Overview

URL yezzco.com/
IP23.248.240.242
ASNSun Network Hong Kong Limited - HongKong Backbone
Location United States
Report completed2022-09-18 19:09:58 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-18 2 xxootv.top Sinkholed


Files

No files detected



Passive DNS (37)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-09-18 05:00:37 UTC 23.36.77.32
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-18 05:19:30 UTC 104.18.21.226
mnemonic passive DNS p3.douyinpic.com (2) 23536 2020-12-18 11:20:50 UTC 2022-09-18 11:49:26 UTC 47.246.44.230
mnemonic passive DNS mang.tiryakioyun.com (2) 0 2022-03-21 04:49:54 UTC 2022-09-18 14:24:07 UTC 20.205.43.35 Unknown ranking
mnemonic passive DNS cdn.staticfile.org (1) 46426 2013-08-23 08:51:19 UTC 2022-09-18 14:24:10 UTC 47.246.44.211
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-18 14:37:21 UTC 172.64.155.188
mnemonic passive DNS kvtddd.top (1) 0 2022-05-22 12:14:43 UTC 2022-09-17 18:12:52 UTC 104.21.235.62 Unknown ranking
mnemonic passive DNS uu99k.com (1) 0 2021-02-04 07:26:26 UTC 2022-09-17 18:12:52 UTC 23.224.145.199 Unknown ranking
mnemonic passive DNS yaoji666.oss-cn-hongkong.aliyuncs.com (1) 0 2022-07-12 23:48:19 UTC 2022-09-16 21:15:58 UTC 47.75.19.91 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS si1.go2yd.com (1) 325918 2017-02-02 11:37:19 UTC 2022-09-18 11:49:25 UTC 58.254.180.65
mnemonic passive DNS img.cuphf.xyz (1) 0 2022-07-12 16:14:16 UTC 2022-09-17 19:56:32 UTC 23.225.228.58 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-18 04:48:15 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-18 04:20:51 UTC 34.120.237.76
mnemonic passive DNS zerossl.ocsp.sectigo.com (2) 4049 2020-05-09 19:05:29 UTC 2022-09-18 06:43:16 UTC 104.18.32.68
mnemonic passive DNS www.mgcqnd.xyz (8) 0 2022-05-28 03:55:56 UTC 2022-09-16 15:34:51 UTC 173.231.17.185 Unknown ranking
mnemonic passive DNS pic.picnewsss.com (1) 0 2022-06-14 11:57:58 UTC 2022-09-18 14:13:09 UTC 23.225.139.251 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-18 11:46:24 UTC 93.184.220.29
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-09-18 08:12:25 UTC 23.36.77.32
mnemonic passive DNS p.qlogo.cn (8) 48578 2014-01-15 11:11:45 UTC 2022-09-18 11:49:25 UTC 43.154.254.32
mnemonic passive DNS img.x967.xyz (1) 0 2022-07-18 13:04:45 UTC 2022-09-16 21:15:59 UTC 23.225.228.34 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-18 06:05:26 UTC 44.240.140.78
mnemonic passive DNS www.yezzco.com (4) 0 No data No data 23.248.240.242 Unknown ranking
mnemonic passive DNS api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2022-09-18 09:41:15 UTC 39.156.68.163
mnemonic passive DNS fmlb.netlbtu.com (32) 187701 2021-09-14 11:57:06 UTC 2022-09-18 12:04:26 UTC 104.21.235.174
mnemonic passive DNS vesdsp.com (1) 0 2022-07-06 03:53:54 UTC 2022-09-16 21:15:59 UTC 45.61.212.131 Unknown ranking
mnemonic passive DNS 3p8801.co (4) 0 2022-07-05 12:28:12 UTC 2022-09-16 21:15:58 UTC 137.175.35.2 Unknown ranking
mnemonic passive DNS images.xxootv.top (1) 0 2022-06-09 20:47:47 UTC 2022-09-16 21:15:59 UTC 45.207.13.180 Unknown ranking
mnemonic passive DNS n7181.com (1) 0 2022-07-03 12:37:11 UTC 2022-09-16 21:15:58 UTC 45.61.212.225 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-18 06:05:25 UTC 143.204.55.25
mnemonic passive DNS yezzco.com (1) 0 2022-09-18 15:19:04 UTC 2022-09-18 15:19:04 UTC 23.248.240.242 Unknown ranking
mnemonic passive DNS push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-09-18 09:41:13 UTC 39.156.68.163
mnemonic passive DNS hm.baidu.com (10) 8254 2012-05-26 08:38:45 UTC 2022-09-18 09:41:13 UTC 103.235.46.191
mnemonic passive DNS ocsp.digicert.cn (2) 37572 2020-03-20 17:45:56 UTC 2022-09-18 09:51:35 UTC 47.246.44.205
mnemonic passive DNS zhibo128x1.xyz (1) 0 2022-09-06 23:50:01 UTC 2022-09-18 11:49:25 UTC 154.83.25.141 Unknown ranking
mnemonic passive DNS taiwtp1.com (4) 0 2022-04-08 07:06:08 UTC 2022-09-18 12:04:26 UTC 220.128.218.220 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-18 12:39:06 UTC 143.204.55.36
mnemonic passive DNS ocsp2.globalsign.com (3) 1544 2012-05-21 07:12:19 UTC 2022-09-18 05:51:54 UTC 104.18.20.226


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 23.248.240.242

Date UQ / IDS / BL URL IP
2022-09-18 19:09:58 +0000
0 - 0 - 1 yezzco.com/ 23.248.240.242

Last 5 reports on ASN: Sun Network Hong Kong Limited - HongKong Backbone

Date UQ / IDS / BL URL IP
2022-12-04 08:46:11 +0000
0 - 0 - 1 tregp.com/ 156.234.218.138
2022-12-04 02:29:37 +0000
0 - 0 - 2 yljh.iyhost.com/index.php/vod/detail/id/26934.html 154.222.97.198
2022-12-03 19:27:18 +0000
0 - 0 - 1 qzenfood.com/ 156.226.174.230
2022-12-02 16:21:22 +0000
0 - 0 - 4 www.fishingatcabo.com/food/65951912.html 156.234.205.30
2022-12-02 10:24:12 +0000
0 - 0 - 4 shpeineng.com/ 156.234.161.61

Last 1 reports on domain: yezzco.com

Date UQ / IDS / BL URL IP
2022-09-18 19:09:58 +0000
0 - 0 - 1 yezzco.com/ 23.248.240.242

No other reports with similar screenshot



JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 87, repeated: 1) - SHA256: 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9

                                        < div style = "width:100%;height:100%;position:absolute;top:0;left:0;z-index:2147483647;" >
                                    

#2 JavaScript::Write (size: 187, repeated: 1) - SHA256: b369455e1836b256f6870bf8ca5352feabe0f12957891834d3adcd1ca30fdf4b

                                        < iframe src = " https://mang.tiryakioyun.com/news/index.php"
frameborder = "0"
style = "border:0;width: 100%; text-align: center; border: medium none; height:100%;max-height: 4000px;" > < /iframe>
                                    

#3 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#4 JavaScript::Write (size: 201, repeated: 1) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca

                                        < style > # o63092 {
    animation - duration: 10000 ms;
    animation - iteration - count: infinite;
    animation - timing - function: linear;
}@
keyframes spin {
    from {
        transform: rotate(0 deg);
    }
    to {
        transform: rotate(360 deg);
    }
} < /style>
                                    

#5 JavaScript::Write (size: 322, repeated: 1) - SHA256: 2954b88fb53320801530057b59b7688e297b76a48aa3626bb5558dbdb1b77ec9

                                        < div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 52%; z-index: 19999 !important; right: 2px;" > < a target = "_blank"
href = "https://zzvcljljfd222.com/85/mguo.html" > < img src = "https://taiwtp1.com/img/200200.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>
                                    

#6 JavaScript::Write (size: 103, repeated: 1) - SHA256: 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e

                                        < meta id = "viewport"
name = "viewport"
content = "user-scalable=no,width=device-width, initial-scale=1.0" / >
                                    

#7 JavaScript::Write (size: 77, repeated: 1) - SHA256: 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4

                                        < style > html, body {
    widht: 100 % ;height: 100 % ;overflow: hidden;clear: both;
} < /style>
                                    


HTTP Transactions (131)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 18:12:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nPijcYUP1BFTc1OTxuE5TOtZbbl07vNW0eUt6GE7-QcVTb4osfqGdw==
Age: 3446


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10526
Expires: Sun, 18 Sep 2022 22:05:13 GMT
Date: Sun, 18 Sep 2022 19:09:47 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gfz5CjgHYXm5Rv6_JY1x0Tw6sglcFn3JasYgbzZUWEW3YJGzONHJfw==
age: 52474
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 19:03:22 GMT
Expires: Sun, 18 Sep 2022 19:07:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NhvEu5Z-UKHKrOrCbHCA1NYb-lDm3-pNenTbMHBxHUzy4j49IiPsKg==
Age: 385


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6148
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:09:48 GMT
Last-Modified: Sun, 18 Sep 2022 17:27:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T9IRMjcRV8P3O1qoK1Wz2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.240.140.78
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NY7nZ2Tv+JIPr17dUU0+yWjJZPo=

                                        
                                            GET / HTTP/1.1 
Host: yezzco.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.248.240.242
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:09:40 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.yezzco.com/index.php

                                        
                                            GET /index.php HTTP/1.1 
Host: www.yezzco.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.248.240.242
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:09:40 GMT
Content-Length: 785
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   785
Md5:    56f585571199ef195b6547e5e085f668
Sha1:   7632e35ae416742b400bdda925c932a168b9e5f3
Sha256: bf02151ec468dd779939b6491d58ec795442680f2bc621841890cf1ee86e87da
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6528
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:09:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6528
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:09:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6528
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:09:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6528
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:09:49 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62071590-e532-4ed4-a54b-1fb5a73d2f63.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13098
x-amzn-requestid: 4aeb2f6b-f54b-46c8-b711-7a64344e011d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yb-K4HLbIAMF2kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217712-26ef04b36e8ebbed537f4f77;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 06:39:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lx4A6ney0Xsq5JHmRpI4paNI5Gijj9KCUaUJ4-fS1r3VqeZMmVdNCQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:45:03 GMT
age: 77086
etag: "4ae396f23a386b68ea35e348da9fdaabf973e978"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13098
Md5:    591051a00cb3f972934af2f5f945b9c3
Sha1:   4ae396f23a386b68ea35e348da9fdaabf973e978
Sha256: ad4dbe49c25ca214af9c54466551826325e4b2d6db9346e812572be81f7e8133
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6869
x-amzn-requestid: 8d5cf972-bd9a-42b8-ba33-5dd05191e9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6u1GspIAMF9vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e5e-12430c8c7122a3594aba8949;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: leqr7rYJyeBFlYuFM2D-wGJfb7_w-5HbW2Y1aHwjTzZ9_4MTFybNaA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:08:03 GMT
age: 75706
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6869
Md5:    51d067e534c477ce996b3e806f6a132e
Sha1:   451c1f67948e45909e636828e3d2a3099de922f0
Sha256: e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8005
x-amzn-requestid: 2ce67f7f-9a03-4f4d-b06c-ec0de59c2854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KhH9PoAMFh2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d76-6aeeee3217540c5863913912;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: K_ZInDx3OZbVvpWZ5vnimzx-Dk5twaTGv9VGXMZHFpZ0YN7lKZ_5HQ==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:57:48 GMT
etag: "04fb3179255ba5ec897ffc4581966945cc9fe2ca"
age: 76321
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8005
Md5:    f2e5759fd404a039955868b121bbd075
Sha1:   04fb3179255ba5ec897ffc4581966945cc9fe2ca
Sha256: 42623d1a0f52682db915b075a894d8cd18f2b53efc7815304b0304841536cf35
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3tByM8rVW_WxdiBUCfXzxZWjMvH2PB2VQ290D-DLITqly6QQQKBNSw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:13:29 GMT
age: 42980
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5133
Md5:    56ade9172e883c777dd974ca879bceba
Sha1:   b2aaf019e083443a6404c262206ee2e981d3165c
Sha256: c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 76172
etag: "786c333cf08456aea446a55c547520572e1c2df9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11919
Md5:    f003d8b6e12692fb16dddd6827deead8
Sha1:   786c333cf08456aea446a55c547520572e1c2df9
Sha256: d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5827
x-amzn-requestid: 9f179e66-3c6f-4e53-94f2-989bf32a6b90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7gyHvboAMFSzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572d1-799e74a63288269b79170d58;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9firpBGLDHkjq_CJX01tbyPPS9OXPsTfzC0dLioWt1Axg7Vw5LQ0xg==
via: 1.1 497370ec058751eb0d9251f66d50af5e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:15:02 GMT
age: 42887
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5827
Md5:    29f4a52fb629dce4ef8038d4df7ea58a
Sha1:   4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
Sha256: 32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.yezzco.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yezzco.com/index.php

                                         
                                         23.248.240.242
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:09:41 GMT
Content-Length: 522
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   522
Md5:    2d633a4064915c958670ec4ad81851ed
Sha1:   9ceac5b459f084114107944fbc1793e1e08e2506
Sha256: 36f2dfbdee7fdff995db86bc70ec55a4f9df745d70e3ce9a7f3d589249fa29db
                                        
                                            GET /common.js HTTP/1.1 
Host: www.yezzco.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yezzco.com/index.php

                                         
                                         23.248.240.242
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:09:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Size:   1104
Md5:    3b08372f4773c8e7854234aaef938077
Sha1:   b65315c1d4fc673034b770705bf00746f6028d72
Sha256: da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yezzco.com/

                                         
                                         39.156.68.163
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Sun, 18 Sep 2022 19:09:50 GMT
Etag: "4078521116"
Expires: Mon, 18 Sep 2023 19:09:50 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=210D37B1D46C1FB1F3D2D06670CD4696:FG=1; max-age=31536000; expires=Mon, 18-Sep-23 19:09:50 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /s.gif?l=http://www.yezzco.com/index.php HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yezzco.com/

                                         
                                         39.156.68.163
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Sun, 18 Sep 2022 19:09:50 GMT

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:50 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:13:21 GMT
ETag: "a57ad066111cf4bb92ba1a28e2160b20e26bcb94"
Last-Modified: Sun, 18 Sep 2022 16:13:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2236
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc60d71c1b0afa-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    4d40b3cf9d69a388d5409a1787fbe15a
Sha1:   a57ad066111cf4bb92ba1a28e2160b20e26bcb94
Sha256: c20b439679fee332d6d9bea268d6543c98ccde0ca288c04a7653fa2a2fd5ed69
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:50 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:13:21 GMT
ETag: "a57ad066111cf4bb92ba1a28e2160b20e26bcb94"
Last-Modified: Sun, 18 Sep 2022 16:13:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2236
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc60d71c161c12-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    4d40b3cf9d69a388d5409a1787fbe15a
Sha1:   a57ad066111cf4bb92ba1a28e2160b20e26bcb94
Sha256: c20b439679fee332d6d9bea268d6543c98ccde0ca288c04a7653fa2a2fd5ed69
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:50 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 11:27:45 GMT
Expires: Sat, 24 Sep 2022 11:27:44 GMT
Etag: "f81f7f923526d6a735f7bda626ae251630c19422"
Cache-Control: max-age=490073,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc60d58ad5fab8-OSL

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.yezzco.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yezzco.com/index.php

                                         
                                         23.248.240.242
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:09:42 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 23 Sep 2022 19:09:42 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yezzco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Sun, 18 Sep 2022 19:09:51 GMT
Etag: 11e7cc500fefe2ab1bc3879059f3aca9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CF71FE13A629F7C2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    f52034256c25650b9777c50c8d3b7e33
Sha1:   ba64817e1487b0dbd6d543e4b942aeaf57b81229
Sha256: 658dc1411ce2c73bf43dd9401c2dbed19f344d083e755f2276e60092e18018c6
                                        
                                            GET /hm.js?fe788d4f61a98887685966a4ffb2df24 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yezzco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Date: Sun, 18 Sep 2022 19:09:51 GMT
Etag: 47e507164a2011c43c437c198b334cac
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FCC24C45E1651A83; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (627)
Size:   11340
Md5:    616a77ed97c9d7146e5db1d60c496efd
Sha1:   7e24e71c406f902e053c30a4b34b65567e6904aa
Sha256: 2653a1f4a50946e6a621d63a2bb63891b5b89560d1b06eada5bcc2815dfc3a66
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B79DDA573F7A8D3048F6427E3A2B04DE565F21F44B342A1A4E94B21EBBC773AC"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19934
Expires: Mon, 19 Sep 2022 00:42:06 GMT
Date: Sun, 18 Sep 2022 19:09:52 GMT
Connection: keep-alive

                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2089534345&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=53268&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yezzco.com%2Findex.php&tt=%E9%83%B4%E5%B7%9E%E8%AE%A9%E8%8D%B7%E6%B1%BD%E8%BD%A6%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yezzco.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 19:09:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9ACB711338C9EA46; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=623608337&si=fe788d4f61a98887685966a4ffb2df24&v=1.2.97&lv=1&sn=53268&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yezzco.com%2Findex.php&tt=%E9%83%B4%E5%B7%9E%E8%AE%A9%E8%8D%B7%E6%B1%BD%E8%BD%A6%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yezzco.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 19:09:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5EA642585BBFB6E4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /template/m1938pc/images/1.gif HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:52 GMT
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Tue, 18 Oct 2022 19:09:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 17\012- data
Size:   254
Md5:    b013f8fa3ec997fe20dc80b82af0ad0a
Sha1:   e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
Sha256: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
                                        
                                            GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:52 GMT
content-length: 641
last-modified: Fri, 22 Jul 2022 08:35:23 GMT
etag: "62da614b-281"
expires: Mon, 19 Sep 2022 07:09:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   641
Md5:    b840c26fe2ad5f5fed93a1422e810847
Sha1:   2e682ed0739aa6258b57deeb01e3b013edc0022d
Sha256: e86ced398e2f16d4e3bc271378f9abc9961bbecc17d58ad9399733a61aa3f7b6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:09:52 GMT
Ali-Swift-Global-Savetime: 1663528193
Via: cache21.l2de2[197,196,200-0,M], cache21.l2de2[198,0], cache8.se1[221,220,200-0,M], cache8.se1[221,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 18 Sep 2022 19:09:53 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16635281927857335e

                                        
                                            GET /jquery/1.9.1/jquery.js HTTP/1.1 
Host: cdn.staticfile.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 80123
Connection: keep-alive
Date: Sun, 18 Sep 2022 14:16:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: Xx4AAABN0OoU-hUX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1663510605
Via: cache15.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache7.se1[0,0,200-0,H], cache2.se1[1,0]
Content-Encoding: gzip
Age: 17588
X-Cache: HIT TCP_MEM_HIT dirn:11:298133222
X-Swift-SaveTime: Sun, 18 Sep 2022 14:24:11 GMT
X-Swift-CacheTime: 85954
Timing-Allow-Origin: *
EagleId: 2ff62c9616635281930201032e


--- Additional Info ---
Magic:  ASCII text
Size:   80123
Md5:    a3932a941cb998342ce964fdd83697f1
Sha1:   1b0e6eca41925e7cd470ea29b16cea49c1ec58af
Sha256: 8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
                                        
                                            GET /template/m1938pc/css/zui.css HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:52 GMT
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Mon, 19 Sep 2022 07:09:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20237
Md5:    f169e91db8a7b66bd8b4dbd23d876c2d
Sha1:   b95c75f60c11bbb4e893e3504c783e834bcbe603
Sha256: bd44303d9f15ef1ad1dc6fcaa3483e01394dd7d9ea1315683e6bf2cb0dfc5265
                                        
                                            GET / HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8126
Md5:    b63656df182facb08bc9711e998acf2e
Sha1:   0c2de09735cb432848e5f092b60416a19508895c
Sha256: 4d6e18e06c8a552f76ac28800684db1d7e558642735459a470a52eaf05438115
                                        
                                            GET /template/m1938pc/images/video-mask.png HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Tue, 18 Oct 2022 19:09:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size:   107
Md5:    6a5ee87ff75437cb480df839f36004fd
Sha1:   eac66370f99601cb7febef320c9540d4593cd856
Sha256: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
                                        
                                            GET /template/m1938pc/images/video-play.png HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Tue, 18 Oct 2022 19:09:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size:   1567
Md5:    be7ca0a4a7c0317398a11162b1e09b75
Sha1:   5dbe6a02524cfbf5f5111478a71f91a9259056b5
Sha256: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
                                        
                                            GET /template/m1938pc/html9/advertised/advertised.json?refresh=2022918Sun%20Sep%2018%202022%2019:09:34%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 3218
last-modified: Tue, 30 Aug 2022 09:27:10 GMT
etag: "630dd7ee-c92"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size:   3218
Md5:    82824af6b9b6b5f4af4c324cbaee3af1
Sha1:   6749c6b517225d41ff1d611fce32e157d2829bd3
Sha256: 8861a70718411bed741d32f7e6fcf43eec49f7df095ba2f3bffb77fbb634338b
                                        
                                            GET /template/m1938pc/js/jquery.config.js HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:52 GMT
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Mon, 19 Sep 2022 07:09:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2145
Md5:    af5594c71b65c10b49d82df89f2b772c
Sha1:   9d286f22f13cbd12830ec7e511fd5c4808c80618
Sha256: bea56833a3aacc43125e9c4fd2bb0bee449008ed1763ebd18c1a13c72c378cee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6223
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:09:53 GMT
Last-Modified: Sun, 18 Sep 2022 17:26:10 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /upload/vod/2022/09-17/13/lrnlfeqdb4y1333lrnlfeqdb4y595809.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 10291
cf-bgj: h2pri
etag: "5e99721657cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eKfDr7t5dBvGZEq%2BsKyxgE5YTqjO5eEX%2B0805v3P01FGLrWkYWVe11ETCbAN1McPH7%2BIBZRiqvr2bjMWQ2GAuRJ7Xz2aWQ7VlyaEM838s5jPE%2Byr7THdqsAQOD99roixvwk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea4cdd7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   10291
Md5:    2c574c1023f6a4739691f7a0b05100a1
Sha1:   1185d598382dce015deb3290f950a441a344227e
Sha256: 47bbee26d2527af7f1dc4220f888f4cce1813ae1de32ac0d921b39a29cbec705
                                        
                                            GET /upload/vod/2022/09-17/13/3zxwhoutfoc13333zxwhoutfoc585807.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 7107
cf-bgj: h2pri
etag: "8fdad21557cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBqcyBEWGzVXCK%2BHjhSjAu7viWg%2FT%2BJ3YvN43c%2FkiOrgVGyXcL%2Bjucxkob46oH7a%2BA90OmmgJooD9hjuwpBtYCcU2XKCsQzUtNJRYORrDrtfA1TtaAkSIgzFPB9wox3sB8fO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea4cf67747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   7107
Md5:    534abd1448f887606ae2ada71e5f648c
Sha1:   b583fc5098b4ccfdcd28561ba7700355e1220a5e
Sha256: 6cf59305870d5b01ce3f4a5f4ed715ef8c1b3a994be1c54afa5b24c8f941b1f3
                                        
                                            GET /upload/vod/2019/11-08/04/kzzcbbf0ub50416kzzcbbf0ub5219745.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 7528
cf-bgj: h2pri
etag: "a71aee38a895d51:0"
last-modified: Thu, 07 Nov 2019 20:16:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6119
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTgCrTH82ZaTiby%2B7tq4xgHgPIixeSsF1LR94sUc%2BW7eDDUx5HgBYewVE%2FNxIKh6Fdy%2B4LvzLYfHDUuQ76I7C3%2FB6yO%2FWFD7tRD8LjVrBoHGk87bSaK11wwoN1Ms%2BLYOiZ2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea4ce97747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7528
Md5:    6bd22c0fa98be1a4473e726bdd6a33f7
Sha1:   d5c3393d547fc7f44337c0b1902c2c5a55864b5b
Sha256: 21503fbfac13460d8c44de2abb50c314029dd6a1b4fef73402b74fce17ddd6cd
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:41:13 GMT
ETag: "22c934c7c7fe4681568ae9489100b14b5fa1f063"
Last-Modified: Sun, 18 Sep 2022 16:41:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2444
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc60ea69d8b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    e0295651d30a0d2e434e231cf89a0a28
Sha1:   22c934c7c7fe4681568ae9489100b14b5fa1f063
Sha256: e8402e084684507c2e03ef222610b26bf7a826d5a6c2ac723cd4cd07294ccb2a
                                        
                                            GET /upload/vod/2019/11-08/04/mh2wfkonvkn0416mh2wfkonvkn049721.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 9521
cf-bgj: h2pri
etag: "d93e12ea895d51:0"
last-modified: Thu, 07 Nov 2019 20:16:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6119
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1%2BiAmZrV5LmkK%2FbRs7xtRrL%2Fl7pplRSrEDCyvR0dNHggh13oenAHauayD8J1NY4QFZW0%2F7%2BbxLVnWJ%2BLJTmhz1VxEY9tUZl26r9fjHb7g8YGscf6gX5PVLWDidVy%2BOSkPDP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea4ce77747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9521
Md5:    6eff6d55802ad08149017109e381dcc6
Sha1:   155f4355115f05c814260c2b12cbe1b6065fefdd
Sha256: f8efcddecf18954059093b0389dbdf9d807d3ae2671b9c597f1caeeb10538e03
                                        
                                            GET /upload/vod/2019/11-08/04/zk0w5zdgjrx0415zk0w5zdgjrx499697.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 6302
cf-bgj: h2pri
etag: "e14e7e25a895d51:0"
last-modified: Thu, 07 Nov 2019 20:15:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6119
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5M9feZBbWiI0gRhUhUw%2B4eo8I86B57oVnTqwhYoQPBZoloBC3EXkJ%2BAp6k%2BKnRUQna5ty9uFfHqLmFCFZFLOivRsGQjvMdxNdu9WVn0rdb7xL6%2FOAfeHYlj6R7eycJqrRJl2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea4ce17747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6302
Md5:    1c7dce3b892531cbd12ed8cb894ce92f
Sha1:   73507507270a5c2d9cb69024a9aa89189465d742
Sha256: 2493895c0125ae4cc2e52921d96fa7ac5123cd54e20bdbec8db92d049a0e6795
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:55:48 GMT
Expires: Sun, 25 Sep 2022 03:55:47 GMT
Etag: "f15f202dca24527d3476d6a0c9cd5ef5799a3ee1"
Cache-Control: max-age=549353,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc60ea4e25b51e-OSL

                                        
                                            GET /upload/vod/2022/09-17/13/ejn3kubkud01333ejn3kubkud0285757.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 7972
cf-bgj: h2pri
etag: "c1ca1457cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1600
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgKWxwQR2oqwTHvv570LEaYDQgV%2BVHaaEsdJ6wJC3kcdM%2FthiGhOwAouXHl232gldSOKGK81LJna3GQcR0vfVrBnXttyTledq3au9kFJYVZLkXL2iGJEelQNTXztrCNt5sG4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d257747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   7972
Md5:    356606134c0328efc8a9e42949527350
Sha1:   d8c17dcdb25b9825a2da3a881094458223861f6f
Sha256: 97e4c9f88cfe2d685785af2f1d05e61a37a32963b5e05113cc99e06b5f6cfa10
                                        
                                            GET /upload/vod/2020/08-03/18/tkxk5mj4okg1802tkxk5mj4okg30663.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 8250
cf-bgj: h2pri
etag: "fc1866337d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7070
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6chk7kY36LdygV35crtrGOtkM1UoovHfwjyzK9SQCC%2FyN%2Buj2GVzozP0jkat11iLaXGNT%2F4mGWcTO1SpGNQEunMNkWINL3mCNdEHFqe4HoKQn2UoB81qk0T2jo%2BTQ8PRMGZ%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d2f7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8250
Md5:    e2958e7f052e8d16689ef15c91161901
Sha1:   63e5e6fde8cb2bbdfbad76f83a76e79400602367
Sha256: 36d7cb087a963a7accf0fcfc7d797db7f3f556836e56b43060b69d08b5f13a15
                                        
                                            GET /upload/vod/2020/08-03/18/ptnkn2m1z251802ptnkn2m1z2535693.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 8706
cf-bgj: h2pri
etag: "11a83f367d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7091
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrdHHcsjWMfPx%2Fug4dyaTP8vSxNkCHEPbzj1JdnPSg6Xj7%2FosGXRPh2fxEIokwYxbNkVX1u7U5XY7aZ7tocXywDOu4XsS0eM%2FuPX92FxqtqdlmDnpeII0b2ssKQ2C4CvLMWv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d377747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8706
Md5:    0a50a4d9b955286da21cff0392cbc29a
Sha1:   bb693a43cb69633e44fac64de10873824d62c944
Sha256: 340ce6a19ef30501d59cd77c125c889f563fb2088ee09799ae9246e170b99cde
                                        
                                            GET /upload/vod/2022/09-17/13/gvkzib1kpl21333gvkzib1kpl2545799.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 8405
cf-bgj: h2pri
etag: "72679b1357cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXrh8ht0MCtwfUrHcqoNtoNXYCmlk4YxelHNQS%2Fhz7yPOyIxCQun2S6gWwCcJOD2Tpv9G%2FIKCYonr%2Bha7lJaO44vPwU%2F6TXwhz0ykR2Sj5l0qJkFjWaVJbpbJxc9c3pw2SJ%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d3c7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   8405
Md5:    cbc320481e66eafcf6319df18d30b4bf
Sha1:   e134fc241bd7f0204276d8c16abdf1da9496ab9f
Sha256: 2227f8895511fe29a76fa221d48ceaa419c919582ebfb2a0ef1770971e584086
                                        
                                            GET /upload/vod/2022/09-17/13/bmvmenqmnqr1332bmvmenqmnqr585717.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 13987
cf-bgj: h2pri
etag: "a381f7f156cad81:0"
last-modified: Sat, 17 Sep 2022 05:32:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6968
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SQ3TiuFlIEA09xK46Aur8fd%2BVRCIGV%2FC%2F%2B%2FbKnJ8CLWZgQ%2FIEXNZD1NhYrfpWgdpnbEPOMNwoIx%2FGENIrqaSRjJmr%2BeOlEs5GeEGR%2Fuztvh%2F8N4REi5dRlxf05phlZeDTyI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d2e7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   13987
Md5:    95fd9619e8c94cf45e01bd8b5c0d2332
Sha1:   fd7bc3c8f9238001dad3c38dce8c81c29c2e3527
Sha256: ff0b0dce0919ccd843e0b399576caadfe148b0dc5d8c55da10573bf1cce95945
                                        
                                            GET /upload/vod/2020/08-03/18/xequiafrlae1802xequiafrlae34687.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 9550
cf-bgj: h2pri
etag: "e485bc357d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7078
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8FBA1xjpVI3sY%2FiNCGp0FpSsJqnE2RDv7q3GrxhMDGUKanE19jkb8mX%2FMZmyHQAo9pK6G%2FClkJQhVjdwOwfBZXBoRIUICinyhUBS4GtVPHpCn%2BI1bZQJNskRKrWOdGwLU4M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d337747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9550
Md5:    6c42a028969ea4dc2bd1f36f77f6022e
Sha1:   cdec34981c982a511cc5d8e513a8627b64cca4d4
Sha256: b41761395f87299f7ad39188b1e8373655c82a8a4961b58b2450258cfa575a87
                                        
                                            GET /upload/vod/2019/11-08/04/yvhai1lados0417yvhai1lados439859.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 8939
cf-bgj: h2pri
etag: "b2904d69a895d51:0"
last-modified: Thu, 07 Nov 2019 20:17:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4066
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yHpw7RYf860Nh7jILAsZeh%2F4EkutmZ%2FpCnsPH9vythza23gR2qf5uGkNMAVk2JzZqck1tlbNsONaB3LyK25EtAy8KbORVwolsFILXxaVCLSpFij%2FZQTlJmev2b%2F%2F9zje%2BTY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d3b7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8939
Md5:    0a2ebe8cb07ec3c565f1e28b8a68393f
Sha1:   7e30fb53fdd06c16044d86259cbd166dabd8dbc2
Sha256: 123d89d3de4c29a6cb6790f044e3ce26084181cd15c2af3cd0def17eb34b9b9d
                                        
                                            GET /upload/vod/2019/11-08/04/onqxg3qqnbp0417onqxg3qqnbp269837.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 13488
cf-bgj: h2pri
etag: "e8a09b5fa895d51:0"
last-modified: Thu, 07 Nov 2019 20:17:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfB%2F8rzTcOvqsr0CWPy19uakUkC3JduGYipgd%2FAtxWHamSsG%2BkMiYh1Tjb2TJXWLFYaYcwHwdVMJZBDK85xHCggbWwXObUkTTusrMQFFlBbX3PFTKQK1Y36TRPAf5%2Bvf9qrB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d397747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   13488
Md5:    02781064176201e87f0aa48999276166
Sha1:   8693a1a5ec6d8c78cf5f5086e636383acda28836
Sha256: 313e1b64e80a8c54f9398e890ba9e7dc89c18ad2a37439b7664fb15cf8f263ec
                                        
                                            GET /upload/vod/2022/09-17/13/0qzo1sj22m013330qzo1sj22m0565803.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 8201
cf-bgj: h2pri
etag: "bfd1c71457cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCoqb81UnsTWR555hHXlOkSnoJtaIcdTDIzc7ay3voUBfSDRZzlVXZoBYaxRA0fTvAiC7Pzui8zv3V6nEffg3Q8WBcUhTuMXAnYDxz65poD73WpH%2FBuxL1f7%2B%2FOfWblYXJS8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea7d5e7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   8201
Md5:    01a072a4f904b6b550f95f2828615bf4
Sha1:   5eeb77c0dc2b2c7e7e7e641beee7606ba9926ec0
Sha256: e70088826b174c39cc3507cd909bf70c0203afb268a63162e7697906462b0c59
                                        
                                            GET /upload/vod/2020/08-03/18/hc5l0yc50fm1802hc5l0yc50fm32675.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 10883
cf-bgj: h2pri
etag: "8f79c347d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRFt1DGJGMyCeREUU9YGSR7aHYLxaJVfY1LFUs661wVMwWoBw7SBehND2Zf4hztVblT1RdGPhV1cIuTTmCndZof0F6UXLFHZgtrfzkGhvmtIrf5fkYek8k3HTiNPeNFX2x8T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea7d617747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10883
Md5:    ac86b5162fde50cfb8c4513b1565bce2
Sha1:   fdae5799ee83f88dce8487d3d49ec0fb36490ff2
Sha256: cd0ed3a9df8aec977c97c200588826695ca6506a5a2bfcf1fa46d71c8c00d81c
                                        
                                            GET /upload/vod/2022/09-17/13/0vdbyluj5ft13330vdbyluj5ft555801.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 9586
cf-bgj: h2pri
etag: "a113281457cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5345
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=974g71aAow0jdpIEPkCV7jFK4jLDO4H6QKWJTewAmsOCVRTqQIPsVLDOoVO4gDCTyVjSndiEKp%2F5FuUMvsCURYNFUmj4P%2Fst6oC%2B%2FsVmwMTV4RWQmf3HFTuqSBOG%2B61yKeac"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea7d677747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   9586
Md5:    31ac8de0e5df7240ffb0cdedcbec2c04
Sha1:   b08508162a1eff9b0a3153671d71d4ab25c9b0e6
Sha256: 82ba5ff081937f8972adfa659737103be679eea17c3d3645a6cd5c37ac8dc6d2
                                        
                                            GET /upload/vod/2022/09-17/13/hfokjwffnaj1333hfokjwffnaj575805.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 8670
cf-bgj: h2pri
etag: "49564d1557cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4066
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drm4r2xwUPXkYMqhD%2FVoGBw%2BHNFjGophsBR1ITuoUovrEXTQKC%2Fl6zVlqWZbgPRbvbV4082AWPYrQxBXszFsTybviKIktL3iUEDH2mYJ7yVzTV7V8ccvD7pKiiRFPFBG%2Bcdm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea7d697747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   8670
Md5:    badc9c327c79b148d4fc8a9f47e2bfd8
Sha1:   d49cf35578ea66029732e4085567c36663288840
Sha256: 48ac8015ba2aeb9a1ab0bd9f8c284a6af99c737328346dfc1cced64b6f3e60aa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 01:06:42 GMT
Expires: Fri, 23 Sep 2022 01:06:41 GMT
Etag: "5c2b7e48584cedd28dbd37152e3189daeca72458"
Cache-Control: max-age=366407,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc60ea6f150b69-OSL

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:41:13 GMT
ETag: "22c934c7c7fe4681568ae9489100b14b5fa1f063"
Last-Modified: Sun, 18 Sep 2022 16:41:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2444
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc60eb1ac2b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    e0295651d30a0d2e434e231cf89a0a28
Sha1:   22c934c7c7fe4681568ae9489100b14b5fa1f063
Sha256: e8402e084684507c2e03ef222610b26bf7a826d5a6c2ac723cd4cd07294ccb2a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F5D1896A8CE4D72B47A97C9A9EEE775E2718322431D99570F702E3FA15840575"
Last-Modified: Sat, 17 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10039
Expires: Sun, 18 Sep 2022 21:57:12 GMT
Date: Sun, 18 Sep 2022 19:09:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B7645E554AB0D3561939B51FBFE1DD16E953A2C3ED90DC142E142DDACC97303"
Last-Modified: Fri, 16 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20732
Expires: Mon, 19 Sep 2022 00:55:25 GMT
Date: Sun, 18 Sep 2022 19:09:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEA0DEC5956E80A49D7E3FBC08AFC5D2431512C5E2498284351AAA680E2594A8"
Last-Modified: Fri, 16 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6829
Expires: Sun, 18 Sep 2022 21:03:42 GMT
Date: Sun, 18 Sep 2022 19:09:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 15:00:17 GMT
Expires: Sun, 25 Sep 2022 15:00:16 GMT
Etag: "abdcda1be4e69ca4bfcc830cb4482b0b88340200"
Cache-Control: max-age=589222,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc60ea0a320b45-OSL

                                        
                                            GET /upload/vod/2022/09-17/13/4ni3plitwfa13334ni3plitwfa255751.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 7124
cf-bgj: h2pri
etag: "565165257cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lr%2BQd8I9dtCXcNNmyP38FNPKGuNJYXnduKLFJRGWnVf3Nazt1wMFhDvTTQiJqHelapfS4H6ZAvKJPiFO5Vces8%2FOz6goGGf1tuN2eg5HtAQ%2FQs%2FwkW%2FX3t7VyQCICjs3g%2BgI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d1e7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   7124
Md5:    09785869d689a6f7081821ff0daf8e1e
Sha1:   561e73ddfdeb041de3d18135b73c1fe18aa2abe5
Sha256: c5a6dc4acde1dfd629d79789030e5db977ab21324154bb584d91af9536096c42
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B7645E554AB0D3561939B51FBFE1DD16E953A2C3ED90DC142E142DDACC97303"
Last-Modified: Fri, 16 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20732
Expires: Mon, 19 Sep 2022 00:55:25 GMT
Date: Sun, 18 Sep 2022 19:09:53 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2019/11-08/04/w23zxtch2m20416w23zxtch2m2389769.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 6439
cf-bgj: h2pri
etag: "f5a8f42a895d51:0"
last-modified: Thu, 07 Nov 2019 20:16:38 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qeIFCdehjRbNYB8Vf1zjnoV7uhLA3%2F8vNZEI%2F706B94kM0BbJOuRz5wOxvruQYrITduBK7GgSYHzi%2BO8t%2FD9ZhN%2FjhKZcXCL0Egjja7FUQsMFatCIUmkftYnSXWagbz82Rw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea4ceb7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6439
Md5:    2a798938051a5acd53222e24de1695bb
Sha1:   8113a7405bf28d94984f16a81857d0c4fce124c8
Sha256: 97d92e6f945af1f9a6d572c60858a32847073477e6b11f3c4a6ee5fa2f0a054a
                                        
                                            GET /upload/vod/2022/09-17/13/s25pilqdcem1332s25pilqdcem555711.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 5768
cf-bgj: h2pri
etag: "2bcd5ff056cad81:0"
last-modified: Sat, 17 Sep 2022 05:32:55 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbPeEY5oINu7ncxtOEifNQhFhriTZROd%2BVwU4SXmCW%2F0QoKzEkZaM%2Beh5ksuEubf6RsWKzVJoQFtOLmdkFkl4s6rcYvFfFwxS4%2FDQ3K0zW%2F8KsBpZ2Nam5GhAMlco2DU%2BiBv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d2b7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   5768
Md5:    5817fcafb6cf827aff242fab20b6abe5
Sha1:   6f42ff3cbbd79d1d63ac39f7b5b7be2c36874823
Sha256: ecffb9ae14b01bfcb7efc263d609c3b65390520333f06eca06f75a83f0d3dfb0
                                        
                                            GET /upload/vod/2020/08-03/18/nlrrxmsu4ze1802nlrrxmsu4ze33682.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 8280
cf-bgj: h2pri
etag: "28b328357d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:33 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPulrSjV3nOh6oOU6cAWYYnUBxQBcSYY0h92X%2FxB6I5hE2f4Ujj%2BkY85xSxRIzdv45ZN2u7CNyGGJw0%2FFvfASJRo6u1W0ob8TU3QQ4r9IhNdbstZNvlCVjucK5twlEywhx%2BF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d307747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8280
Md5:    279089aedcb60541ccfdf9f3a297ddd3
Sha1:   06abf8981cd4d6e03ed22d2d9a506c6ac6d3896d
Sha256: 57b07e857a4f4a2b0f0ee962a55559d7ff45127536e637684bc855b286f05840
                                        
                                            GET /upload/vod/2022/09-17/13/2saaipaa2ul13332saaipaa2ul295759.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 6699
cf-bgj: h2pri
etag: "cb138c457cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:29 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2ZaRkFO5gjerQYxHKbjJO8PLidXR5yUobNGX2EkRiAy7OzdMZDyO8%2FM5y7FYFV%2FNXS0Vth2c3ZRvFAdzq3pwLxjMTZE2pxoC1kJA0P3GRG5KN8tY9x9P%2FhQd5DeRVPvOdao"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d267747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   6699
Md5:    2784afc08a9745fd27582ed03386eee2
Sha1:   64ecda49be2c98433787e53dd3e52836957b6bf4
Sha256: aa78b2212f79bba019c8b1d69b369e258232b91a6a8051e91b4a163075a558d6
                                        
                                            GET /upload/vod/2020/08-03/18/ikggauzqofb1802ikggauzqofb31669.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 5978
cf-bgj: h2pri
etag: "dafaed337d69d61:0"
last-modified: Mon, 03 Aug 2020 10:02:31 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwY%2FpCsDf0nihd0kuw1lfEMPKCeaWR6KZSR1KFvvbiAWcFKfIiQM1ZB67UOakb4RxrNCjgoqmTloVdiVS3UJNLgY09%2F4w%2FzUPab7Fgyy72NZvmZQJp0FOOqVTQroZCS3ia1m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea7d657747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   5978
Md5:    58f4e70bc172a3c2aa02cd3df5ec468c
Sha1:   41f96b9ef6cc424c0dd35ede6c525dfd962c922f
Sha256: 6fcc8455b76a38222cfcd790d3aa52a083205a53a07ec92218727c18183cb762
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "95F1A7756EA6013BF074D60CFC5D5D5A6C735ABD76CE6BBE31D3A5015108DCB5"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6434
Expires: Sun, 18 Sep 2022 20:57:07 GMT
Date: Sun, 18 Sep 2022 19:09:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "95F1A7756EA6013BF074D60CFC5D5D5A6C735ABD76CE6BBE31D3A5015108DCB5"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6434
Expires: Sun, 18 Sep 2022 20:57:07 GMT
Date: Sun, 18 Sep 2022 19:09:53 GMT
Connection: keep-alive

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:28:01 GMT
ETag: "dca6d9b729a04f8ebb0957e564dbc4cba084709f"
Last-Modified: Sun, 18 Sep 2022 16:28:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 463
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc60ebbbd1b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    595821a3469e36aec60a4182c2630292
Sha1:   dca6d9b729a04f8ebb0957e564dbc4cba084709f
Sha256: 88663ca8659d190ac1a116dad0349c0206cce14ba124b3481cd1ba77d20cd5ba
                                        
                                            GET /hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Sun, 18 Sep 2022 19:09:53 GMT
Etag: c89b6762d498eb541cbe7095e6738b7c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=16D96964C4CBC89A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    a7393c46f8578f222b16eaf3da641a3f
Sha1:   51197f94f194a2452d432813ef01ff7f677aefdd
Sha256: 6b0ac99aaba563e2f62f278aafc8cb553eccdfd8cae565545a72704980899c56
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6223
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:09:53 GMT
Last-Modified: Sun, 18 Sep 2022 17:26:10 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Date: Sun, 18 Sep 2022 19:09:53 GMT
Etag: ddd0a71451ba764e743cec0273fae8aa
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B31C2A346B26CE41; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (630)
Size:   11343
Md5:    5589af19e57174acdf777b9fa4683106
Sha1:   e337bd5b31b7c7ef4bbd3d867530687e8671cb0a
Sha256: 4b584f0b21cb06bbe408dae4ee65d6916e99051199188d89c1949a470d158d31
                                        
                                            GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Date: Sun, 18 Sep 2022 19:09:53 GMT
Etag: bbbfd8948d8c29f0ab47c43cb3b64451
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=10C4D0C2B42AC356; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (630)
Size:   11343
Md5:    373a587f3fa9b8fbefabf924aac2ac28
Sha1:   03e47a34e402741ab3d37ec5ac66f5c84903226e
Sha256: d1e717cc210bb7637371b6ad19e5dc36c22cd5ce0bf73f01fa02bc29369734e1
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "530246824DB8C89A102345110CC85B3CFAD85FD65F61B8D4A26979BAF11DE419"
Last-Modified: Sat, 17 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16716
Expires: Sun, 18 Sep 2022 23:48:29 GMT
Date: Sun, 18 Sep 2022 19:09:53 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2019/11-08/04/vids33u3ebj0401vids33u3ebj068337.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 16976
cf-bgj: h2pri
etag: "c42a8617a695d51:0"
last-modified: Thu, 07 Nov 2019 20:01:06 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsRopp0%2BY6gkvkEjYZ6%2BnsmmBRQJYZvrc31vavI3I%2BZltA8L0HF%2Fk0xHmKSPYi8zsgPi5G8CYLLaLBIjcj7pzU6xZFqlR2CarBo5sU19e%2FH%2B4L%2FxkJPBEYx%2BdclASQnPsi3%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea4ced7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   16976
Md5:    ffa3d58d297d61b5e5191d5720d67491
Sha1:   64cd564f48a7c98e8eaab0327cc94235750a436d
Sha256: 6a01917f44832b80e93ca391f84ff83dcbdba7749cebf88df108c845e6ab92ef
                                        
                                            GET /upload/vod/2019/11-08/04/aqgi5r0aytw0401aqgi5r0aytw228359.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 15793
cf-bgj: h2pri
etag: "eb0df21a695d51:0"
last-modified: Thu, 07 Nov 2019 20:01:24 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jrQfSliyygVLksHjGcNBFfZIsGh0KL6bejFpsdv8CWlX8nzSUWVgF7i9tqc4zrB6ZCHx4g4Pdz74vdHEdt%2FltzMfAn83sg%2B0xEZJOH5X4arD72AyrhCTUPkZYejco8%2BWWBV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea4cf17747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   15793
Md5:    f44e063971733d70ebe4582e2ca2aee9
Sha1:   998d46b155c77d46092107e20ded8c3dfe66d17f
Sha256: f92e0ec269b47a19ae0198cf03c7cbdd74eda20d8c000aa7dbf1eafe296c3c0a
                                        
                                            GET /upload/vod/2022/09-17/13/13abwjila04133313abwjila04305761.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 7188
cf-bgj: h2pri
etag: "1ac018557cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:30 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naB0lTAeWEyp2CDG%2BYReXZN%2FNohX4y98IMJIyUnN3wyMt%2B%2BNo2PPvlLsP33ClMm%2BN3QkVreEn%2BcGeMlkMwk6jgY2mmawmRFxaurrNVlOQimBZnNOMAstXAdNanjRPJpcqgUV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d287747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   7188
Md5:    58f263d72d4bda9c4aadbd7870c92068
Sha1:   149695b100edbea35d7963c75f31de31c015d2b1
Sha256: 147c96864e085c624ae6c579dbc1ea80b5c64d5e1af2971a6a0ce63d0abdaeb1
                                        
                                            GET /upload/vod/2022/09-17/13/pqoupv14ibg1333pqoupv14ibg275755.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 6472
cf-bgj: h2pri
etag: "64467c357cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:27 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXALfS2wuaOi4SkBu6k91KaJ9sdQKh3yN1asMMhA9cpuwJB%2F9kbZ6d7MMS4Nhx7m1%2BwHFr9c%2Bno0Emj5QqUrdo7%2FRWam3schYrEdoA7nfkS2Yeg%2B18vMEBi0rO7lxrRr9wP%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d237747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   6472
Md5:    4bc7b74ef4c3e6c0df8b58356b7b3fa5
Sha1:   597903b8f36287cba9b024a3e3ab935818cc39d8
Sha256: f424a931065e63cb39efee43d38b4e98dd8327511a6fd32df02f1ed9cbc7dfef
                                        
                                            GET /upload/vod/2022/09-17/13/qim51dqw1mw1332qim51dqw1mw535707.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 6399
cf-bgj: h2pri
etag: "b93a4bef56cad81:0"
last-modified: Sat, 17 Sep 2022 05:32:53 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVsAXoBgekKsJrMmhXa3coufSIFwJBAp5qXLZeGW%2BJta0oVbsS%2B3PdhGzQ5zCwCV%2FHE0%2FUv3OIW14XWEn40IYEPjHGfDMlXUcaXd5c752squ9h0KA1%2F1pJpmEGRYVzWe1NxK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d297747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6399
Md5:    980a041fb1f1bc1f1bd1b44eacdff436
Sha1:   4feda7fd295cba8f3458deb2a5d8ce72b00a62d0
Sha256: 3d166cf55d8debed63aa1586a71dd2aec2e4eaf70f99891006c8ff4ae6a2aa8c
                                        
                                            GET /upload/vod/2022/09-17/13/2mr3mt1n3um13322mr3mt1n3um565713.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 9787
cf-bgj: h2pri
etag: "8016eaf056cad81:0"
last-modified: Sat, 17 Sep 2022 05:32:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WikKgrEY%2FErlA2WZYBgXVcC6D7gY6cRUbQEbkCeV%2Bn3DPz9o05k%2FPKqqzzDYzRo0CbGbdwkVJin%2FczKyMBc3dU9bDzkZRnjRDvcqMq9XwCJHYW%2B%2FldQPjJMeopj8NSvU3IHS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d2c7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9787
Md5:    4a3950543d3947f616dafc2c6650a46a
Sha1:   0a4c53b5634c9b94dc3a08b0548edf8077164c0f
Sha256: 663b7ea5bdcfc6bd952582db1aca6636ff05cccf084e530276a66c73d9904bd3
                                        
                                            GET /upload/vod/2022/09-17/13/nq2fxl0bssw1332nq2fxl0bssw575715.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 8615
cf-bgj: h2pri
etag: "219b6ff156cad81:0"
last-modified: Sat, 17 Sep 2022 05:32:57 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDIDTbk2cPAJktgZWR2Hxuyo1aW%2F%2BYp%2BKzKg0lJGJjd%2FA%2FCbzLf%2FfX65lc8BdWq%2FIwuEtDr8mUi4CPQqcwXhE3bdkOs9QegxeHaUrEkPEqc6PabORn4zS0eKo02hZ2WtnQF0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d2d7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8615
Md5:    bbb7c0067a7bbf038ebfddc53934a8dc
Sha1:   7f2054a6440dc1acf779ca279f1e9e904325080a
Sha256: ad54916e385179587998ab500fa9fa4999e7aaa34e1ae0ec4fc48e94c1c122ea
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 21:58:06 GMT
Expires: Thu, 22 Sep 2022 21:58:05 GMT
Etag: "6efb213f41e3f8bc5e2b777410a2875150838521"
Cache-Control: max-age=355091,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc60ebeef4fab8-OSL

                                        
                                            GET /upload/vod/2022/09-17/13/lal3232s1dq1333lal3232s1dq265753.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 7369
cf-bgj: h2pri
etag: "3fdf1257cad81:0"
last-modified: Sat, 17 Sep 2022 05:33:26 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBxSdeOGpLqNsMmjq4V3df1EB5Kgj7U%2B0XRSzScUhirkSvHD2A23VSJyRCShKqDwwbTaUXeaaHPS7r2d81wNay4uxYQ%2FdpAIvrJuoK6OuWtYk3zo1FYZVAXSwn%2BAmLj4cW34"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d227747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   7369
Md5:    3ae5a52b4975202f63e2d0d720d1ff82
Sha1:   62b350e65dbdf05292cec77f1ad483914da25ad4
Sha256: f5ba0a2e38e00ea1c1bced1d47aaa881d23cabe179bdbaebd30845181bb96d93
                                        
                                            GET /upload/vod/2022/09-17/13/cfhoybcu0vz1332cfhoybcu0vz545709.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 9857
cf-bgj: h2pri
etag: "9f83d5ef56cad81:0"
last-modified: Sat, 17 Sep 2022 05:32:54 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pG2ecWZYtkWFqkLBM%2Fr%2FKwaVOyHYxOvuPW4SXCsGD4m3ODEwh5wNyDwFL%2BjESQxXadPztAQupZnCIucvB2yeiliQQ0dvfxPvtp80nJN0x4a4D6zATPUNFT71yRCLgvfR4jYP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ea6d2a7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9857
Md5:    6e906d79c26ca9b5ba0792e3f457e55d
Sha1:   24113e474f6e67ae11687d8be1f491689bfd95e7
Sha256: 3d701d896bf6d07639a5917c62e076ec83f5d52d7fb11c0b5fd2f7ac895f94f1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0C20F667C32A0C9FD8D0AD0F129D3989BD6A6BB9703B492722D2A91FB0E3FE80"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6627
Expires: Sun, 18 Sep 2022 21:00:21 GMT
Date: Sun, 18 Sep 2022 19:09:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "530246824DB8C89A102345110CC85B3CFAD85FD65F61B8D4A26979BAF11DE419"
Last-Modified: Sat, 17 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16715
Expires: Sun, 18 Sep 2022 23:48:29 GMT
Date: Sun, 18 Sep 2022 19:09:54 GMT
Connection: keep-alive

                                        
                                            GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1 
Host: kvtddd.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mgcqnd.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.62
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Fri, 30 Sep 2022 03:55:44 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1610049
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fg4PblZw491cCXaC%2Fq0beZTDcyZHZjWnUBGu0526NrS2b184FyqA2gjODQU%2BfRU%2BjMCsHSQTYPv%2BfLr61H4Zg0h72Z8FBOi3vw8yaCTEUX827pM7RiDnKmeRm3K%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc60ec3c68dc5b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   902313
Md5:    8b4a95ea7cfbb7fb4d2b18efca5145f3
Sha1:   d2966ecbeb7369620cce5dbcd15d0fe591d79648
Sha256: dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:09:54 GMT
Ali-Swift-Global-Savetime: 1663528194
Via: cache26.l2de2[479,479,200-0,M], cache26.l2de2[480,0], cache8.se1[500,500,200-0,M], cache8.se1[502,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 18 Sep 2022 19:09:54 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16635281938027979e

                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=644046799&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=53270&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 19:09:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CD7759AEC357121D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1334490606&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=53270&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 19:09:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9116F6D568F79A4E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=541954610&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=53270&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 18 Sep 2022 19:09:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A4C7FB44AF57E016; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /image/1-640X200.gif HTTP/1.1 
Host: uu99k.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.145.199
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 117717
last-modified: Wed, 07 Sep 2022 12:58:57 GMT
etag: "63189591-1cbd5"
expires: Sun, 09 Oct 2022 21:42:18 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   117717
Md5:    90a809e02687e4f28872e33f66cd33b1
Sha1:   e878a5b152fd19e45108395805b9f3176b5fbfd1
Sha256: 3439fbaf8a34b02ea3ba9bf59892d702e615318ee526b9252cca882b880ce00a
                                        
                                            GET /73baa2446a9d453aa94fdaf9e9494fc2.gif HTTP/1.1 
Host: vesdsp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.61.212.131
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "63188936-6cad4"
server: nginx
date: Thu, 15 Sep 2022 18:19:49 GMT
last-modified: Wed, 07 Sep 2022 12:06:14 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-01
content-length: 445140
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   445140
Md5:    8dc9eeb6e2f698ff336e098bf7c002a6
Sha1:   5be86ef65976a88e36ad3f30fe64d700f1883e0d
Sha256: 0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
                                        
                                            GET /hg960x60.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:12:05 GMT
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Tue, 18 Oct 2022 19:12:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   138679
Md5:    f0f206683c8403cc9c134ed746fa4aa2
Sha1:   6d0059005833ac269f9a33b50a87ed96529d0f71
Sha256: bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5405
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:09:54 GMT
Last-Modified: Sun, 18 Sep 2022 17:39:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /admin/202208/630634f18a75e.jpg HTTP/1.1 
Host: images.xxootv.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.207.13.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 18 Sep 2022 19:09:54 GMT
content-length: 25706
last-modified: Wed, 24 Aug 2022 14:25:54 GMT
etag: "630634f2-646a"
expires: Tue, 18 Oct 2022 19:09:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x249, components 3\012- data
Size:   25706
Md5:    003320de6bd2223be46a8d7e078a0a45
Sha1:   fc08ff33a5d7080674882770038a92384a1bc366
Sha256: 7ea0cfacef2fe5c94c4bf16a4b0a79a98009775e0b777adb11bafc1cbfcf2880

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /d35467f31a1e415dbf061087c8c283d5.gif HTTP/1.1 
Host: n7181.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62e67b07-a6dd2"
Date: Fri, 16 Sep 2022 22:11:20 GMT
Server: nginx
Last-Modified: Sun, 31 Jul 2022 12:52:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-25
Content-Length: 683474


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   683474
Md5:    ba813a4b9580b3da278e68a1c3e3a954
Sha1:   6d843c3c02ad3270abd575c460ec26ed615578f4
Sha256: 574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
                                        
                                            GET /news/index.php HTTP/1.1 
Host: mang.tiryakioyun.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yezzco.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         20.205.43.35
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Sun, 18 Sep 2022 19:09:51 GMT
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   105671
Md5:    c5b0eb1ec73a8e86cd704383850d9f98
Sha1:   e61125b2ed7aba36e39719f24612bcf89bc8e8aa
Sha256: b5933accc5aba0bce1c58d703ac6f87064863e19e268f339a49e2ad90a4c34a2
                                        
                                            GET /obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.230
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 670683
date: Tue, 13 Sep 2022 21:37:17 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 13 Sep 2022 13:28:41 GMT
nw-session-id: 2022091321284101013105707129C010C7d5mxx02dy
nw-session-trace: 2022-09-13T21:28:41.591336607+08:00 63
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Tue, 13 Sep 2022 21:28:41 GMT
x-tt-logid: 2022091321284101013105707129C010C7
via: n132-078-086, cache23.l2de2[0,0,206-0,H], cache9.l2de2[2,0], cache9.l2de2[2,0], cache3.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc03:8:577::23
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01cd6e94f1c933a302071a43dab825eccd72d6dea726a222772e511c98221f62d060ae36ccc72926b4ad84ae9a93b62c0acd97464c0a9c1b01858bac1dcb99975070e195bc6e6ca9dd20daae1c7d7467339447c9ff2910f867baf2e3067c1cccb5
x-response-lb: image
ali-swift-global-savetime: 1663105037
age: 423157
x-cache: HIT TCP_MEM_HIT dirn:11:72755278 mlen:0
x-swift-savetime: Sun, 18 Sep 2022 08:44:00 GMT
x-swift-cachetime: 31150397
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716635281945907111e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 480\012- data
Size:   670683
Md5:    61c09a981829377054623156baf850e6
Sha1:   5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
Sha256: 5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
                                        
                                            GET /obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         47.246.44.230
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 454806
date: Sat, 27 Aug 2022 14:42:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 27 Aug 2022 13:26:45 GMT
nw-session-id: 202208272126450102080352140A7068A2j6fpx01dy
nw-session-trace: 2022-08-27T21:26:45.540738746+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 454806
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:26:45 GMT
x-tt-logid: 202208272126450102080352140A7068A2
via: n204-097-238, cache16.l2de2[0,13,206-0,H], cache4.l2de2[14,0], cache4.l2de2[15,0], cache2.se1[0,0,200-0,H], cache3.se1[3,0]
x-request-ip: fdbd:dc01:26:287::163
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 015f385d3fc56128f1a4291cfc24ba5beb6bb050174f8a4bde30a2f8504ba2b81d1af23526cac1a55c0544ba65e9a8f06af049aa6fb10d31566b09af1a690e91ed58ef22652af931b4a5db136e17599b70de2d2d794a56a990b6237e8c4a9c7dfc
x-response-lb: image
ali-swift-global-savetime: 1661611346
age: 1916848
x-cache: HIT TCP_MEM_HIT dirn:3:39098984
x-swift-savetime: Wed, 31 Aug 2022 14:32:57 GMT
x-swift-cachetime: 31190969
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716635281945907112e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 480\012- data
Size:   454806
Md5:    a2adfb182a1e1629ab484d90b72f23c8
Sha1:   0301a7d9e60d54dd13e1cb528a0b22546790c026
Sha256: 7bcc06c7b13d9e1ffbff6e5b627b209b91556b3dcd39c8181f99548f150fc89b
                                        
                                            GET /tu-pic/240-140.gif HTTP/1.1 
Host: pic.picnewsss.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.139.251
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cache-control: max-age=2592000
date: Sun, 18 Sep 2022 17:20:56 GMT
etag: "1663525754"
expires: Tue, 18 Oct 2022 17:20:56 GMT
last-modified: Sun, 18 Sep 2022 18:29:14 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 149597
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 140\012- data
Size:   149597
Md5:    f2d3e1a6f8899994610ab814f64bf078
Sha1:   9523d6eba5dd1ab466b5b2968d5d6231161e6ae6
Sha256: 06e958cd3720c7f7afb07142bc76c2b531df3aab1a58ef6d5f3a789f3cad0177
                                        
                                            GET /128/960X60A.gif HTTP/1.1 
Host: zhibo128x1.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         154.83.25.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: openresty
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 538695
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 05:47:13 GMT
ETag: "6316dee1-83847"
Expires: Mon, 17 Oct 2022 09:08:31 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   538695
Md5:    79a6bd621e989d305866cf3da25f3ead
Sha1:   43ff7c41e2e6fd4a9944bb5a6ad62673c1c079ba
Sha256: f0a59f510fc36a5570a8af24e87662bca9e0dd4225f39f72f0d94881505fa4f8
                                        
                                            GET /%E7%9A%87%E5%86%A0240x240.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:12:05 GMT
content-length: 113483
last-modified: Sun, 24 Jul 2022 09:37:56 GMT
etag: "62dd12f4-1bb4b"
expires: Tue, 18 Oct 2022 19:12:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   113483
Md5:    06e653b16b8380bd8ff599d09204f83b
Sha1:   02c928506c30bda05419ed0220617770c435dc7a
Sha256: afb56e7d5879a7ba5561a8b3d3e7454241e51ed81aab742826b418932720ef89
                                        
                                            GET /3p960x60.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:12:05 GMT
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Tue, 18 Oct 2022 19:12:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   310536
Md5:    25791847d9df13fa1bcd1c1c232449cd
Sha1:   b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
Sha256: fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
                                        
                                            GET /3P-240x240.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:12:05 GMT
content-length: 322371
last-modified: Sun, 24 Jul 2022 09:37:58 GMT
etag: "62dd12f6-4eb43"
expires: Tue, 18 Oct 2022 19:12:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   322371
Md5:    10b590fb68b248b758ae345f3cc33961
Sha1:   9e13b8044dc3e6bfcf6156977a32403f672b71c3
Sha256: ee081d5613e4bafe5733342028b1518f676b9572319146f2197463836993391e
                                        
                                            GET /gg/960X60.gif HTTP/1.1 
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.91
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Sun, 18 Sep 2022 19:09:53 GMT
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 63276D017E084E3932136760
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   95856
Md5:    57557d6b489d522d480d9b82ce29db65
Sha1:   da2d3b35f0c9534e84e50310aeafe73173037315
Sha256: 4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
                                        
                                            GET /get-image/0xmAGT9KS9C HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         58.254.180.65
HTTP/2 200 OK
content-type: image/gif
                                        
server: JSP3/2.0.14
date: Sun, 18 Sep 2022 19:09:54 GMT
content-length: 117593
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
etag: "c4caa37b717580e8594587f32ca86470"
age: 213214
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80n4hobs7go5ib5np8lk0gkchq
content-md5: xMqje3F1gOhZRYfzLKhkcA==
timing-allow-origin: *
ohc-cache-hit: gz3un59 [2], jnuncache59 [2], suzix111 [2]
ohc-file-size: 117593
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   117593
Md5:    c4caa37b717580e8594587f32ca86470
Sha1:   a645ec82581a0b18f67444b62a062059adf78aa6
Sha256: 208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
                                        
                                            GET /img/96060.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:08:12 GMT
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Tue, 18 Oct 2022 19:08:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   46855
Md5:    2b9c30b086d03d90a45a9174aef7b408
Sha1:   e87dbe76669e2f402826dd598bb047d793b1e20c
Sha256: f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
                                        
                                            GET /img/960160.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:08:12 GMT
content-length: 165614
last-modified: Mon, 02 May 2022 05:20:34 GMT
etag: "626f6a22-286ee"
expires: Tue, 18 Oct 2022 19:08:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 160\012- data
Size:   165614
Md5:    499d402cf727956bcdb1a229ff10c05e
Sha1:   95bbdda00299532dab6ca13cec744d21c0f7ae26
Sha256: 20be363fb9c4cc867e6d5467daff447c1e9aa10feabda9fd943672b6672aeff9
                                        
                                            GET /img/200200.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:08:13 GMT
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Tue, 18 Oct 2022 19:08:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   75259
Md5:    03c13356e00c2033df2c88cb919251eb
Sha1:   f3a334a0366ddda6a87034f7d6c889c4d159dc8d
Sha256: 0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
                                        
                                            GET /img/600400.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 19:08:12 GMT
content-length: 304522
last-modified: Mon, 02 May 2022 05:20:33 GMT
etag: "626f6a21-4a58a"
expires: Tue, 18 Oct 2022 19:08:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 600 x 400\012- data
Size:   304522
Md5:    e0a34183ace6e0dff373311780daecf4
Sha1:   48e4233e415d464e22ac1ff3d2135d20e4c31eb8
Sha256: eb3c73f48295ec7129fef667fd2734e038849817160510ea8cd01a4481aa0652
                                        
                                            GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:09:54 GMT
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 37815 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 1e756649-720d-4de5-92c8-8f6a554f10fd
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 200\012- data
Size:   177086
Md5:    be83c16833e7818983eb893bfd657c71
Sha1:   0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
Sha256: bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
                                        
                                            GET /hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 121197
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:24:44 GMT
cache-control: max-age=2592000
x-delay: 38844 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 121197
chid: 0
fid: 0
x-nws-log-uuid: 8720c9d1-a643-45dd-9401-b9a4f1121785
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   121197
Md5:    c333d9318beb5b59bc7fd1dbe71ed7f3
Sha1:   7f59fbc05d4302bc5768755ed10aa58932bf8c7a
Sha256: 58ae8f93dc8f4805de239cc27796b1a97bd67acd9ef72cd7f0ed73119175d4f5
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 456390
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:11:26 GMT
cache-control: max-age=2592000
x-delay: 60701 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 456390
chid: 0
fid: 0
x-nws-log-uuid: dfabc9d6-c9c1-4928-9d65-88fba9531b1c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   456390
Md5:    24f8d711ff99c1b9e8eda597e520496d
Sha1:   0349e3b205f0e62dd5aa818e856efe8e7e1fe1d2
Sha256: 9079d8c7d39c6db6ab2e3421748cdfd1a55366b99304d2670fc3cfd48252f363
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:09:54 GMT
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 299 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: cc670f2b-64f6-4317-b9eb-819d20d3268d
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   688878
Md5:    38adb06da8d7db34d62dfc1760cda2dd
Sha1:   862c5ecedd5add094b8dfb22c3087b09493a312a
Sha256: 89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
                                        
                                            GET /news/data.php HTTP/1.1 
Host: mang.tiryakioyun.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         20.205.43.35
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Sun, 18 Sep 2022 19:09:51 GMT
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/62fbb66bab3ecbe918ac81f1.gif HTTP/1.1 
Host: img.x967.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.228.34
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5ae29f1c75b96bd0a83bebaafdd18bfca/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 1296026
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:22 GMT
cache-control: max-age=2592000
x-delay: 96781 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1296026
chid: 0
fid: 0
x-nws-log-uuid: 1e013592-16b7-44f1-bf85-84edb44d6627
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/62f786e81cd529cdb973c2b0.gif HTTP/1.1 
Host: img.cuphf.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.228.58
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:09:54 GMT
content-length: 2668995
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:04:56 GMT
cache-control: max-age=2592000
x-delay: 170314 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 2668995
chid: 0
fid: 0
x-nws-log-uuid: 162eab86-725a-42bb-9944-a5dba19abd07
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:09:54 GMT
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 451 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: 8bdea302-29b1-4f29-a2bf-f4130237a043
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:09:53 GMT
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 928 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 428b77c5-667c-4e8a-843d-24bf19ed102a
X-Firefox-Spdy: h2


--- Additional Info ---