r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15187
Expires: Sun, 27 Nov 2022 14:27:17 GMT
Date: Sun, 27 Nov 2022 10:14:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2291
Cache-Control: max-age=89709
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:14:10 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:09:19 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2712
Expires: Sun, 27 Nov 2022 10:59:22 GMT
Date: Sun, 27 Nov 2022 10:14:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OV6NeA1t1doIUKZEHDs5ETltikd/HpgeFpEgS6QC15J9GqNa8SW+lneJRMIpV3TsXfd/qKG55g0=
x-amz-request-id: 2768ZG8Q49T9SWZ2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 09:44:35 GMT
age: 1775
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 09:19:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3289
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dienthoaikhachsan.com/hotel-sofwave
103.236.218.156301 Moved Permanently 0 B URL HTTP/1.1 dienthoaikhachsan.com/hotel-sofwave
IP 103.236.218.156:0
ASN #26658 HENGTONG-IDC-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hotel-sofwave HTTP/1.1
Host: dienthoaikhachsan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 27 Nov 2022 10:14:12 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.dienthoaikhachsan.com/hotel-sofwave
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 10:11:12 GMT
cache-control: public,max-age=3600
age: 178
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.dienthoaikhachsan.com/hotel-sofwave
103.236.218.156200 OK 777 B URL HTTP/1.1 www.dienthoaikhachsan.com/hotel-sofwave
IP 103.236.218.156:0
ASN #26658 HENGTONG-IDC-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 3f152a53d680db50aed80c3d2a79b0a3
585a234e906e458b97a1c24006fc54bec703796f
e338a17f30ce88e5549bdb3b43b54543c7f954c0a8cc8c6fbc1136aace021f7f
GET /hotel-sofwave HTTP/1.1
Host: www.dienthoaikhachsan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:14:12 GMT
Content-Type: text/html
Content-Length: 777
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6499
Cache-Control: max-age=88859
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:14:11 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:55:10 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.dienthoaikhachsan.com/tj.js
103.236.218.156200 OK 520 B URL HTTP/1.1 www.dienthoaikhachsan.com/tj.js
IP 103.236.218.156:0
ASN #26658 HENGTONG-IDC-LLC
File type ASCII text, with CRLF line terminators
Hash fe06b18599a97df50d8148f051da36e8
d9ec6894c8a66e3c00ae8de22336846058fe1f1c
cad1c9cba1c2e38ff410e5a8762c1f44456398f90ae45f946f1105472906e3d9
GET /tj.js HTTP/1.1
Host: www.dienthoaikhachsan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/hotel-sofwave
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:14:13 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2F4V++00/qQUX4rZ3gUjAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CGeDc/zDu/bF7MqLZysirHEf0w0=
www.dienthoaikhachsan.com/common.js
103.236.218.156200 OK 1.1 kB URL HTTP/1.1 www.dienthoaikhachsan.com/common.js
IP 103.236.218.156:0
ASN #26658 HENGTONG-IDC-LLC
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 3b08372f4773c8e7854234aaef938077
b65315c1d4fc673034b770705bf00746f6028d72
da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
GET /common.js HTTP/1.1
Host: www.dienthoaikhachsan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/hotel-sofwave
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:14:13 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 773f8c92067e36036343a36683f59422
61a8b151a4f96cd12e9c8acea24571c4bb3c059b
084525aa523c70cee910de4958bed7d35a1980408aa6ebcd6db744853e5c3b8e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 06:19:23 GMT
ETag: "61a8b151a4f96cd12e9c8acea24571c4bb3c059b"
Last-Modified: Sun, 27 Nov 2022 06:19:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2358
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a1874ac78b4f7-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 773f8c92067e36036343a36683f59422
61a8b151a4f96cd12e9c8acea24571c4bb3c059b
084525aa523c70cee910de4958bed7d35a1980408aa6ebcd6db744853e5c3b8e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 06:19:23 GMT
ETag: "61a8b151a4f96cd12e9c8acea24571c4bb3c059b"
Last-Modified: Sun, 27 Nov 2022 06:19:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2358
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a1874bcb7b503-OSL
www.dienthoaikhachsan.com/favicon.ico
103.236.218.156200 OK 1.2 kB URL HTTP/1.1 www.dienthoaikhachsan.com/favicon.ico
IP 103.236.218.156:0
ASN #26658 HENGTONG-IDC-LLC
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.dienthoaikhachsan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/hotel-sofwave
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 10:14:13 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 02 Dec 2022 10:14:13 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 27 Nov 2022 10:14:12 GMT
Etag: "4078521116"
Expires: Mon, 27 Nov 2023 10:14:12 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=2294E7B6AF545A9D015943C34E121FA8:FG=1; max-age=31536000; expires=Mon, 27-Nov-23 10:14:12 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 365b995ac27fa4cffbbb5ce4aae7385f
5bd93b5450db907eae007c405622253de82ea60f
d0aab522c364f366fa8f73fab3ddefc7aca443c3c012def887496d2bb67138fb
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 11fcc20c-cafd-4810-bcdd-8bc6228de91a
Content-Length: 1700
Date: Sun, 27 Nov 2022 10:14:12 GMT
Connection: keep-alive
api.share.baidu.com/s.gif?l=http://www.dienthoaikhachsan.com/hotel-sofwave
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.dienthoaikhachsan.com/hotel-sofwave
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.dienthoaikhachsan.com/hotel-sofwave HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 27 Nov 2022 10:14:12 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 10:14:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 10:14:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 10:14:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 10:14:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 10:16:33 GMT
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
age: 86259
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y0ofyT6UcPjB8mfRR1VMjHSTW64Qb_EQ0rrjsOdbby1CG-xMIFJMPw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:49:19 GMT
age: 44693
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 45118
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 45118
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 892849386662d30042f01ab952a3ec14
3b349ac17a00d68875e64bee110ec85d07cffda2
893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9926
x-amzn-requestid: 4e2c72af-2cce-4740-9962-6a7f9e217272
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_cVCHwEoAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7420-51c2e04b4fae5b576a679db5;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:02:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rZTk5ONMhQB66WF0VWIRmlTOdzEJO-NJVl4TCibzbH2fZXY_9Mx9kQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 18:42:19 GMT
age: 55913
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee5071a31d351c552aa651e40b16189
6fca9136030ea6f67be44e428ea39c34ff3e28e7
8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
age: 45118
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 430976355cd7559eeea1af733d87850d
ec691cda817aadc0eb99a94bfb77cc8517b98cd8
79315fad759b9bc031bddf53e86aa30b1409d05e579bb137291a30f0473daf03
GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 10:14:12 GMT
Etag: 0766c058d23ba232a2bf5914e00fd2fd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=01F442D550462A66; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?139afe19140050134bf9b90eddf555c7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?139afe19140050134bf9b90eddf555c7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 4a74a529b51e01950a790de0a41ca69b
d388811d559b7e5e168853118098835c5f517ba7
fff5159cfe3c906ec9ebcde0a62b2bb2084ffe1cb253ba88c7d4dd5ad0b232e9
GET /hm.js?139afe19140050134bf9b90eddf555c7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 10:14:12 GMT
Etag: aed7f14a55cd3394a3bc21ddfabe9a1c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E89D9EA2E1B96953; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=520108941&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=39928&r=0&ww=1280&u=http%3A%2F%2Fwww.dienthoaikhachsan.com%2Fhotel-sofwave&tt=%E6%85%88%E6%BA%AA%E6%BD%A6%E6%AF%81%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=520108941&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=39928&r=0&ww=1280&u=http%3A%2F%2Fwww.dienthoaikhachsan.com%2Fhotel-sofwave&tt=%E6%85%88%E6%BA%AA%E6%BD%A6%E6%AF%81%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=520108941&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=39928&r=0&ww=1280&u=http%3A%2F%2Fwww.dienthoaikhachsan.com%2Fhotel-sofwave&tt=%E6%85%88%E6%BA%AA%E6%BD%A6%E6%AF%81%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 10:14:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=733B08F88035160F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1673034132&si=139afe19140050134bf9b90eddf555c7&v=1.3.0&lv=1&sn=39928&r=0&ww=1280&u=http%3A%2F%2Fwww.dienthoaikhachsan.com%2Fhotel-sofwave&tt=%E6%85%88%E6%BA%AA%E6%BD%A6%E6%AF%81%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1673034132&si=139afe19140050134bf9b90eddf555c7&v=1.3.0&lv=1&sn=39928&r=0&ww=1280&u=http%3A%2F%2Fwww.dienthoaikhachsan.com%2Fhotel-sofwave&tt=%E6%85%88%E6%BA%AA%E6%BD%A6%E6%AF%81%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1673034132&si=139afe19140050134bf9b90eddf555c7&v=1.3.0&lv=1&sn=39928&r=0&ww=1280&u=http%3A%2F%2Fwww.dienthoaikhachsan.com%2Fhotel-sofwave&tt=%E6%85%88%E6%BA%AA%E6%BD%A6%E6%AF%81%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 10:14:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=611563466B24EE32; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b2f4ae1cd3e1aec9113e0e9b479fdde5
6e1e98426ca367d929b2a80c84a9d6f62f8604d0
db757dd32ddff8c0f633d1b3f0d3b705d72b9837b4d70d0b504a41be9bea6875
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB757DD32DDFF8C0F633D1B3F0D3B705D72B9837B4D70D0B504A41BE9BEA6875"
Last-Modified: Sat, 26 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Sun, 27 Nov 2022 16:13:53 GMT
Date: Sun, 27 Nov 2022 10:14:14 GMT
Connection: keep-alive
mang.tiryakioyun.com/news/index.php
34.80.95.34200 OK 707 kB URL HTTP/2 mang.tiryakioyun.com/news/index.php
IP 34.80.95.34:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Size 707 kB (707173 bytes)
Hash 7291d2280377a4c380717c6345171335
0dbf119a461643dee57bb9ede5a938cacb1cebba
8ba6d5a3f5645811e8ebe34179244d608dd3a94043d4eb76752f126ef02e7a2f
GET /news/index.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dienthoaikhachsan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 27 Nov 2022 10:14:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@jasmine-z96k
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6381439
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Sun, 27 Nov 2022 10:14:14 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fba9e86ba61e42863fb2f1ac3a9df77d
b435d0e4c912cd82cc67f1a2d97b5f9f97527382
dcdb567f190aefefebe79266802bc24043fbac9a817951c481ef47e1769a5f7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3231
Cache-Control: max-age=149679
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:14:14 GMT
Etag: "6382d186-117"
Expires: Tue, 29 Nov 2022 03:48:53 GMT
Last-Modified: Sun, 27 Nov 2022 02:55:02 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fba9e86ba61e42863fb2f1ac3a9df77d
b435d0e4c912cd82cc67f1a2d97b5f9f97527382
dcdb567f190aefefebe79266802bc24043fbac9a817951c481ef47e1769a5f7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3231
Cache-Control: max-age=149679
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:14:14 GMT
Etag: "6382d186-117"
Expires: Tue, 29 Nov 2022 03:48:53 GMT
Last-Modified: Sun, 27 Nov 2022 02:55:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fba9e86ba61e42863fb2f1ac3a9df77d
b435d0e4c912cd82cc67f1a2d97b5f9f97527382
dcdb567f190aefefebe79266802bc24043fbac9a817951c481ef47e1769a5f7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3231
Cache-Control: max-age=149679
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:14:14 GMT
Etag: "6382d186-117"
Expires: Tue, 29 Nov 2022 03:48:53 GMT
Last-Modified: Sun, 27 Nov 2022 02:55:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fba9e86ba61e42863fb2f1ac3a9df77d
b435d0e4c912cd82cc67f1a2d97b5f9f97527382
dcdb567f190aefefebe79266802bc24043fbac9a817951c481ef47e1769a5f7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3231
Cache-Control: max-age=149679
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:14:14 GMT
Etag: "6382d186-117"
Expires: Tue, 29 Nov 2022 03:48:53 GMT
Last-Modified: Sun, 27 Nov 2022 02:55:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fba9e86ba61e42863fb2f1ac3a9df77d
b435d0e4c912cd82cc67f1a2d97b5f9f97527382
dcdb567f190aefefebe79266802bc24043fbac9a817951c481ef47e1769a5f7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3231
Cache-Control: max-age=149679
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:14:14 GMT
Etag: "6382d186-117"
Expires: Tue, 29 Nov 2022 03:48:53 GMT
Last-Modified: Sun, 27 Nov 2022 02:55:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
z4a.net/images/2022/10/17/960x60.gif
104.21.234.235200 OK 176 kB URL HTTP/2 z4a.net/images/2022/10/17/960x60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 176 kB (176400 bytes)
Hash 790f7ce169b014489226f2bc54fcebdb
8c728b76de39bd04e942af210a6742a2727eedd5
111153d903587269530c51cc32126f82d51a9461b42be47237db3f289f6483c6
GET /images/2022/10/17/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: image/gif
content-length: 176400
expires: Tue, 17 Oct 2023 07:49:24 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 3551090
last-modified: Mon, 17 Oct 2022 07:49:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6H%2BTYS39t4uCvGpHT1U%2Fvu9dy8dbOQjo43qpHH6p5WUg3dlqkkQe900OuGK4kiTxTC6Xu6vqcBPtJGUcop3panHXiz2eYRODYQTEweyjlT1tIQ5kZnypqvQl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a1886ca37dc45-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mgphgx.xyz/
173.231.17.185200 OK 235 kB IP 173.231.17.185:0
Size 235 kB (235111 bytes)
Hash 42c495f83a5de05c3c4fbf30513e9fcc
83d0b5c1712d87abdcf016592672e8f04f3bcb19
a477956c5b351a9e6420b718192c25ffc042cf207bb402006721b75d715cefd4
GET / HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
z4a.net/images/2022/10/17/960-60-0.gif
104.21.234.235200 OK 198 kB URL HTTP/2 z4a.net/images/2022/10/17/960-60-0.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 198 kB (198523 bytes)
Hash 785b488cd18db17252bbc6e2e90d15fb
733a0183c583aaac34ffd5b1019d4a6ca25434c6
01982c41cd3165a9490c613aee197531461568a26d6691509076dfcb7c5438a4
GET /images/2022/10/17/960-60-0.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: image/gif
content-length: 198523
expires: Tue, 17 Oct 2023 07:49:24 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 3551090
last-modified: Mon, 17 Oct 2022 07:49:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHgpCAwouIwasJTr%2B5uNzt0Vp0KsBJ0UPNbtuYDz%2FFYaW1SvtMwssrsVpZ5rg3%2FPR%2FjHUtD%2BkGhcsrcxKDO5PeUTtRRmqPyA5lzO6TUDzkQ250bkzlzYSK0d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a1886da3adc45-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/10/16/960x60.gif
104.21.234.235200 OK 451 kB URL HTTP/2 z4a.net/images/2022/10/16/960x60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 451 kB (451409 bytes)
Hash 0b79d0bdb91d08fe6e58da26af40a3d2
75f37e1aa43e309adbf1e6050c994e6216be694e
6acbe8704cafa212528bf8299e534e5b4906be6653ae25627bb8cd7ad356b9ae
GET /images/2022/10/16/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: image/gif
content-length: 451409
expires: Tue, 17 Oct 2023 07:49:24 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 3551090
last-modified: Mon, 17 Oct 2022 07:49:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzY7A1PfUEb6km6oHUKKCMSYth93nlvyuygeEFWsG8OhH9bB5QURYPe1LZDPSX3%2FongTlRSI8HafrwI7e4g3jaAy0ZMxXrLvw6%2FnHdNb365HIWpd5%2FCL6T19"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770a1886ca2fdc45-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mgphgx.xyz/template/m1938pc/images/1.gif
173.231.17.185200 OK 254 B URL HTTP/2 www.mgphgx.xyz/template/m1938pc/images/1.gif
IP 173.231.17.185:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Tue, 27 Dec 2022 10:14:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgphgx.xyz/template/m1938pc/html9/ad/zxf8.js
173.231.17.185200 OK 645 B URL HTTP/2 www.mgphgx.xyz/template/m1938pc/html9/ad/zxf8.js
IP 173.231.17.185:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash fd37a6424de2df9aac2d33f342e7b432
017ce96981b1881612d69f5f775b6b4c7d276c17
76b20da46d62bf18ce29beec7b1c695685e80685cc6dd113762c9edecf21aac4
GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: application/javascript
content-length: 645
last-modified: Sat, 26 Nov 2022 17:12:54 GMT
etag: "63824916-285"
expires: Sun, 27 Nov 2022 22:14:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3450dc4d2348598da71b79e25651b80
74c167a1cf8d2774a58bff164eaea1c45d6f4e2e
ddcb291c1380db514e40e64d9ec902cd2362d1114575fb2f2cd05818d356d6b3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DDCB291C1380DB514E40E64D9EC902CD2362D1114575FB2F2CD05818D356D6B3"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1991
Expires: Sun, 27 Nov 2022 10:47:26 GMT
Date: Sun, 27 Nov 2022 10:14:15 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/ejeftmgg1mg1446ejeftmgg1mg505886.jpg
104.22.13.214200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/ejeftmgg1mg1446ejeftmgg1mg505886.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad93c8bdd280c8aed28325b77758a591
981ee7b93658e956eca974bf3f9af7148142de43
6a117724ab7f8847b73ca57597c0e977bd72b9efecf98016bfc3ceb8548e0770
GET /upload/vod/2022/11-27/14/ejeftmgg1mg1446ejeftmgg1mg505886.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 7562
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11215
content-disposition: inline; filename="ejeftmgg1mg1446ejeftmgg1mg505886.webp"
etag: "638307da-2bcf"
last-modified: Sun, 27 Nov 2022 06:46:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 123
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889ad15b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/bmiikopjskg1446bmiikopjskg515888.jpg
104.22.13.214200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/bmiikopjskg1446bmiikopjskg515888.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 16bc143b2b712b5c940d963a79d2f44e
dfab3bd942ac05485909e32352fa59f38fc004dd
12979d6dc0f0ca212d53e28c1b592ed727e8d78293303bc0db84882a425e16cd
GET /upload/vod/2022/11-27/14/bmiikopjskg1446bmiikopjskg515888.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 7468
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8629
content-disposition: inline; filename="bmiikopjskg1446bmiikopjskg515888.webp"
etag: "638307db-21b5"
last-modified: Sun, 27 Nov 2022 06:46:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 123
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd19b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/dmcyxjxsw3r1455dmcyxjxsw3r326252.jpg
104.22.13.214200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/dmcyxjxsw3r1455dmcyxjxsw3r326252.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c23b8cdc0ce987b158f74ffa307208bc
69250f6d781a62ab843d75a81273f2b1596a022c
8e8eb683b9f0b212f44ab670a967f875acac12183012ed16d33e9c676e32e2e8
GET /upload/vod/2022/11-27/14/dmcyxjxsw3r1455dmcyxjxsw3r326252.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 6112
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7559
content-disposition: inline; filename="dmcyxjxsw3r1455dmcyxjxsw3r326252.webp"
etag: "638309e4-1d87"
last-modified: Sun, 27 Nov 2022 06:55:32 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 90
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd21b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/rxwmxa3e3yz1446rxwmxa3e3yz535892.jpg
104.22.13.214200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/rxwmxa3e3yz1446rxwmxa3e3yz535892.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a981883fbd608d0336dd7bcfe9c0773e
b81c2a97822defe1c06b1727b9163d9907684a8f
871ae16b14cb9f6e6bc3abbf87261a70fe5d6535f9dbb495bbd02ec6ca3f2278
GET /upload/vod/2022/11-27/14/rxwmxa3e3yz1446rxwmxa3e3yz535892.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 5824
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8256
content-disposition: inline; filename="rxwmxa3e3yz1446rxwmxa3e3yz535892.webp"
etag: "638307dd-2040"
last-modified: Sun, 27 Nov 2022 06:46:53 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 123
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd24b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/laz4ajh3uxo1455laz4ajh3uxo346256.jpg
104.22.13.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/laz4ajh3uxo1455laz4ajh3uxo346256.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c2b931d44d1bd9f1ef1c479c491f5c8c
679636f08b8f6d3e91bc90d65a89f26c973b7c02
9355f69af08e52551ec1d67859da00082b8f4c38a3d1d849f6b454699d439372
GET /upload/vod/2022/11-27/14/laz4ajh3uxo1455laz4ajh3uxo346256.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 8684
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9534
content-disposition: inline; filename="laz4ajh3uxo1455laz4ajh3uxo346256.webp"
etag: "638309e6-253e"
last-modified: Sun, 27 Nov 2022 06:55:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 90
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd2bb4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/qpugfd4wgfy1446qpugfd4wgfy545894.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/qpugfd4wgfy1446qpugfd4wgfy545894.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 17891c6768f621a182f457d5320772df
167f0ba739791cee470009df82293f94b7377947
ccc1e06ce201212c4f01885d9a663d79b39b736b62c5e11f82539a26c094407d
GET /upload/vod/2022/11-27/14/qpugfd4wgfy1446qpugfd4wgfy545894.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 10708
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11602
content-disposition: inline; filename="qpugfd4wgfy1446qpugfd4wgfy545894.webp"
etag: "638307de-2d52"
last-modified: Sun, 27 Nov 2022 06:46:54 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 122
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd1cb4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/ptjcpkeqgvd1455ptjcpkeqgvd306248.jpg
104.22.13.214200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/ptjcpkeqgvd1455ptjcpkeqgvd306248.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 480b39d9b950079153f01556a780e703
995d9eb954843156c2dfc6ba32655806d5eb3fe9
9048c007133fc7cc2fe7cbf1a54710d3678a1178d948baca08c37ab389fe81c9
GET /upload/vod/2022/11-27/14/ptjcpkeqgvd1455ptjcpkeqgvd306248.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 5842
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8226
content-disposition: inline; filename="ptjcpkeqgvd1455ptjcpkeqgvd306248.webp"
etag: "638309e2-2022"
last-modified: Sun, 27 Nov 2022 06:55:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 90
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd31b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/1a21kcruah214461a21kcruah2555898.jpg
104.22.13.214200 OK 6.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/1a21kcruah214461a21kcruah2555898.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ead61a23a2969f5e68752bd175471ce
495a551becabbe6f92195cd8f64c6461d41e494a
f4ba138f7f3abe2ebccab3010271aa81d3b4813771d1b796e52d12c1ca10694e
GET /upload/vod/2022/11-27/14/1a21kcruah214461a21kcruah2555898.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 6520
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9472
content-disposition: inline; filename="1a21kcruah214461a21kcruah2555898.webp"
etag: "638307e0-2500"
last-modified: Sun, 27 Nov 2022 06:46:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd28b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/onsgiixgz1j1446onsgiixgz1j555896.jpg
104.22.13.214200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/onsgiixgz1j1446onsgiixgz1j555896.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb3ea84551b2679f742da1d4c11f91a3
5045807b2dee87c0583f60b356d7297590eaf92e
0a25f4caffdd57116b13a58c02eb11bdb2e61d33b7b8e9141b3ddef90d76e406
GET /upload/vod/2022/11-27/14/onsgiixgz1j1446onsgiixgz1j555896.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 7408
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8410
content-disposition: inline; filename="onsgiixgz1j1446onsgiixgz1j555896.webp"
etag: "638307df-20da"
last-modified: Sun, 27 Nov 2022 06:46:55 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd1db4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/frs3b0352d01455frs3b0352d0356258.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/frs3b0352d01455frs3b0352d0356258.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b671fa565ab5ef87279c4e823af74c7
378dc9cc1553fbef25c7f01b60f984fbbc3b4e5f
1c07d2c0598ac766238e69e90cc14013e5e398114be30c7955c4c16bfb64e1cc
GET /upload/vod/2022/11-27/14/frs3b0352d01455frs3b0352d0356258.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 10954
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11300
content-disposition: inline; filename="frs3b0352d01455frs3b0352d0356258.webp"
etag: "638309e7-2c24"
last-modified: Sun, 27 Nov 2022 06:55:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 90
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd39b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/1cbkpofnd2414551cbkpofnd24316250.jpg
104.22.13.214200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/1cbkpofnd2414551cbkpofnd24316250.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6147efa47c4fc972bcc34c37451594a5
957779b3d5332d909da1e7e027eb228eb08c98e8
5cc159262f55f5a53d6c5b1faebfd5b0ffafc1c086a3f5491cf57f48f3148a73
GET /upload/vod/2022/11-27/14/1cbkpofnd2414551cbkpofnd24316250.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 7374
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8643
content-disposition: inline; filename="1cbkpofnd2414551cbkpofnd24316250.webp"
etag: "638309e3-21c3"
last-modified: Sun, 27 Nov 2022 06:55:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 90
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd32b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/lp54kdxmkdf1446lp54kdxmkdf565900.jpg
104.22.13.214200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/lp54kdxmkdf1446lp54kdxmkdf565900.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 475ff9acc1d63e65e8c507a684d28ac2
a3aa0d779c24d3b1169b14e7ee6930b446c61966
5e3b3d977c3c6d710cfa84a917f0f365dc211c41e6c6b711d9acb8127a8d0186
GET /upload/vod/2022/11-27/14/lp54kdxmkdf1446lp54kdxmkdf565900.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 9562
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11028
content-disposition: inline; filename="lp54kdxmkdf1446lp54kdxmkdf565900.webp"
etag: "638307e0-2b14"
last-modified: Sun, 27 Nov 2022 06:46:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd34b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/hyufhbdbfon1455hyufhbdbfon336254.jpg
104.22.13.214200 OK 6.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/hyufhbdbfon1455hyufhbdbfon336254.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f255cb88d98aac0d827bc1518b7af29
625e539db3cfbaf1a37b3530faeac85141c061fd
db9154bbb52c9c2d22f4abcd131b5c4fa4cfafb7fbb065fad8e621b346425cf6
GET /upload/vod/2022/11-27/14/hyufhbdbfon1455hyufhbdbfon336254.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 6848
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8118
content-disposition: inline; filename="hyufhbdbfon1455hyufhbdbfon336254.webp"
etag: "638309e5-1fb6"
last-modified: Sun, 27 Nov 2022 06:55:33 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 90
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd22b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/yhe4gu5jx4c1446yhe4gu5jx4c525890.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/yhe4gu5jx4c1446yhe4gu5jx4c525890.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3e96d412eee1a5a3d62ee2441ee4d1ff
0302dffab7a956cefd1d1598a74eb99a0d910466
dec1abceb72d06d68b85b98d55618e0182a37a0d3f4a2a8ec911411694685f54
GET /upload/vod/2022/11-27/14/yhe4gu5jx4c1446yhe4gu5jx4c525890.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/jpeg
content-length: 10297
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10801, status=webp_bigger
etag: "638307dc-2a31"
last-modified: Sun, 27 Nov 2022 06:46:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 123
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a1889bd30b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/kk2spcbt1l01454kk2spcbt1l0446206.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/kk2spcbt1l01454kk2spcbt1l0446206.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7dba7e49c97ff2dbbfa94cb2f919749
0f602be467f654aaf705d5d6b6d3d30f89cd3257
5b321e7c6109aea6497b1b67aa51dcf037c523e539349290eccdf8841a72cf88
GET /upload/vod/2022/11-27/14/kk2spcbt1l01454kk2spcbt1l0446206.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 10896
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11923
content-disposition: inline; filename="kk2spcbt1l01454kk2spcbt1l0446206.webp"
etag: "638309b4-2e93"
last-modified: Sun, 27 Nov 2022 06:54:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd1bb4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/5jrtd0fhm1214545jrtd0fhm12236174.jpg
104.22.13.214200 OK 5.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/5jrtd0fhm1214545jrtd0fhm12236174.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d6c6f2a8e38d13a9f4fcf3e31321aa80
98145cfe70fd1dcc9e90ac4482a49a71f7e0286d
2fcd0dec9bb3992dad001ea676b6580c516cc48cf4ba0a6366943a9abfc74bda
GET /upload/vod/2022/11-27/14/5jrtd0fhm1214545jrtd0fhm12236174.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 5932
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7187
content-disposition: inline; filename="5jrtd0fhm1214545jrtd0fhm12236174.webp"
etag: "6383099f-1c13"
last-modified: Sun, 27 Nov 2022 06:54:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd1eb4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/zdwnurfaeyc1455zdwnurfaeyc096214.jpg
104.22.13.214200 OK 5.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/zdwnurfaeyc1455zdwnurfaeyc096214.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e34fee4ca90d464c9f227d6dd78ac2de
46553d26934b11a6746f630503bb7bae7340ee65
833b52244cc5255ad98adeec7f293336557b8e0a70726af9da894dbcb81f8c7e
GET /upload/vod/2022/11-27/14/zdwnurfaeyc1455zdwnurfaeyc096214.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 5192
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7910
content-disposition: inline; filename="zdwnurfaeyc1455zdwnurfaeyc096214.webp"
etag: "638309cd-1ee6"
last-modified: Sun, 27 Nov 2022 06:55:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd26b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/rpgbvucx41t1454rpgbvucx41t466210.jpg
104.22.13.214200 OK 5.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/rpgbvucx41t1454rpgbvucx41t466210.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b07f0b7852b918d14e7eda977b9ab870
ea53739120116959ae2606391491170c5e44a90c
92afcd8a83dd3b848169ef409e942dcd6c056b0764b692adcb39be6208ceced6
GET /upload/vod/2022/11-27/14/rpgbvucx41t1454rpgbvucx41t466210.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 5452
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7514
content-disposition: inline; filename="rpgbvucx41t1454rpgbvucx41t466210.webp"
etag: "638309b6-1d5a"
last-modified: Sun, 27 Nov 2022 06:54:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd35b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/dbdjr0d2mfq1454dbdjr0d2mfq206168.jpg
104.22.13.214200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/dbdjr0d2mfq1454dbdjr0d2mfq206168.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60d41f7a63df3800e0206c0b3bf01421
f21ac60f406751ef24679ea59bdc8bc8a671b6ee
e429f8f1952057a19b200db87bac28a386f55895ecd39492ebd182d792db29d2
GET /upload/vod/2022/11-27/14/dbdjr0d2mfq1454dbdjr0d2mfq206168.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 7090
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8522
content-disposition: inline; filename="dbdjr0d2mfq1454dbdjr0d2mfq206168.webp"
etag: "6383099c-214a"
last-modified: Sun, 27 Nov 2022 06:54:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd36b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/nu4xpgntztu1454nu4xpgntztu216170.jpg
104.22.13.214200 OK 4.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/nu4xpgntztu1454nu4xpgntztu216170.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba8cab8f23300d87ba20e0f8555bb082
5e9ccc760ee68ca43d98f2a7714cab4e63238433
b5ff54f9570c3b66bf1aa175a4dcd76cc94501bde2ec7a50c5dc4f685c0dca9b
GET /upload/vod/2022/11-27/14/nu4xpgntztu1454nu4xpgntztu216170.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 4324
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6352
content-disposition: inline; filename="nu4xpgntztu1454nu4xpgntztu216170.webp"
etag: "6383099d-18d0"
last-modified: Sun, 27 Nov 2022 06:54:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd29b4f9-OSL
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 7
x-edgeconnect-origin-mex-latency: 99
cache-control: max-age=7607535
expires: Thu, 23 Feb 2023 11:26:30 GMT
date: Sun, 27 Nov 2022 10:14:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/oetd0unyrwn1454oetd0unyrwn196166.jpg
104.22.13.214200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/oetd0unyrwn1454oetd0unyrwn196166.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b592044d024f9fd7d0b6844cf9afb86a
db389357ca4aa10b97d52a242a25731850ea3df7
ea4d85595e9bf68b6937aceb2a885f5cad756dc6d9c7095e1ede228a69123f3b
GET /upload/vod/2022/11-27/14/oetd0unyrwn1454oetd0unyrwn196166.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 7598
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8623
content-disposition: inline; filename="oetd0unyrwn1454oetd0unyrwn196166.webp"
etag: "6383099c-21af"
last-modified: Sun, 27 Nov 2022 06:54:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd37b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/ucblkx5ixuc1455ucblkx5ixuc106216.jpg
104.22.13.214200 OK 4.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/ucblkx5ixuc1455ucblkx5ixuc106216.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 38898468ede16c85bc30e6b18db74791
7d6020f0eff3de66c38c54507090059d957bb621
def8a120a8a8a64c7f27db79a16d164a1b061a42ab7923104dfbd3487689b239
GET /upload/vod/2022/11-27/14/ucblkx5ixuc1455ucblkx5ixuc106216.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 4690
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7000
content-disposition: inline; filename="ucblkx5ixuc1455ucblkx5ixuc106216.webp"
etag: "638309ce-1b58"
last-modified: Sun, 27 Nov 2022 06:55:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd25b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/akkg3a3nuv01454akkg3a3nuv0456208.jpg
104.22.13.214200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/akkg3a3nuv01454akkg3a3nuv0456208.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 98c04233fdf58d50131cd08f421cf03b
be0f029380087d1c38eb447a089d605cf528ed99
21607266b50ad96c26260f8e29f90741e45f12a536c3fffa30f02ca62cf8bed3
GET /upload/vod/2022/11-27/14/akkg3a3nuv01454akkg3a3nuv0456208.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 8100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10876
content-disposition: inline; filename="akkg3a3nuv01454akkg3a3nuv0456208.webp"
etag: "638309b5-2a7c"
last-modified: Sun, 27 Nov 2022 06:54:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd1ab4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/44yl5zfmpc2145444yl5zfmpc2226172.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/44yl5zfmpc2145444yl5zfmpc2226172.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 778feb9280e45b47da33ad59bf7b3c75
fc63f2705d1a465c616a26b49832b8ef1c3e4d00
d8cabcb44ea3581c72e4e5fa76da4ef8be5748f33fe315ca96bd58ae8683d200
GET /upload/vod/2022/11-27/14/44yl5zfmpc2145444yl5zfmpc2226172.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 10254
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11235
content-disposition: inline; filename="44yl5zfmpc2145444yl5zfmpc2226172.webp"
etag: "6383099e-2be3"
last-modified: Sun, 27 Nov 2022 06:54:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd38b4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/43tfaleq0qk145443tfaleq0qk476212.jpg
104.22.13.214200 OK 5.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/43tfaleq0qk145443tfaleq0qk476212.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c36f5b98f62ea195f6b2db593fe296fe
a9e8de0ee4e554a1a8bc4e7aac13b5fd62c64d72
d11e8871235cb986bd298b773e7b8701cfa15099182ad90274af763f426455a8
GET /upload/vod/2022/11-27/14/43tfaleq0qk145443tfaleq0qk476212.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 5582
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6622
content-disposition: inline; filename="43tfaleq0qk145443tfaleq0qk476212.webp"
etag: "638309cc-19de"
last-modified: Sun, 27 Nov 2022 06:55:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd2db4f9-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/eqs5jagjfvr1454eqs5jagjfvr246176.jpg
104.22.13.214200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/eqs5jagjfvr1454eqs5jagjfvr246176.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8163bc8b9352cde43527592b30a2645b
5a720e0d20fdbba5cff45f0fab50912a32a902c0
927b4d320b6b6558d6db1686d33f7747112aca9900ea13b9bcb19fd1e487d2a1
GET /upload/vod/2022/11-27/14/eqs5jagjfvr1454eqs5jagjfvr246176.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:15 GMT
content-type: image/webp
content-length: 7662
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8911
content-disposition: inline; filename="eqs5jagjfvr1454eqs5jagjfvr246176.webp"
etag: "638309a0-22cf"
last-modified: Sun, 27 Nov 2022 06:54:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 770a1889bd20b4f9-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 9ae2b9e506cd3eb01cd1901866779c85
0964289871821210729d979564bbaa5a67110f91
2bfcea014448f562ffbbbcaf9fb4cd0fa3ecdb3f2e41e5fdb40f27d040bed7d9
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 01 Dec 2022 07:29:30 GMT
ETag: "0964289871821210729d979564bbaa5a67110f91"
Last-Modified: Sun, 27 Nov 2022 07:29:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1965
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a188c6d8db511-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 0e8d32d395320638dc002a869177b365
a4f8791beb518111fdff24bde36d44914840d986
6b3965abae232ffbb4f9fff767f18da7f3634defd25d3feb938e439d04530426
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2896
Cache-Control: max-age=131344
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:14:15 GMT
Etag: "63828b37-2d7"
Expires: Mon, 28 Nov 2022 22:43:19 GMT
Last-Modified: Sat, 26 Nov 2022 21:55:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash fa9979f6017c47a92e034a3d94c53fc3
c35dd4ccabbd26ed1fdb6efb713b4e95d23b2e9b
0ab930bc17f297e488486048d8335b2f1f2add86c053374a7530f8bd3804efaa
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sun, 27 Nov 2022 10:14:15 GMT
Last-Modified: Sat, 26 Nov 2022 12:37:15 GMT
ETag: "6382087b-1d7"
Expires: Mon, 28 Nov 2022 12:37:15 GMT
Cache-Control: max-age=94980
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669544055
Via: cache10.l2de2[482,482,200-0,M], cache10.l2de2[483,0], cache5.se1[505,505,200-0,M], cache5.se1[506,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 27 Nov 2022 10:14:15 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916695440552933689e
p3.douyinpic.com/obj/tos-cn-i-dy/d6b14817cfeb49d88cb4f3252df7bbfa
47.246.44.229200 OK 420 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/d6b14817cfeb49d88cb4f3252df7bbfa
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 420 kB (420442 bytes)
Hash 7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
GET /obj/tos-cn-i-dy/d6b14817cfeb49d88cb4f3252df7bbfa HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Thu, 24 Nov 2022 05:28:46 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 05:28:46 GMT
nw-session-id: 2022112413284601013113602942A1054Fw7kx601dy
nw-session-trace: 2022-11-24T13:28:46.535254029+08:00 30
x-bdcdn-cache-status: TCP_MISS
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 13:28:46 GMT
x-tt-logid: 2022112413284601013113602942A1054F
via: n132-085-021, cache12.l2de2[0,0,206-0,H], cache8.l2de2[0,0], cache8.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[4,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=4
x-tt-trace-host: 01828e55a3aae08103c59996ea14c72a4acef299c9c635b1382396dc67e62f4c0c988aea7e1eec1fbf2f08e1f57844c3d30dd04503110c356e3ea29c7feec93bd951505abcae576081a7c27e080949a616da1edaceb258677fb32aae0eaeebdf78
x-response-lb: image
ali-swift-global-savetime: 1669267726
age: 276329
x-cache: HIT TCP_MEM_HIT dirn:1:126321899
x-swift-savetime: Thu, 24 Nov 2022 06:01:24 GMT
x-swift-cachetime: 31534042
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616695440557781485e
X-Firefox-Spdy: h2
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Sun, 27 Nov 2022 06:32:02 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: -0MAAABBEsVYXSsX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1669530722
Via: cache15.l2de2[0,0,304-0,H], cache9.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[1,0]
Content-Encoding: gzip
Age: 13333
X-Cache: HIT TCP_MEM_HIT dirn:3:341533673
X-Swift-SaveTime: Sun, 27 Nov 2022 06:32:09 GMT
X-Swift-CacheTime: 86393
Timing-Allow-Origin: *
EagleId: 2ff62c9b16695440558116845e
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2dcd02f5e606a5de0774b49602d0b822
7745b6c7971f36e45d31df200626183f63b8db3f
9a386f7a255fc7ce125c07918a313d8877cdc084d5f5874eccfe116d7dfb2dbd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 20:52:34 GMT
Expires: Fri, 02 Dec 2022 20:52:33 GMT
Etag: "7745b6c7971f36e45d31df200626183f63b8db3f"
Cache-Control: max-age=469697,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a188c5865b4ee-OSL
www.mgphgx.xyz/template/m1938pc/images/video-mask.png
173.231.17.185200 OK 107 B URL HTTP/2 www.mgphgx.xyz/template/m1938pc/images/video-mask.png
IP 173.231.17.185:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: image/png
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Tue, 27 Dec 2022 10:14:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgphgx.xyz/template/m1938pc/images/video-play.png
173.231.17.185200 OK 1.6 kB URL HTTP/2 www.mgphgx.xyz/template/m1938pc/images/video-play.png
IP 173.231.17.185:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Tue, 27 Dec 2022 10:14:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:04 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7515.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:04 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:04 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:04 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7516.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:04 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
172.247.77.90301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP 172.247.77.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:04 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b14c79f35ba17ec8f16f802d3ca9aba7
e2c4d382f011866e94b65ea0353af2a1e33dcf71
d6d3da8f6b9c9852391f4513a87505c84b0fe24bac618d5d39feb9bc35766475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6D3DA8F6B9C9852391F4513A87505C84B0FE24BAC618D5D39FEB9BC35766475"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1671
Expires: Sun, 27 Nov 2022 10:42:07 GMT
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f4ed0691220bb6412eccbd9437f15cf9
05711f78eb3aba3f74e49eb138478fe7658de58e
2a81565b1c777d382e2272a27cdc3c20187b1e1b94f1183f88a194ef745f601a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=759
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f4ed0691220bb6412eccbd9437f15cf9
05711f78eb3aba3f74e49eb138478fe7658de58e
2a81565b1c777d382e2272a27cdc3c20187b1e1b94f1183f88a194ef745f601a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=715
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f4ed0691220bb6412eccbd9437f15cf9
05711f78eb3aba3f74e49eb138478fe7658de58e
2a81565b1c777d382e2272a27cdc3c20187b1e1b94f1183f88a194ef745f601a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=715
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f4ed0691220bb6412eccbd9437f15cf9
05711f78eb3aba3f74e49eb138478fe7658de58e
2a81565b1c777d382e2272a27cdc3c20187b1e1b94f1183f88a194ef745f601a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=715
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
X-N: S
www.mgphgx.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=20221127Sun%20Nov%2027%202022%2010:14:15%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.185200 OK 3.1 kB URL HTTP/2 www.mgphgx.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=20221127Sun%20Nov%2027%202022%2010:14:15%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.185:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash aeb2086808ecb98f9de171743f8133a0
20cfc79ab8edba6788965ec23626f4bc303cd59d
323ec8fc6f17721483f794bf80329d7826837019590cca8d9886a721fa76c54b
GET /template/m1938pc/html9/advertised/advertised.json?refresh=20221127Sun%20Nov%2027%202022%2010:14:15%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: application/json
content-length: 3074
last-modified: Sat, 26 Nov 2022 17:11:12 GMT
etag: "638248b0-c02"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 63b13600480901fee390d4de4e446672
7a98cbbfb33f1c6987c8f731bf9f34cd55aa0cf4
ff2128e7d16b816b864a9dfbda350c42acd5f33e580eebe07b7f614be6a9fcf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF2128E7D16B816B864A9DFBDA350C42ACD5F33E580EEBE07B7F614BE6A9FCF9"
Last-Modified: Fri, 25 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16399
Expires: Sun, 27 Nov 2022 14:47:35 GMT
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
ak-d.tripcdn.com/images/0Z06k2215d3m9fgtcDE68.gif
96.6.16.143200 OK 121 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z06k2215d3m9fgtcDE68.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 121 kB (120799 bytes)
Hash b0f8e806d4a30c123d6404fd5b9f0876
ad7f7d43d3e5340016ef521d346cd2a6c518bfaa
0785b7dd32685c1301b017a5852d0614edd564035e709b6791823d1bd454a454
GET /images/0Z06k2215d3m9fgtcDE68.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 120799
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 32
x-edgeconnect-origin-mex-latency: 41
cache-control: max-age=7456976
expires: Tue, 21 Feb 2023 17:37:12 GMT
date: Sun, 27 Nov 2022 10:14:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0392f120009z0w9os41A2.gif
104.110.17.24200 OK 2.6 MB URL HTTP/2 dimg04.c-ctrip.com/images/0392f120009z0w9os41A2.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 2.6 MB (2643442 bytes)
Hash ffbc057a89fded997b059241f4f62c8e
36e8883858804959ce2597b61378e809ea789b4a
2de6e43216a0750e04a759344cb97bf648c34e69aff52e164cbf88703eeb03e7
GET /images/0392f120009z0w9os41A2.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2643442
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7606051
expires: Thu, 23 Feb 2023 11:01:47 GMT
date: Sun, 27 Nov 2022 10:14:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aaf500966023ee1d76a482b2fe774303
b7d456c69b00a82ef0634912256a95390d97c92e
fd35d7c36493ad814c5d8c36abfe16d8c516b5714bb0ab06d5d537db8f825cbb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD35D7C36493AD814C5D8C36ABFE16D8C516B5714BB0AB06D5D537DB8F825CBB"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21371
Expires: Sun, 27 Nov 2022 16:10:27 GMT
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
96.6.16.143200 OK 457 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 457 kB (457345 bytes)
Hash c715f378075493153db049a8d2e70e1c
8c86edc72c9fa616aa484a42b84cff16c35f06b9
7ea2d9498a4d7b0467811099cc382871149c383a4d2639f222b0b928494c91dd
GET /images/0Z0462215cypa2gv406F9.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 457345
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6381364
expires: Thu, 09 Feb 2023 06:50:20 GMT
date: Sun, 27 Nov 2022 10:14:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 71e27ecf8fb7ab5ea91eb3e10bcc04fc
6bfb1ec65d740e6385399d9549f0720bfd8a67cb
6bd5656f1536958241ecd6a04bce78a08f0252904c0f3c3ac3991468a32c668c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:16 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 11:09:41 GMT
Expires: Fri, 02 Dec 2022 11:09:40 GMT
Etag: "6bfb1ec65d740e6385399d9549f0720bfd8a67cb"
Cache-Control: max-age=434723,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a188fbdafb523-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6f9bef05ee6ea5d364ac495ae54d3d5f
9eacb1878a4704f18601b0b7440c9a27b09e21fd
1ced98a5a5887770c6788ca199431a900c7fba4597d4645068175bd713d13719
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 00:51:34 GMT
Expires: Sat, 03 Dec 2022 00:51:33 GMT
Etag: "9eacb1878a4704f18601b0b7440c9a27b09e21fd"
Cache-Control: max-age=484036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a1890bb7b0b61-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c1d04a6ad248f622288f4a8669cef414
e9dfd58ebb881139b4a1506e0371c08cda1c0065
691084ea4d970fba507a8a8b4e962f7df02d07f627af3324e8ab44a46201b380
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "691084EA4D970FBA507A8A8B4E962F7DF02D07F627AF3324E8AB44A46201B380"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4442
Expires: Sun, 27 Nov 2022 11:28:18 GMT
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash bcd4b34963d1e0a6e46691a12c309f08
b06d17c1aee98e123a0a0015fa292f91c756c49d
6b72be735663f589bd48f99d469202872af1aa446eba0fe646919c3b07df742e
GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 10:14:16 GMT
Etag: e02f908f8b981666ca48611affdf2b81
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1FA746D69C3CF485; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 947a051fc1fb4278f4468cf41e5f5d50
3590c45f36e05d140d6813ef4206d2a2a0b64d91
a3c65d6925edbdc17ff3a14de5bfd5573dd970c15da1f5c8627a520c2d6c1bcc
GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 10:14:16 GMT
Etag: 323e205082d464fe8e6a3f9e99a39ea6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=10BA355590662564; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash aa438f44a7979c82089bd15ce2559991
1db5dccc28dd18f0628d55f0ac70dd852512e5b8
553c964717251faa3c2fb202ed2f1bae7bd8ab31a50f6191b4f14159620489cf
GET /hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 10:14:16 GMT
Etag: 9865b87a2968c63dc098039b0817d5f1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2A9ACE34C284D490; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
45.150.164.154301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 45.150.164.154:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: text/html
content-length: 162
location: https://kvkaaa.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
172.247.77.90200 OK 6.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 58ea27a500bcb3f3d868101711779560
a162c0e988323069e6396902f2fabc9da1205eb3
583dda68ba080f07505f0ba01f8d5395ef9afaddff065cbff72906e9f61aecca
GET /upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 5954
Last-Modified: Wed, 09 Nov 2022 11:43:12 GMT
Connection: keep-alive
ETag: "636b9250-1742"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
172.247.77.90200 OK 9.3 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b567dbb6fb1db9f38bd0459ee707f4a9
a78cf16102114a17aef64addc6e1ca8db381600a
7c80046668ca43bae8a195d776c6afc2895a45869fa18e8dc239fa279f7102d3
GET /upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 9264
Last-Modified: Wed, 09 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "636b6300-2430"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
172.247.77.90200 OK 13 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4de69e86cac1b908c088cafd5a7b0b6e
cd030960d031bb1ce4e5d46a39bcda1ae56e0064
a9da837629b12da43d48dccbce14f1c401280a7d67afb0a58f556abf402122e6
GET /upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 13417
Last-Modified: Wed, 09 Nov 2022 08:22:05 GMT
Connection: keep-alive
ETag: "636b632d-3469"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
172.247.77.90200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2c45eda38d46f5acd58867ef8b570bb2
26b02ebb1c069acd757c04f2ffcc81a085470907
a8a0ed14544bd1b8eca15c0faeaeb4cace07a7da700cc21ef7a0b47fa38daffd
GET /upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 12006
Last-Modified: Wed, 09 Nov 2022 11:41:12 GMT
Connection: keep-alive
ETag: "636b91d8-2ee6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg
172.247.77.90200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 34ff69ac005a1758f959b2e19def96ca
17413ac3a9fb102c5550118f38cb659effeeeb23
f72cf38f8da2e02865cd9be56d03b884d3dfe727ea06884ced64e38811329ac2
GET /upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 10559
Last-Modified: Wed, 09 Nov 2022 11:41:11 GMT
Connection: keep-alive
ETag: "636b91d7-293f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
172.247.77.90200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f2a8789ed6ea14341492d37fac4595f9
c88bf5860453ad667dc58c27deb31873acc61cd5
5b8460b19f3d79f29044eb4884447e61a5894d58d2dbb232eeb991313dabede4
GET /upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 12196
Last-Modified: Wed, 09 Nov 2022 08:22:05 GMT
Connection: keep-alive
ETag: "636b632d-2fa4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8c860f6cc16cec53769d4433e6f0ddf2
2bf2252d9f68bdb1504969d1216a0e9f1873a865
7107d5b0e028993ce463eb29eebae9f15bcd8ff4403a0d15f909861ef9e676c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 10:05:42 GMT
Expires: Sat, 03 Dec 2022 10:05:41 GMT
Etag: "2bf2252d9f68bdb1504969d1216a0e9f1873a865"
Cache-Control: max-age=517284,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a1890aefab4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0a0b91a2b72c45b23fdcc4537f2eae6c
ee50710a7edc9099ca3b1a6b45f566ef7972900a
61bdbb3a3b16b6d97115626588f18bc30f7a9e094f232caa104618ecf7f97e62
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 23:20:34 GMT
Expires: Fri, 02 Dec 2022 23:20:33 GMT
Etag: "ee50710a7edc9099ca3b1a6b45f566ef7972900a"
Cache-Control: max-age=478576,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a1890bae5b503-OSL
3p8801.co/77-250x250.gif
142.0.131.26200 OK 33 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 250 x 250\012- data
Hash f333afca9744fcdba93f1ce02612b1c6
19075f1c5ce74e21e75afe4940aa6c9082003792
889cbadf30e2ff32c5b2c857fb8ba1ac590ae248f76edcddc4a8cfbb78d6ea10
GET /77-250x250.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: image/gif
content-length: 32809
last-modified: Sun, 20 Nov 2022 13:03:15 GMT
etag: "637a2593-8029"
expires: Tue, 27 Dec 2022 10:14:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 67aeb765ccb84a659065bea1172ef56c
43fd19fbf2e226e002f17f745bdc09f156582194
b8a1de962b0494237e16c6db08263456af3a5e635de1c6f8f74c2c2de6263d79
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B8A1DE962B0494237E16C6DB08263456AF3A5E635DE1C6F8F74C2C2DE6263D79"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15971
Expires: Sun, 27 Nov 2022 14:40:27 GMT
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=440858891&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=440858891&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=440858891&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 10:14:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A8A68CA07DD9A9AC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=714918176&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=714918176&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=714918176&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 10:14:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=55F4CFC7C5888F74; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a1bc651812c9b66eff4f5ddc92568350
9c2a359d8973b686359988d038b9b0b52bc504b2
8f8bbf0b2a66f18364b2855591188af8a6e25238de2b0d825036fb87148a3ac8
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 10:14:16 GMT
Ali-Swift-Global-Savetime: 1669544056
Via: cache23.l2de2[481,480,200-0,M], cache23.l2de2[482,0], cache5.se1[505,504,200-0,M], cache5.se1[507,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 27 Nov 2022 10:14:16 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916695440564124526e
362728tdg.com/4252df566c97401d9291195db384eb1b.gif
45.61.212.221200 OK 537 kB URL HTTP/1.1 362728tdg.com/4252df566c97401d9291195db384eb1b.gif
IP 45.61.212.221:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 537 kB (537194 bytes)
Hash 7860cc5d81b01a5668648017780bfcb5
3ade10fdc9362db9940c5b39a862d8cf54f6a164
dde6c494a75d84f42abd494fbcbaacd0a073e536f8a543c1aa2a486fab36fa9a
GET /4252df566c97401d9291195db384eb1b.gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633c1d4f-8326a"
Date: Sun, 20 Nov 2022 07:16:39 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 04 Oct 2022 11:47:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-21
Content-Length: 537194
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=789507096&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=789507096&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=789507096&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=39931&r=0&ww=1280&u=https%3A%2F%2Fwww.mgphgx.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 10:14:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D8132F7CC31D39E7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 67aeb765ccb84a659065bea1172ef56c
43fd19fbf2e226e002f17f745bdc09f156582194
b8a1de962b0494237e16c6db08263456af3a5e635de1c6f8f74c2c2de6263d79
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B8A1DE962B0494237E16C6DB08263456AF3A5E635DE1C6F8F74C2C2DE6263D79"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15971
Expires: Sun, 27 Nov 2022 14:40:27 GMT
Date: Sun, 27 Nov 2022 10:14:16 GMT
Connection: keep-alive
3p8801.co/11-960x60.gif
142.0.131.26200 OK 242 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 242 kB (242091 bytes)
Hash b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Tue, 27 Dec 2022 10:14:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvkaaa.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.235.136200 OK 902 kB URL HTTP/2 kvkaaa.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.235.136:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvkaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mgphgx.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Sun, 25 Dec 2022 12:34:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 164385
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyX0agQIywa3U6zKeh5a8RXYMOcReFff26bcgYVwdnuO8%2B4p8VTOoLWe4QRzYIZtijIQHKLZf27iiS2gFFV%2FD9KAKuxp%2FesU0Rg%2BzE014M4q%2BUdcEJV7yf1QoNQb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a18938c28768b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uu99k.com/image/1-640X200.gif
23.224.145.199200 OK 118 kB URL HTTP/2 uu99k.com/image/1-640X200.gif
IP 23.224.145.199:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117717 bytes)
Hash 90a809e02687e4f28872e33f66cd33b1
e878a5b152fd19e45108395805b9f3176b5fbfd1
3439fbaf8a34b02ea3ba9bf59892d702e615318ee526b9252cca882b880ce00a
GET /image/1-640X200.gif HTTP/1.1
Host: uu99k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: image/gif
content-length: 117717
last-modified: Wed, 07 Sep 2022 12:58:57 GMT
etag: "63189591-1cbd5"
expires: Wed, 07 Dec 2022 01:10:13 GMT
cache-control: max-age=2592000
server: dns
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash e24bb0842610cae0237da05ae4b71a20
e4dd74377b512bc956d8d7ee227f1fe9a61ab5ca
166125e12823c8e82e86d65d1c87053593f03e2d1e8924844f668408bcfab10e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:17 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 21:58:06 GMT
Expires: Thu, 01 Dec 2022 21:58:05 GMT
Etag: "e4dd74377b512bc956d8d7ee227f1fe9a61ab5ca"
Cache-Control: max-age=387227,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770a18936a47b523-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/25dfe6d420544d009c44aa096f465c00
47.246.44.229200 OK 66 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/25dfe6d420544d009c44aa096f465c00
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Hash 9d629444f249b855a94e8a882d5ec47d
c06f98e56cf9977aaa7addb0e0acee4d982f6248
a81c159959e121cf31b8fb9fff87a139cb549a928b07ff43306ac65a2dcb6a0c
GET /obj/tos-cn-i-dy/25dfe6d420544d009c44aa096f465c00 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 65638
date: Thu, 24 Nov 2022 19:00:03 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 06:02:02 GMT
nw-session-id: 2022112414020201021018603626A5209F2zl4v01dy
nw-session-trace: 2022-11-24T14:02:02.286422791+08:00 43
x-bdcdn-cache-status: TCP_HIT
x-length: 65638
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 14:02:02 GMT
x-tt-logid: 2022112414020201021018603626A5209F
via: n132-078-079, cache25.l2de2[0,0,206-0,H], cache2.l2de2[1,0], cache2.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:15:316::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0151a443870e91434d560d3d4c20eeab16d7ad6ce39f6dd297a24c3bc28c8b8af98997ea9bcd143561836ad6fe1a965a47779f97b21929a6e57f6f285661c053cd4af09e4819b6c6a15cf81e70e718feac
x-response-lb: image
ali-swift-global-savetime: 1669316403
age: 227654
x-cache: HIT TCP_MEM_HIT dirn:11:19042948
x-swift-savetime: Fri, 25 Nov 2022 12:31:42 GMT
x-swift-cachetime: 31472901
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616695440570472542e
X-Firefox-Spdy: h2
www.mgphgx.xyz/template/m1938pc/css/zui.css
173.231.17.185200 OK 142 kB URL HTTP/2 www.mgphgx.xyz/template/m1938pc/css/zui.css
IP 173.231.17.185:0
Size 142 kB (141512 bytes)
Hash bbea8c9069a3ac8726aeca38eceac6fb
11cf523b5d4d67c05301daf77e2ee88ef33df90a
eb1e39f65837b2a16c588f13b5e3351fdb6300c7b3e4987c8d83d1ef73d25d1c
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Sun, 27 Nov 2022 22:14:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
172.247.77.90200 OK 129 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x539, components 3\012- data
Size 129 kB (129353 bytes)
Hash 38b52bfe66c8a71ab84ff80cca175f51
835e56833f9ea7352939ce508ab43c67bfd95e4f
89d0d125c3b7ecb375a9f413f4ad8c6c36b954f3ec6a64d0b7ba68b12616ad0a
GET /images/2021/7/24/dmm7521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 129353
Last-Modified: Wed, 09 Nov 2022 11:56:24 GMT
Connection: keep-alive
ETag: "636b9568-1f949"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
172.247.77.90200 OK 120 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 120 kB (120184 bytes)
Hash b3eaf61f8b8ce3484176e881301ae333
08fa67d1e47e51b37446645ca964bea114eee747
cfababc46181a463817165a710bb510d86b53bb9cdbd94a19e7e706df3040e8c
GET /images/2021/7/24/dmm7516.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 120184
Last-Modified: Wed, 09 Nov 2022 12:00:08 GMT
Connection: keep-alive
ETag: "636b9648-1d578"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
172.247.77.90200 OK 134 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 134 kB (133978 bytes)
Hash 796a9665a4fbbdb3640a7750c6f07b90
7f07a9f7b1263ba79c6da5b504078c3484ec7c97
47b2c8af58f3213cc952170d1ac97e6de93346c3fa7e3710fc3d32311c833715
GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 133978
Last-Modified: Wed, 09 Nov 2022 11:58:25 GMT
Connection: keep-alive
ETag: "636b95e1-20b5a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
172.247.77.90200 OK 162 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 162 kB (161782 bytes)
Hash 1e71477b4f330ca3b901b5d2e3948663
4fb5006efbdcff61a4f15edba423e488b40b63b0
33c443d0564af32013c9866375b08c588f952f32697ef24c5b82cc23140c8a85
GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 161782
Last-Modified: Wed, 09 Nov 2022 12:01:19 GMT
Connection: keep-alive
ETag: "636b968f-277f6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
172.247.77.90200 OK 139 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 139 kB (138685 bytes)
Hash e9cefc544ae32631f400fb8b3ef0f6fe
4faf7d1b3d4c61774cb17b44b6283b1b14785601
0a5ac49f96a8234348f2acc182e5ab43d6cb5aa426d69a81e161e7181231248b
GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 27 Nov 2022 10:16:05 GMT
Content-Type: image/jpeg
Content-Length: 138685
Last-Modified: Wed, 09 Nov 2022 11:58:45 GMT
Connection: keep-alive
ETag: "636b95f5-21dbd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
597773zzr.com/467867bbdb2c416293d50691c3218d39.gif
103.170.15.76200 OK 359 kB URL HTTP/1.1 597773zzr.com/467867bbdb2c416293d50691c3218d39.gif
IP 103.170.15.76:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 359 kB (358672 bytes)
Hash 668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859
Analyzer Verdict Alert quad9 Sinkholed
GET /467867bbdb2c416293d50691c3218d39.gif HTTP/1.1
Host: 597773zzr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6368c2a4-57910"
Date: Sat, 26 Nov 2022 17:07:28 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 07 Nov 2022 08:32:36 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-06
Content-Length: 358672
8499483.com/8499/960x60.gif
23.224.101.37200 OK 331 kB URL HTTP/2 8499483.com/8499/960x60.gif
IP 23.224.101.37:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:14:16 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 3040842e2fc03c2fda8d9c267d42239f
d1ea3b692083c1bbbcbaa55e201f2337b147ba89
7bfa9a588a6e14d71ec4541c6291ad34a935e3b65640913124f3ccecb20d2f01
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:14:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 01 Dec 2022 07:36:18 GMT
ETag: "d1ea3b692083c1bbbcbaa55e201f2337b147ba89"
Last-Modified: Sun, 27 Nov 2022 07:36:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2876
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770a18965c3ab511-OSL
taiwtp1.com/xin/96060.gif
220.128.218.220200 OK 69 kB URL HTTP/2 taiwtp1.com/xin/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:11:51 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Tue, 27 Dec 2022 10:11:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
images.xxootv.top/admin/202208/630634f18a75e.jpg
45.207.13.180200 OK 26 kB URL HTTP/2 images.xxootv.top/admin/202208/630634f18a75e.jpg
IP 45.207.13.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x249, components 3\012- data
Hash 003320de6bd2223be46a8d7e078a0a45
fc08ff33a5d7080674882770038a92384a1bc366
7ea0cfacef2fe5c94c4bf16a4b0a79a98009775e0b777adb11bafc1cbfcf2880
GET /admin/202208/630634f18a75e.jpg HTTP/1.1
Host: images.xxootv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:17 GMT
content-type: image/jpeg
content-length: 25706
last-modified: Wed, 24 Aug 2022 14:25:54 GMT
etag: "630634f2-646a"
expires: Tue, 27 Dec 2022 10:14:17 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0xmAGT9KS9C
58.254.180.65200 OK 118 kB URL HTTP/2 si1.go2yd.com/get-image/0xmAGT9KS9C
IP 58.254.180.65:0
ASN #136958 China Unicom Guangdong IP network
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117593 bytes)
Hash c4caa37b717580e8594587f32ca86470
a645ec82581a0b18f67444b62a062059adf78aa6
208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 27 Nov 2022 10:14:17 GMT
content-type: image/gif
content-length: 117593
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
etag: "c4caa37b717580e8594587f32ca86470"
age: 262532
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80n4hobs7go5ib5np8lk0gkchq
content-md5: xMqje3F1gOhZRYfzLKhkcA==
timing-allow-origin: *
ohc-global-saved-time: Mon, 31 Oct 2022 09:17:27 GMT
ohc-cache-hit: gz3un59 [2], suzix111 [4]
ohc-file-size: 117593
x-cache-status: HIT
X-Firefox-Spdy: h2
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
47.75.19.34200 OK 96 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
IP 47.75.19.34:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash 57557d6b489d522d480d9b82ce29db65
da2d3b35f0c9534e84e50310aeafe73173037315
4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
GET /gg/960X60.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 27 Nov 2022 10:14:16 GMT
Content-Type: image/gif
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 638338789DB57839364E53B2
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 2
328858prw.com/3c55f52a106a47ff98d4bf61a17901a5.gif
45.61.212.226200 OK 562 kB URL HTTP/1.1 328858prw.com/3c55f52a106a47ff98d4bf61a17901a5.gif
IP 45.61.212.226:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 562 kB (561845 bytes)
Hash 4552f51ed05e3f4ed4ffc73bbaf77df3
3f5aab58a8565d2c4c5c4f23477e64c72ce4e61e
3c64bea31f55f50536ea73aee6e1e40ac050a2108379d55765bf774dc483d7d1
Analyzer Verdict Alert quad9 Sinkholed
GET /3c55f52a106a47ff98d4bf61a17901a5.gif HTTP/1.1
Host: 328858prw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633c1d2d-892b5"
Date: Mon, 21 Nov 2022 23:43:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 04 Oct 2022 11:46:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-26
Content-Length: 561845
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 03214b0266feb31add6ea46dd7919d8f
e346034898b8e518670d56b5dcd0942dad5869f8
9fe46a529cf9d25e508ea4ef4fe31e47eddd201fa94cb50fbbb7618264207cf1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sun, 27 Nov 2022 10:14:17 GMT
Connection: keep-alive
X-N: S
339282bdb.com/d35467f31a1e415dbf061087c8c283d5.gif
45.61.212.121200 OK 684 kB URL HTTP/1.1 339282bdb.com/d35467f31a1e415dbf061087c8c283d5.gif
IP 45.61.212.121:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683474 bytes)
Hash ba813a4b9580b3da278e68a1c3e3a954
6d843c3c02ad3270abd575c460ec26ed615578f4
574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
Analyzer Verdict Alert quad9 Sinkholed
GET /d35467f31a1e415dbf061087c8c283d5.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62e67b07-a6dd2"
Date: Sun, 27 Nov 2022 10:14:16 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 31 Jul 2022 12:52:23 GMT
Accept-Ranges: bytes
X-Cache: MISS from cloud-us2-cdnb-21
Content-Length: 683474
taiwtp1.com/xin/200200sas.gif
220.128.218.220200 OK 694 kB URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Size 694 kB (693471 bytes)
Hash e6ff7b0afb00d39bca2032b100e871ec
f3da5b9bd4d1769ed482bf6f23c3b05ded824d63
41d7266ed35337d77b04bad32c7ec3c4b44e7a1707f6c6f21c8e6bc4c9f3f252
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:11:51 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Tue, 27 Dec 2022 10:11:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgphgx.xyz/template/m1938pc/css/ate.css
173.231.17.185200 OK 0 B URL HTTP/2 www.mgphgx.xyz/template/m1938pc/css/ate.css
IP 173.231.17.185:0
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Sun, 27 Nov 2022 22:14:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 27 Nov 2022 10:14:17 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 676 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: dbb1f493-b702-4b2b-9755-56ee3a1c5cba
X-Firefox-Spdy: h2
mang.tiryakioyun.com/news/data.php
34.80.95.34200 OK 0 B URL HTTP/2 mang.tiryakioyun.com/news/data.php
IP 34.80.95.34:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /news/data.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sun, 27 Nov 2022 10:14:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@jasmine-z96k
X-Firefox-Spdy: h2
www.mgphgx.xyz/template/m1938pc/js/jquery.config.js
173.231.17.185200 OK 0 B URL HTTP/2 www.mgphgx.xyz/template/m1938pc/js/jquery.config.js
IP 173.231.17.185:0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: www.mgphgx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:14:14 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Sun, 27 Nov 2022 22:14:14 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.1152555.com/images/637efec48d97bc67605fd88e.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.1152555.com/images/637efec48d97bc67605fd88e.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/637efec48d97bc67605fd88e.gif HTTP/1.1
Host: img.1152555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/d6b14817cfeb49d88cb4f3252df7bbfa
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.1158555.com/images/637eff228d97bc67605fd890.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.1158555.com/images/637eff228d97bc67605fd890.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/637eff228d97bc67605fd890.gif HTTP/1.1
Host: img.1158555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgphgx.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/25dfe6d420544d009c44aa096f465c00
cache-control: max-age=3600
X-Firefox-Spdy: h2