 11418
cf-bgj: h2pri
etag: "5f35c99836d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53mKmvui6l4I42UDjZXDnYXgqure%2BCGv8ZocknjpiPsvbFe0rx9P3UESISczlFFwINt6rWEuo2HXKAV0J9weMdIXH0qIHwAVE%2FBKv6hN1RGWiLVMOdcbyDRROJFzMKdo27yE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbae0c12745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bf538a29630af9533e15270da6ef44b6
1742821a98a1869d27894c1025609c5f8b07beb4
2c256837b2061287c1b59488cae733342b78c16ee2bbfbda63858fc2647e8c3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C256837B2061287C1B59488CAE733342B78C16EE2BBFBDA63858FC2647E8C3E"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=736
Expires: Thu, 06 Oct 2022 08:00:52 GMT
Date: Thu, 06 Oct 2022 07:48:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0173ecf755541533d35bcf78df4207d3
ed6edbbb3019f348cf35addde880436153c73797
d8bf49878be32ecc06eec22f8acf562a500b3d19232e16412acb35913f121e07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5508
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 07:48:36 GMT
Last-Modified: Thu, 06 Oct 2022 06:16:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
pg.doitalie.com/news/index.php
20.205.43.35200 OK 9.6 kB URL HTTP/2 pg.doitalie.com/news/index.php
IP 20.205.43.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 50e35607da79d1f0e82dca673e375218
ea8d90bc5d8a2ea97779488bbe48752409ec31a2
6b25cb50ee1d728c1f5ed7d4e1c0f7ae23cb7b1a9f61adb5c003114f97006b80
GET /news/index.php HTTP/1.1
Host: pg.doitalie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mypopcircle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 06 Oct 2022 07:48:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/uedvmmfxfg31149uedvmmfxfg3105085.jpg
172.64.141.29200 OK 8.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/uedvmmfxfg31149uedvmmfxfg3105085.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash a899d85a9f1bf0c68f6e5dd6cd7b3409
e938653d460ea8ae753490cae325704eea883486
405745298dbd91069753d00db1802c248d6596f9c99f6b8fcdfd834f806d5375
GET /upload/vod/2022/10-06/11/uedvmmfxfg31149uedvmmfxfg3105085.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 8046
cf-bgj: h2pri
etag: "af2cbe9736d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5lCut2Q26NUQjdvG9EIAyBRqshQG42Y9r8DLgWANm7W7Zyig2XSNSHVj4rpS4AZxLuRVxvO5YRhmIv3k%2BwablZyajQvgJYw4%2FnR4%2BhL7Ai6JzS5rlNaXoL9%2FveUFCMDi9Ov"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbae3c41745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 39f7b4fc596887ef4b0addcda1049909
b44d8fa8f64022261e2bbbbcb8254511aa4dde4f
a328ae5cf0240a57e4e0779b558ea98fbbecfdcb58db907ebedb9123b6239e1b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A328AE5CF0240A57E4E0779B558EA98FBBECFDCB58DB907EBEDB9123B6239E1B"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17620
Expires: Thu, 06 Oct 2022 12:42:16 GMT
Date: Thu, 06 Oct 2022 07:48:36 GMT
Connection: keep-alive
www.pguev.xyz/template/pgysvip/images/video-mask.png
173.231.17.179200 OK 107 B URL HTTP/2 www.pguev.xyz/template/pgysvip/images/video-mask.png
IP 173.231.17.179:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/pgysvip/images/video-mask.png HTTP/1.1
Host: www.pguev.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Sat, 05 Nov 2022 07:48:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pguev.xyz/template/pgysvip/images/video-play.png
173.231.17.179200 OK 1.6 kB URL HTTP/2 www.pguev.xyz/template/pgysvip/images/video-play.png
IP 173.231.17.179:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/pgysvip/images/video-play.png HTTP/1.1
Host: www.pguev.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/template/pgysvip/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Sat, 05 Nov 2022 07:48:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/10-06/11/caf2035qudn1149caf2035qudn115087.jpg
172.64.141.29200 OK 6.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/10-06/11/caf2035qudn1149caf2035qudn115087.jpg
IP 172.64.141.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b219240033fe75a80a0e08c52492331e
34fcea7e2e38ae9244d1323f17337f8f45afb567
a36b41c44ff943659b3183bb5bab1c1f9c10ab3551d8529d461d41deaf319e9b
GET /upload/vod/2022/10-06/11/caf2035qudn1149caf2035qudn115087.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/jpeg
content-length: 6022
cf-bgj: h2pri
etag: "a6b0439836d9d81:0"
last-modified: Thu, 06 Oct 2022 03:49:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYs%2B6khwS9HFFaqhl4Lpny9xvqOuGIGxM06sZn42TzTfOY6nmy%2F3kbeGZ5xncvf53GZkYHphI3HGdUGcGT2x8oD3Gb%2BgmMosz7adnG5qzzkDo2TET8OG0T9YOd0HLV8OX6sT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbae9ca5745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvmaa.com/fc562ab77f499f4a87e7cd55b58bc962.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/fc562ab77f499f4a87e7cd55b58bc962.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /fc562ab77f499f4a87e7cd55b58bc962.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/fc562ab77f499f4a87e7cd55b58bc962.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 39f7b4fc596887ef4b0addcda1049909
b44d8fa8f64022261e2bbbbcb8254511aa4dde4f
a328ae5cf0240a57e4e0779b558ea98fbbecfdcb58db907ebedb9123b6239e1b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A328AE5CF0240A57E4E0779B558EA98FBBECFDCB58DB907EBEDB9123B6239E1B"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17620
Expires: Thu, 06 Oct 2022 12:42:16 GMT
Date: Thu, 06 Oct 2022 07:48:36 GMT
Connection: keep-alive
acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
104.21.234.201200 OK 1.0 MB URL HTTP/2 acoossi.top/3acd6109c1789c68133976726c0d3a33.gif
IP 104.21.234.201:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /3acd6109c1789c68133976726c0d3a33.gif HTTP/1.1
Host: acoossi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/gif
content-length: 1024160
last-modified: Fri, 21 Jan 2022 10:02:31 GMT
etag: "61ea84b7-fa0a0"
expires: Thu, 03 Nov 2022 14:32:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 148554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvnVAvS%2FNYGnV%2B5a3CDOrtF4Jz7FfxCH50ktezvTt2mfeWXD2UTP9irRTbz%2Bt8sRyMWPDUh6ROp0f%2Bl1kOlaz5vkPeBw6dJXSTtlYjYyfCvQL0bN9HKBfoIn8%2BI9tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaeac998e0f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae77592fec7e7aab1267a3a66163c70d
99aa445473b1b3ad49f399771f5783141ecefb50
03a79289364c9e7963cbd3fd49fc5d47804cfca7d73da7ac1b86b7846372d6f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03A79289364C9E7963CBD3FD49FC5D47804CFCA7D73DA7AC1B86B7846372D6F3"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6347
Expires: Thu, 06 Oct 2022 09:34:23 GMT
Date: Thu, 06 Oct 2022 07:48:36 GMT
Connection: keep-alive
www.pguev.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=2022106Thu%20Oct%2006%202022%2007:48:36%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.179200 OK 3.1 kB URL HTTP/2 www.pguev.xyz/template/pgysvip/html9/advertised/advertised.json?refresh=2022106Thu%20Oct%2006%202022%2007:48:36%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.179:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 314a12865c93e0345f45da177b0704bd
b56bd95275da17799eae82d14538fca42db1216d
9d68f26bc6346b95ec409b5244fdc65d56f6b697ef4a1a3c35c5776adad13c94
GET /template/pgysvip/html9/advertised/advertised.json?refresh=2022106Thu%20Oct%2006%202022%2007:48:36%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.pguev.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: application/json
content-length: 3132
last-modified: Fri, 30 Sep 2022 14:01:37 GMT
etag: "6336f6c1-c3c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
nvhbbb.top/fc562ab77f499f4a87e7cd55b58bc962.gif
172.67.170.188200 OK 118 kB URL HTTP/2 nvhbbb.top/fc562ab77f499f4a87e7cd55b58bc962.gif
IP 172.67.170.188:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 118 kB (118121 bytes)
Hash caaa592fad00ee9d8db810c6fdf0741d
90c218822bb4e8237f8d7ba5ddf73e63ce80fd13
d8307cc1c162ce82416d8dcc966b31fbe2e6834c0e7eaecf021a98baf1a16083
GET /fc562ab77f499f4a87e7cd55b58bc962.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pguev.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/gif
content-length: 118121
last-modified: Wed, 10 Aug 2022 09:44:15 GMT
etag: "62f37def-1cd69"
expires: Sun, 16 Oct 2022 20:32:53 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1682143
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3NBZoR5%2F%2BntzxAxunthRWZYbxjku7RM2bMsRq1wf2jMkdR4Se66ztiRd4nubZS4pf8bM03tX01zjr6E17w0JT6tymRckd5gySBUPLx7fGv46YinYe2LjsVKPrWo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbaf9fa61c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
172.67.173.230200 OK 196 kB URL HTTP/2 kvtaaa.top/3c52792939dec2a456e9f2a839a41642.gif
IP 172.67.173.230:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 196 kB (196497 bytes)
Hash d00955c977d5037971037e8636e6e3fc
543dd6c4ba60647bdd10cdaa77487a688f3a13e5
ec4311d990968747d453095fe6ae0bbc000e16e25d288b96170c7a5a56a5ca24
Analyzer Verdict Alert quad9 Sinkholed
GET /3c52792939dec2a456e9f2a839a41642.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pguev.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/gif
content-length: 196497
last-modified: Mon, 01 Aug 2022 10:55:20 GMT
etag: "62e7b118-2ff91"
expires: Sun, 30 Oct 2022 14:25:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 494578
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sSwc6fbbBOHQ0FZVqKiTqJwWI7OKl74z7EGJbAxPYmmtFNLInTnLtPy0IxEAm1jwK86j0LTGgz4pLqxBiAEd%2B8zCuo4ucjfVSzPjS8dwIF%2BE0m%2BmvRphz0tVjT4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbafdcf7b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ttsetupian.cc/lm/cstggspk01.gif
104.21.13.145200 OK 246 kB URL HTTP/2 ttsetupian.cc/lm/cstggspk01.gif
IP 104.21.13.145:0
File type GIF image data, version 89a, 320 x 190\012- data
Size 246 kB (246207 bytes)
Hash e9d0b8904ffb196466d811f2eec57882
4da1e9b9265080e1c692414460f7e5986d9aaf3c
91728f3daddc85394ce7e774a07c7945064566983ce19aaeb3fd3e1b4e7c4318
GET /lm/cstggspk01.gif HTTP/1.1
Host: ttsetupian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/gif
content-length: 246207
last-modified: Wed, 24 Aug 2022 10:34:31 GMT
etag: "6305feb7-3c1bf"
expires: Sun, 23 Oct 2022 03:30:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1098459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1p9G9eQGIx1lYqjCQEDfeOd2dW2QVjPLSaYcdDqBk2CsCX9ps0uVpwrXWJtOHXO2kTXIR5KizhhGLgoWFJtUySoQ2%2B94cjitcgTF9TlwW4Oca7lfvqB4oSFfynnOSly"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbafec640b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da059b6a671ca288538cca673efec8a5
3b810df0335aeaf6551b19e28083212065b14726
7b911504db2edefc6de40789230a80257e9ddb17b39367eebe5e5d584ddf3f11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B911504DB2EDEFC6DE40789230A80257E9DDB17B39367EEBE5E5D584DDF3F11"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17537
Expires: Thu, 06 Oct 2022 12:40:53 GMT
Date: Thu, 06 Oct 2022 07:48:36 GMT
Connection: keep-alive
kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveww.com/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: text/html
content-length: 162
location: https://kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b93ea7f5b06968528eda88afdda059b7
f7012bdb379ae06fb6904ecad0449018ce1bd5f1
ac57dba09829af03c0248ca25ca9ec23d78b61ec5257e1e27d68f83e46ab8af2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC57DBA09829AF03C0248CA25CA9EC23D78B61EC5257E1E27D68F83E46AB8AF2"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8048
Expires: Thu, 06 Oct 2022 10:02:44 GMT
Date: Thu, 06 Oct 2022 07:48:36 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e747edfa69ec14559feb24ea4021cfb6
a11cfcf36080fdfda64d98139ebfb9449925a2b0
ba1e20e7e76e7cae6b6e9f1719f661e2e122fb5c597e8df12872858caca0f7b6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 03:51:42 GMT
Expires: Tue, 11 Oct 2022 03:51:41 GMT
Etag: "a11cfcf36080fdfda64d98139ebfb9449925a2b0"
Cache-Control: max-age=417184,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccbb0ddcc0b39-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f8bfeb5131e1fd968aa93a6201a0c722
6baf666a97c54a4cc3b8abd3ca4e628a03feaed5
e9c79edcc84f1b62329779a5b936183c3d8b76e9f6abd736f62ec72dc0371ad1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 04:29:51 GMT
Expires: Thu, 13 Oct 2022 04:29:50 GMT
Etag: "6baf666a97c54a4cc3b8abd3ca4e628a03feaed5"
Cache-Control: max-age=592273,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccbb0fbb60b49-OSL
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: text/html
content-length: 162
location: https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5524f83a0219980acbdac311e2b60ef2
927fb3cdda5984ed2fd4706dca065cbbbe124d37
46a9456e20b3af211bc22586c8f8e8e7961e3c7b05afef0a885b26cd2951b2db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "46A9456E20B3AF211BC22586C8F8E8E7961E3C7B05AFEF0A885B26CD2951B2DB"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6351
Expires: Thu, 06 Oct 2022 09:34:27 GMT
Date: Thu, 06 Oct 2022 07:48:36 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash d13e9ae53737a9cf2bb1e3423cda1bac
bc11511077763521f32d348c4671960524bc8d09
2ec8c53a8b96171006f02c10124047fab7f0fca40c473abb4dab0ed816f5ace9
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 10 Oct 2022 07:01:30 GMT
ETag: "bc11511077763521f32d348c4671960524bc8d09"
Last-Modified: Thu, 06 Oct 2022 07:01:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 452
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ccbb1cdfb0af6-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 08644241defa24a292b8694c589eb77c
28267f42aec6720def8878dd9ee6f7d6cea4788e
55251270d1fc351e0b7f777e2aa64aa7178508280d427bc65c8dab130d046b11
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 01:29:07 GMT
Expires: Mon, 10 Oct 2022 01:29:06 GMT
Etag: "28267f42aec6720def8878dd9ee6f7d6cea4788e"
Cache-Control: max-age=322229,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccbb0de96b4ee-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 30fcfa1ec853ba5786f9ad46de09a9e4
05c0bc3ca5e868cca4b51541fc4e4630491a36a3
5e9ef866604686141cac75470c30a6a918a1573389c64507b6a468ba433afdb9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 02:36:06 GMT
Expires: Mon, 10 Oct 2022 02:36:05 GMT
Etag: "05c0bc3ca5e868cca4b51541fc4e4630491a36a3"
Cache-Control: max-age=326248,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccbb0d927b505-OSL
www.pguev.xyz/template/pgysvip/js/jquery.config.js
173.231.17.179200 OK 13 kB URL HTTP/2 www.pguev.xyz/template/pgysvip/js/jquery.config.js
IP 173.231.17.179:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (628), with CRLF, LF line terminators
Hash 5355c4d1620ca12b16f846106edbba9e
85cadd8acb4c29550d750a37536e47b1486c1e86
2a3f6fd76da6e014a8e991d1c7fde78c6d04da99dfd01e8621f2a9d59654051f
GET /template/pgysvip/js/jquery.config.js HTTP/1.1
Host: www.pguev.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:48:35 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 05:56:06 GMT
vary: Accept-Encoding
etag: W/"61aef776-1469"
expires: Thu, 06 Oct 2022 19:48:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.151.21200 OK 400 kB URL HTTP/2 acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.151.21:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pguev.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 02 Nov 2022 02:27:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 278444
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQQanzJG0kv3cbsIf8Eq%2BlPwHedvBRl4N64ejP9wFv1p1%2F5MF9S22pSHUDPm8KKUSncNCV13D9v8MrYaZtj1iKJ9imAksPRZr%2F2KRkfLrb4sURaD4qBOowZMSqzv2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbb24fb00b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8f32379eee08be6bc3f64bc742c8e9e1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 967fa330ba5a3ffcf7a8fefb305c28e0
f78350226539f6225cbf6efaa1a6d6a6fc9334fe
f944f07e81999ee372062b59795a7b880b29a9510bd73fe9a3bb8da5b95a5d46
GET /hm.js?8f32379eee08be6bc3f64bc742c8e9e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 07:48:36 GMT
Etag: 3ac40545056a95fa60fd1c0135627216
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=ED104B7D1D2E57D2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash aaff689db40d6ad2d57638bb56a06e5f
91523214db95651569be5e6460cb7dffec7acc14
9d7c98142b3ff4efc670bcde64d7740faaaeb23f6d9b44852e18580298df477f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 06:21:33 GMT
Expires: Thu, 13 Oct 2022 06:21:32 GMT
Etag: "91523214db95651569be5e6460cb7dffec7acc14"
Cache-Control: max-age=598975,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccbb17e750b39-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5524f83a0219980acbdac311e2b60ef2
927fb3cdda5984ed2fd4706dca065cbbbe124d37
46a9456e20b3af211bc22586c8f8e8e7961e3c7b05afef0a885b26cd2951b2db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "46A9456E20B3AF211BC22586C8F8E8E7961E3C7B05AFEF0A885B26CD2951B2DB"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6351
Expires: Thu, 06 Oct 2022 09:34:27 GMT
Date: Thu, 06 Oct 2022 07:48:36 GMT
Connection: keep-alive
kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
172.67.178.145200 OK 832 kB URL HTTP/2 kvkjjj.top/1a182b41455cd11a06b7a6c90623f9cc.gif
IP 172.67.178.145:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 832 kB (832544 bytes)
Hash 8a1b22cb6be2662f8c75ace7480ea0e6
380d85b1d74b702a780ee04965fdb9908ab73171
928c9088a24d775a399ba9d24854b26a8a6a48bb1dd064d95b32c98d86dde7d0
GET /1a182b41455cd11a06b7a6c90623f9cc.gif HTTP/1.1
Host: kvkjjj.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pguev.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:36 GMT
content-type: image/gif
content-length: 832544
last-modified: Thu, 30 Jun 2022 12:03:43 GMT
etag: "62bd911f-cb420"
expires: Sat, 05 Nov 2022 07:48:36 GMT
cache-control: max-age=16070400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7nwuESuB3PlwJgND4mM%2FRxCrbsO4AqZ%2B5gXKNnaSFQlyEq%2FOSMHSP%2BBK9Uo6C%2FaegeGoPohinbVHDOQ%2FGsCO0vdjy97YZw5umnVbqqdpLmVIjTVLv%2FYMk56v5bt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755ccbb1c9f50b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b592edaa246104be8e56d27ec22c9125
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 16173cfdb49ad01f57e6e51ae862d30d
34a0d9457bc4d50fd5d405de1c5bbecfe7f194d6
faf09d4ba23f003592041b01613e9a8704267645ab33d291fb8e364a75554222
GET /hm.js?b592edaa246104be8e56d27ec22c9125 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 07:48:36 GMT
Etag: 67353654434e9edc4e1ed457e1e7d723
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2815B5BEE8389C31; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e585e103707cbfb334332e7e88896efc
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash d305ed35710e6edeb96d59d25b12274a
6fd1e0f4fbfea4246a2f67f98fba5c14581078d9
529acb6f731e0e8706021437a64eb463283f0c33ecad67c9b3bb098faa4997bd
GET /hm.js?e585e103707cbfb334332e7e88896efc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 07:48:36 GMT
Etag: c49a65db95b2706bbf0b7aab3a15be9b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1320D5092F3C295D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1948830510&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1948830510&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1948830510&si=825d1f32fc06ddc604b6ed5cc0c7d6cb&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 07:48:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B176CBF5BB707FC8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1011003315&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1011003315&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1011003315&si=8f32379eee08be6bc3f64bc742c8e9e1&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 07:48:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=447205EC3AF68AA8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6588faf28aa60d474bbdbefcb06a6b80
4c0b506d306e27b632ae6d9a67e9fd6608a70783
e2e5378295eb012b4c09a3528398ca1c7ad447837cea3a17ceda7809c00598f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2E5378295EB012B4C09A3528398CA1C7AD447837CEA3A17CEDA7809C00598F9"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Thu, 06 Oct 2022 13:47:50 GMT
Date: Thu, 06 Oct 2022 07:48:37 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=527798038&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=527798038&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=527798038&si=b592edaa246104be8e56d27ec22c9125&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 07:48:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8641F56BD6245344; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
79151879798.com/b8ca9e8def054d5284828d03b701ef43.gif
45.61.212.223200 OK 654 kB URL HTTP/1.1 79151879798.com/b8ca9e8def054d5284828d03b701ef43.gif
IP 45.61.212.223:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
GET /b8ca9e8def054d5284828d03b701ef43.gif HTTP/1.1
Host: 79151879798.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62d16582-9f991"
Date: Tue, 04 Oct 2022 09:25:01 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 15 Jul 2022 13:02:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-23
Content-Length: 653713
93533557591.com/109e604a3c6249d594c56004b700f28c.gif
45.61.212.223200 OK 720 kB URL HTTP/1.1 93533557591.com/109e604a3c6249d594c56004b700f28c.gif
IP 45.61.212.223:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 720 kB (719745 bytes)
Hash a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
GET /109e604a3c6249d594c56004b700f28c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee26b9-afb81"
Date: Tue, 04 Oct 2022 09:25:03 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:30:49 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-23
Content-Length: 719745
vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
45.61.212.142200 OK 259 kB URL HTTP/2 vcwzfn.com/6218a3c2db7446fb906b0de97f74ff22.gif
IP 45.61.212.142:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (259280 bytes)
Hash 53d090335e8e78b28c5a51a7bcd9f866
42c109960113d98371ae8b95c216ffd7ef1a2fcd
66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc
GET /6218a3c2db7446fb906b0de97f74ff22.gif HTTP/1.1
Host: vcwzfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456f4-3f4d0"
server: nginx
date: Sat, 24 Sep 2022 05:30:16 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:59:00 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-12
content-length: 259280
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1130524215&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1130524215&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1130524215&si=e585e103707cbfb334332e7e88896efc&su=https%3A%2F%2Fpg.doitalie.com%2F&v=1.2.97&lv=1&sn=60307&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.pguev.xyz%2F&tt=%E8%8B%B9%E6%9E%9C%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 06 Oct 2022 07:48:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4F4B0BAEE671FBEC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8d521fdcec242f8e62dc0d209ccb1d14
2a1ddeccce8e5811895ab640d26423cc1dda9451
49f3e4c243d7dc095f6c1355d701da1d4aff5aa844a0ab322e1e869d28265583
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 19:10:52 GMT
Expires: Mon, 10 Oct 2022 19:10:51 GMT
Etag: "2a1ddeccce8e5811895ab640d26423cc1dda9451"
Cache-Control: max-age=385933,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccbb65d31b4ee-OSL
89958716765.com/14112a98f9104043bc1d7e2e4ec39ac2.gif
45.61.212.128200 OK 584 kB URL HTTP/1.1 89958716765.com/14112a98f9104043bc1d7e2e4ec39ac2.gif
IP 45.61.212.128:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
GET /14112a98f9104043bc1d7e2e4ec39ac2.gif HTTP/1.1
Host: 89958716765.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630b2c84-8e959"
Date: Thu, 22 Sep 2022 08:15:11 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 28 Aug 2022 08:51:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-28
Content-Length: 584025
65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
45.61.212.50200 OK 580 kB URL HTTP/1.1 65686232255.com/53218c3090e04eccae534334cb03ed4a.gif
IP 45.61.212.50:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
Analyzer Verdict Alert quad9 Sinkholed
GET /53218c3090e04eccae534334cb03ed4a.gif HTTP/1.1
Host: 65686232255.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630cc146-8dadb"
Date: Sun, 02 Oct 2022 07:42:50 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 29 Aug 2022 13:38:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-20
Content-Length: 580315
taiwtp1.com/img/960120.gif
220.128.218.220200 OK 121 kB URL HTTP/2 taiwtp1.com/img/960120.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 120\012- data
Size 121 kB (120952 bytes)
Hash 8b1ce22d19b73e71ec05f04491df7cae
101ed504920b13424231d6fb3540fb7dfdba69e3
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
GET /img/960120.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:46:44 GMT
content-type: image/gif
content-length: 120952
last-modified: Thu, 10 Mar 2022 10:55:56 GMT
etag: "6229d93c-1d878"
expires: Sat, 05 Nov 2022 07:46:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f24598d6eb89a834aea66e306625ec30
dab4920f96274f43b6f2c572a88c47607a5a1d97
b10b3f2f5b3de5762e1e3c48abc8b4900e36ed5123b06a50cf4a1d6b2e3fea1d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 07:48:37 GMT
Ali-Swift-Global-Savetime: 1665042517
Via: cache23.l2de2[274,274,200-0,M], cache23.l2de2[275,0], cache5.se1[298,298,200-0,M], cache5.se1[300,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 06 Oct 2022 07:48:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916650425175067255e
si1.go2yd.com/get-image/0wut3IuOIN0
163.171.140.79200 OK 51 kB URL HTTP/2 si1.go2yd.com/get-image/0wut3IuOIN0
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 320 x 240\012- data
Hash 7a02a69b00eebfc2977f6d8417cf8141
2203e026eacda489b6e3aa673d5c14bb1526a6dd
e994a6c450acbc20fdca555a5a30d15af3af102f608bbd8a6a5bd295a1ee41ac
GET /get-image/0wut3IuOIN0 HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:37 GMT
content-type: image/gif
content-length: 50826
server: Tengine
x-application-context: application
x-kss-request-id: 385cb47819904891b6a20cdd2df33e9d
etag: "7a02a69b00eebfc2977f6d8417cf8141"
content-md5: egKmmwDuv8KXf22EF8+BQQ==
last-modified: Sun, 09 Jan 2022 13:06:09 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ks135:6 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:4 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:11 (Cdn Cache Server V2.0)
x-ws-request-id: 633e8855_PShlamstdAMS1se91_49072-58717
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 07:46:45 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sat, 05 Nov 2022 07:46:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
103.170.15.107200 OK 112 kB URL HTTP/1.1 unpfqc9.com/1000c6da2a3c4746b97daa78f8f1b65f.gif
IP 103.170.15.107:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 112 kB (112447 bytes)
Hash 41a695940d0c5bd9d1f0ad33ab681ccf
f6e7d43fa8b39e8cd6cca9ad9c5aaad86a82a318
92459e1266396e2ec84ff14b58a73bf069e195fcda3836f45a2550847e3df1a6
GET /1000c6da2a3c4746b97daa78f8f1b65f.gif HTTP/1.1
Host: unpfqc9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62935fa0-1b73f"
Date: Thu, 29 Sep 2022 10:14:36 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 29 May 2022 11:57:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-37
Content-Length: 112447
6655cy.com/cdn/ashkad.gif
154.197.13.102200 OK 311 kB URL HTTP/2 6655cy.com/cdn/ashkad.gif
IP 154.197.13.102:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 311 kB (311408 bytes)
Hash 99ed707e8993e93bff73dbb369e89b3e
21d1ef9c09316253b35c31df246c4cef8766df62
99d1c91a54ee659b7055b38390708fb6405f9b8e8f4d70a20616ced03adbfb62
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn/ashkad.gif HTTP/1.1
Host: 6655cy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 07:48:37 GMT
content-type: image/gif
content-length: 311408
last-modified: Mon, 15 Aug 2022 08:53:58 GMT
etag: "62fa09a6-4c070"
expires: Fri, 04 Nov 2022 14:28:29 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0
43.154.254.32200 OK 246 kB URL HTTP/2 p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 120\012- data
Size 246 kB (245730 bytes)
Hash e7c9418cc4b1db452845d03cb45877a6
d0706feced92a11abc2cb112d7f031238fd614e9
6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b
GET /qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mw0w7MbuQQ5cRrdj3eibSz1V0qtbt9zVpDgKLStHn5IMsY/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 06 Oct 2022 07:48:37 GMT
content-type: image/gif
content-length: 245730
vary: Accept,Origin
last-modified: Sun, 02 Oct 2022 13:04:42 GMT
cache-control: max-age=2592000
x-delay: 35078 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 245730
chid: 0
fid: 0
x-nws-log-uuid: d785d6f6-fb9f-4f99-9256-6df4558233b4
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash de2fe3dfaa7683b014206972f73fc46e
bca8a5cddff60a79cc1c26da82fff15742dab8a1
1ffa75ac6a80ca87980b5ed665de4b6b022fd21f233ab8de27616852dc9b7123
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 03:45:38 GMT
Expires: Tue, 11 Oct 2022 03:45:37 GMT
Etag: "bca8a5cddff60a79cc1c26da82fff15742dab8a1"
Cache-Control: max-age=416817,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccbc3f8cab505-OSL
vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
103.170.15.47200 OK 32 kB URL HTTP/2 vgvjkw.com/7f743b72ee5144caa28f7e1d8a8b2ab9.gif
IP 103.170.15.47:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 240\012- data
Hash 8e006882641a7a80a721cc7067dcf340
f45892ae4a2e8fccd1aa806c478c8311e9b13bf1
c031c60fa1e0afe9efaa02b19c928f634aaa26a52363b1ba5da0d1c23b4f23ae
GET /7f743b72ee5144caa28f7e1d8a8b2ab9.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pguev.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632456dc-7be1"
server: nginx
date: Tue, 04 Oct 2022 16:36:11 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:58:36 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-37
content-length: 31713
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 21c74c43a8dbded3b4b0ef68caf06f4f
58d6ef0577de971d6b1f189ff10acbd23fff021f
754824c43ef67143d6070e2301983c97a8b24b6de187ce13d1005f8d4bf50a0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "754824C43EF67143D6070E2301983C97A8B24B6DE187CE13D1005F8D4BF50A0D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Thu, 06 Oct 2022 13:48:02 GMT
Date: Thu, 06 Oct 2022 07:48:40 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a39054a8fb93537280347037644837aa
232526d8f60aa3ca496df02fe30e2039862814e2
e7ef7617f2c9e27fc9b1e0765c5ad63851dc76c6b123aefcbde3e9a69accbbd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 07:48:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 17:53:28 GMT
Expires: Tue, 11 Oct 2022 17:53:27 GMT
Etag: "232526d8f60aa3ca496df02fe30e2039862814e2"
Cache-Control: max-age=467686,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ccbc5aabc0b39-OSL