Overview

URL cbdomus.com/
IP45.151.252.27
ASNDEDIPATH-LLC
Location United States
Report completed2022-09-19 12:28:43 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-19 2 xxootv.top Sinkholed


Files

No files detected



Passive DNS (37)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cbdomus.com (1) 0 2022-06-03 18:01:18 UTC 2022-09-18 11:52:29 UTC 45.151.252.27 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-19 04:30:26 UTC 34.117.237.239
mnemonic passive DNS www.cbdomus.com (4) 0 2022-07-17 02:45:34 UTC 2022-07-17 22:14:10 UTC 45.151.252.27 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-19 04:39:15 UTC 44.242.41.15
mnemonic passive DNS mang.tiryakioyun.com (2) 0 2022-03-21 04:49:54 UTC 2022-09-19 00:29:19 UTC 20.205.43.35 Unknown ranking
mnemonic passive DNS dimg04.c-ctrip.com (1) 139731 2014-05-08 16:11:10 UTC 2022-09-19 05:42:15 UTC 104.110.17.24
mnemonic passive DNS cdn.staticfile.org (1) 46426 2013-08-23 08:51:19 UTC 2022-09-19 08:52:22 UTC 47.246.44.211
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-19 10:51:19 UTC 104.18.32.68
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-19 04:47:53 UTC 104.18.21.226
mnemonic passive DNS uu99k.com (1) 0 2021-02-04 07:26:26 UTC 2022-09-19 00:29:24 UTC 23.224.145.199 Unknown ranking
mnemonic passive DNS 3p8801.co (4) 0 2022-07-05 12:28:12 UTC 2022-09-19 00:29:23 UTC 137.175.35.2 Unknown ranking
mnemonic passive DNS n7181.com (1) 0 2022-07-03 12:37:11 UTC 2022-09-19 00:29:23 UTC 103.170.15.101 Unknown ranking
mnemonic passive DNS p.qlogo.cn (7) 48578 2014-01-15 11:11:45 UTC 2022-09-19 03:41:03 UTC 43.129.255.47
mnemonic passive DNS push.zhanzhang.baidu.com (1) 57139 2015-07-22 05:44:02 UTC 2022-09-19 05:34:00 UTC 182.61.240.101
mnemonic passive DNS hm.baidu.com (10) 8254 2012-05-26 08:38:45 UTC 2022-09-19 08:13:49 UTC 103.235.46.191
mnemonic passive DNS img.cuphf.xyz (1) 0 2022-07-12 16:14:16 UTC 2022-09-19 00:29:24 UTC 23.225.222.2 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (14) 344 2020-12-02 08:52:13 UTC 2022-09-19 04:28:44 UTC 23.36.76.226
mnemonic passive DNS www.mgcqnd.xyz (7) 0 2022-05-28 03:55:56 UTC 2022-09-19 00:29:22 UTC 173.231.17.185 Unknown ranking
mnemonic passive DNS ocsp.digicert.cn (2) 37572 2020-03-20 17:45:56 UTC 2022-09-19 06:20:54 UTC 47.246.44.205
mnemonic passive DNS zhibo128x1.xyz (1) 0 2022-09-06 23:50:01 UTC 2022-09-19 03:27:39 UTC 154.83.25.141 Unknown ranking
mnemonic passive DNS img.x967.xyz (1) 0 2022-07-18 13:04:45 UTC 2022-09-19 00:29:24 UTC 23.225.228.34 Unknown ranking
mnemonic passive DNS taiwtp1.com (4) 0 2022-04-08 07:06:08 UTC 2022-09-19 09:17:06 UTC 220.128.218.220 Unknown ranking
mnemonic passive DNS images.xxootv.top (1) 0 2022-06-09 20:47:47 UTC 2022-09-19 00:29:24 UTC 45.207.13.180 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-19 04:39:15 UTC 143.204.55.25
mnemonic passive DNS ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2022-09-19 07:42:24 UTC 93.184.220.29
mnemonic passive DNS api.share.baidu.com (1) 44629 2013-04-25 14:45:11 UTC 2022-09-19 05:29:47 UTC 182.61.240.101
mnemonic passive DNS p3.douyinpic.com (1) 23536 2020-12-18 11:20:50 UTC 2022-09-19 05:37:04 UTC 47.246.44.231
mnemonic passive DNS vesdsp.com (1) 0 2022-07-06 03:53:54 UTC 2022-09-19 02:08:54 UTC 103.189.108.93 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-19 06:53:21 UTC 143.204.55.35
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-19 04:20:29 UTC 34.120.237.76
mnemonic passive DNS fmlb.netlbtu.com (38) 187701 2021-09-14 11:57:06 UTC 2022-09-19 09:17:05 UTC 104.21.235.174
mnemonic passive DNS si1.go2yd.com (1) 325918 2017-02-02 11:37:19 UTC 2022-09-19 09:03:31 UTC 58.254.180.65
mnemonic passive DNS yaoji666.oss-cn-hongkong.aliyuncs.com (1) 0 2022-07-12 23:48:19 UTC 2022-09-19 00:47:59 UTC 47.75.19.91 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS u0083.com (1) 0 2021-02-01 01:45:41 UTC 2022-09-19 01:01:25 UTC 20.205.45.250 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-19 04:37:12 UTC 104.18.20.226
mnemonic passive DNS zerossl.ocsp.sectigo.com (2) 4049 2020-05-09 19:05:29 UTC 2022-09-19 05:09:28 UTC 172.64.155.188
mnemonic passive DNS pic.picnewsss.com (1) 0 2022-06-14 11:57:58 UTC 2022-09-19 09:03:31 UTC 23.225.139.251 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 45.151.252.27

Date UQ / IDS / BL URL IP
2022-09-19 12:28:43 +0000
0 - 0 - 1 cbdomus.com/ 45.151.252.27

Last 5 reports on ASN: DEDIPATH-LLC

Date UQ / IDS / BL URL IP
2022-11-30 09:06:35 +0000
3 - 0 - 1 dvtcxvkvjj.duckdns.org/ 63.251.217.12
2022-11-30 06:42:01 +0000
0 - 0 - 2 89.46.98.21/ 89.46.98.21
2022-11-30 06:26:28 +0000
0 - 0 - 2 000000000010000000001000000000000001000000000 (...) 185.216.71.16
2022-11-30 05:40:21 +0000
11 - 0 - 5 hhjlkbuyum.duckdns.org/ 45.12.138.161
2022-11-29 22:48:02 +0000
23 - 0 - 16 agilmmrcaw.duckdns.org/ 185.225.139.194

Last 1 reports on domain: cbdomus.com

Date UQ / IDS / BL URL IP
2022-09-19 12:28:43 +0000
0 - 0 - 1 cbdomus.com/ 45.151.252.27

No other reports with similar screenshot



JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 103, repeated: 1) - SHA256: 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e

                                        < meta id = "viewport"
name = "viewport"
content = "user-scalable=no,width=device-width, initial-scale=1.0" / >
                                    

#2 JavaScript::Write (size: 77, repeated: 1) - SHA256: 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4

                                        < style > html, body {
    widht: 100 % ;height: 100 % ;overflow: hidden;clear: both;
} < /style>
                                    

#3 JavaScript::Write (size: 87, repeated: 1) - SHA256: 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9

                                        < div style = "width:100%;height:100%;position:absolute;top:0;left:0;z-index:2147483647;" >
                                    

#4 JavaScript::Write (size: 187, repeated: 1) - SHA256: b369455e1836b256f6870bf8ca5352feabe0f12957891834d3adcd1ca30fdf4b

                                        < iframe src = " https://mang.tiryakioyun.com/news/index.php"
frameborder = "0"
style = "border:0;width: 100%; text-align: center; border: medium none; height:100%;max-height: 4000px;" > < /iframe>
                                    

#5 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#6 JavaScript::Write (size: 201, repeated: 1) - SHA256: 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca

                                        < style > # o63092 {
    animation - duration: 10000 ms;
    animation - iteration - count: infinite;
    animation - timing - function: linear;
}@
keyframes spin {
    from {
        transform: rotate(0 deg);
    }
    to {
        transform: rotate(360 deg);
    }
} < /style>
                                    

#7 JavaScript::Write (size: 322, repeated: 1) - SHA256: 2954b88fb53320801530057b59b7688e297b76a48aa3626bb5558dbdb1b77ec9

                                        < div class = "f63092"
id = "o63092"
style = "position: fixed; bottom: 52%; z-index: 19999 !important; right: 2px;" > < a target = "_blank"
href = "https://zzvcljljfd222.com/85/mguo.html" > < img src = "https://taiwtp1.com/img/200200.gif"
style = "margin:10px;border-radius: 15px;border: solid 2px red;"
width = "90px"
height = "90px"
"></a></div>
                                    


HTTP Transactions (137)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 11:33:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cw7NUwQ9xx5tgTxDQJI_t6jhWGwmmz4DzEnckwCY9g3egnPflSaSxg==
Age: 3309


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14652
Expires: Mon, 19 Sep 2022 16:32:44 GMT
Date: Mon, 19 Sep 2022 12:28:32 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: cbdomus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         45.151.252.27
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 19 Sep 2022 12:28:30 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.cbdomus.com/

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rsqi0nRrSRl-GiXWGgfTK0BBri7_dF-wzz7vfgIFca6V5d-X90OVCQ==
age: 28399
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 19 Sep 2022 12:03:22 GMT
Expires: Mon, 19 Sep 2022 12:23:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8AlLXoyo4qBTJiF59q6BvxwbH1MfiGGymDxkP15s9FtcugdZplpdsw==
Age: 1511


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: www.cbdomus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         45.151.252.27
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 19 Sep 2022 12:28:30 GMT
Content-Length: 781
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   781
Md5:    6b7042dd4133490d63cd52c534b12b00
Sha1:   d395e2ba31bfbdde5cbb43d57365952cfdb4a086
Sha256: 51c51cdaea04f47906550c8627be33a22964c07598cb227ac87e82a7ba388b93
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5878
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:33 GMT
Last-Modified: Mon, 19 Sep 2022 10:50:35 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tj.js HTTP/1.1 
Host: www.cbdomus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbdomus.com/

                                         
                                         45.151.252.27
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 19 Sep 2022 12:28:30 GMT
Content-Length: 520
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   520
Md5:    52e25713f8f95e97d148dfc442a5c6a7
Sha1:   5b6e63931ee5dfb791aec5a1bd31659c7306fd5f
Sha256: 371ec1006577ad5cfab388a8e1cd09bae5134dbaa9592753206b7d078aaa4493
                                        
                                            GET /common.js HTTP/1.1 
Host: www.cbdomus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbdomus.com/

                                         
                                         45.151.252.27
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 19 Sep 2022 12:28:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Size:   1104
Md5:    3b08372f4773c8e7854234aaef938077
Sha1:   b65315c1d4fc673034b770705bf00746f6028d72
Sha256: da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mnMYfx41A3nIV4/8lJUxVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.242.41.15
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VvmfuY7fi8IxWdfYgq9LZXmlZec=

                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbdomus.com/

                                         
                                         182.61.240.101
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Mon, 19 Sep 2022 12:28:33 GMT
Etag: "4078521116"
Expires: Tue, 19 Sep 2023 12:28:33 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=57E034F4C200F3B780382BC7F36DF8BA:FG=1; max-age=31536000; expires=Tue, 19-Sep-23 12:28:33 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 12:28:34 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 23 Sep 2022 09:03:05 GMT
ETag: "b6a07f2961501afed88fd16a8e61765c76c77d85"
Last-Modified: Mon, 19 Sep 2022 09:03:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2742
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d25268e814b506-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    b979f83da7bceaaec411f707c2f01b5e
Sha1:   b6a07f2961501afed88fd16a8e61765c76c77d85
Sha256: 82216d6dcf55592a29c66c15f8b4abdcd238e8555bb07c19a8bbdbe08f1daa61
                                        
                                            GET /s.gif?l=http://www.cbdomus.com/ HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbdomus.com/

                                         
                                         182.61.240.101
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Mon, 19 Sep 2022 12:28:33 GMT

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.cbdomus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cbdomus.com/

                                         
                                         45.151.252.27
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Mon, 19 Sep 2022 12:28:31 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 24 Sep 2022 12:28:31 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 12:28:34 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 11:27:45 GMT
Expires: Sat, 24 Sep 2022 11:27:44 GMT
Etag: "f81f7f923526d6a735f7bda626ae251630c19422"
Cache-Control: max-age=427749,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d252695bd71c06-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2524
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 12:28:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2524
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 12:28:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2524
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 12:28:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2524
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 12:28:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
age: 52281
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5064
Md5:    e4098577adb98eae5ba4a8b5e143df71
Sha1:   b0ad467f2837d103f8a96fb732bd34176c4c7110
Sha256: 83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nD62kVNMZRvoZaM85m1kNlgU-KOj2X7tqhy9cPxGJFaBHCMVEsvWXQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:45 GMT
age: 52489
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6428
Md5:    893f3495f1f575e946a57c8e8411b2a5
Sha1:   480182fd29c7edd369339847b85e4e2580cef0f6
Sha256: 097d868881231eae089ac8b97d5dc290583477f63dc35b7458ed4898e0db3e0c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:54:31 GMT
age: 30843
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9901
Md5:    da8b8819fc21dcfb224ce0e7ecdc6772
Sha1:   e460ad4376cd118a6fe8b6b050af9398117d9531
Sha256: 9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 12:42:49 GMT
age: 85545
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10894
Md5:    d3e70b2859ca89b353682d03f6b46b93
Sha1:   ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
Sha256: 43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8735
x-amzn-requestid: bee7087d-6431-457a-8fdc-a9eff7b14afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOAZHcCIAMFTSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279068-4a7d282e1860a131491a4f2d;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EClCCFFn_OCwRqXC7W0g-msDSm1WsTRB5kDJsAQyxIPmIwSQBSbJ9g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:01 GMT
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
age: 52293
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8735
Md5:    3d9fd171b51b27aa84e06e7d5a40116e
Sha1:   a81660dcace8f232018ce9a6d027b271d1f8a863
Sha256: 2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9426
x-amzn-requestid: 6569d647-e17c-4456-8d54-b093e1cc1d7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl9trEPNoAMFteg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257657-7bba0e970a8114a11fd6bf32;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:25:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sO0jibO4hXSxONHRYPgA2WA9U9GBFbVhCGy9F3RwrJqZoAzU90Tpsg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 06:24:34 GMT
age: 21840
etag: "36355214d6f866681edc3eacd5f1af87b16bdcc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9426
Md5:    febaa50825802847e9cbc0479e7121ba
Sha1:   36355214d6f866681edc3eacd5f1af87b16bdcc2
Sha256: 7a808fbeb6ce87490299fb3d5de52ec450c9161d9098254f1b54a0d4a97b645c
                                        
                                            GET /hm.js?3a1242956a6bb6e2c9db4705081af1eb HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbdomus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Mon, 19 Sep 2022 12:28:34 GMT
Etag: 658e342a4f33d8dca603cb3156631705
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7844161C7EEB92DE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    409ed1b184432df8c13d93f73f763a12
Sha1:   78af0989d0b9ea2ed93c85ad5b02e7f1f571b2e0
Sha256: 64eea1c1b91f5b761a741f826ba4ddce5f97e147292f62b17c98b5b6d269ad43
                                        
                                            GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbdomus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Mon, 19 Sep 2022 12:28:34 GMT
Etag: 6eb87e68ba0beddbdd1d4c198fb6b7ee
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=457BBD601D8258F8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    711c44df824853f93186f3ce8fd2bd8f
Sha1:   0906c19f90f512f1eec61bee4a5f6c266583683c
Sha256: 9cec956d83869b8c91e3fe67243b620c53157e6f1a9af427d8dbb0e83a267f0e
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2123976437&si=3a1242956a6bb6e2c9db4705081af1eb&v=1.2.97&lv=1&sn=50056&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbdomus.com%2F&tt=%E5%BC%A0%E6%8E%96%E9%B2%81%E6%90%AA%E5%A8%B1%E4%B9%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbdomus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 19 Sep 2022 12:28:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E0EC6453C216D5F5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=428803565&si=2107c53676d8b23c2b876048405f5d94&v=1.2.97&lv=1&sn=50056&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.cbdomus.com%2F&tt=%E5%BC%A0%E6%8E%96%E9%B2%81%E6%90%AA%E5%A8%B1%E4%B9%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbdomus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 19 Sep 2022 12:28:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9E5526791B4D4F29; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "60F1AF6DBAEDA021C30A2521C9F66D5008A7965AAE3503427DD1C9ED5CFDD63D"
Last-Modified: Sun, 18 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4408
Expires: Mon, 19 Sep 2022 13:42:03 GMT
Date: Mon, 19 Sep 2022 12:28:35 GMT
Connection: keep-alive

                                        
                                            GET /news/index.php HTTP/1.1 
Host: mang.tiryakioyun.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cbdomus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         20.205.43.35
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Mon, 19 Sep 2022 12:28:34 GMT
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2

                                        
                                            GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:36 GMT
content-length: 641
last-modified: Fri, 22 Jul 2022 08:35:23 GMT
etag: "62da614b-281"
expires: Tue, 20 Sep 2022 00:28:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   641
Md5:    b840c26fe2ad5f5fed93a1422e810847
Sha1:   2e682ed0739aa6258b57deeb01e3b013edc0022d
Sha256: e86ced398e2f16d4e3bc271378f9abc9961bbecc17d58ad9399733a61aa3f7b6
                                        
                                            GET /images/03964120009z0w8i44344.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 445879
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15528313
expires: Sat, 18 Mar 2023 05:53:49 GMT
date: Mon, 19 Sep 2022 12:28:36 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   445879
Md5:    dfbf81fb5d0c62a4890d1362f950c5d7
Sha1:   725b5307b3976bd29822d38f3a22d119086498da
Sha256: aeefa12a7a2daa7ef3c04e1545d05163f8f6d95e1b8651fe7ea2893115bb6315
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9DB7570DAA89A1C9211C7FA48CE90CEE115B1C855598AFEF6F18B5F6CEA48BD0"
Last-Modified: Sat, 17 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20790
Expires: Mon, 19 Sep 2022 18:15:06 GMT
Date: Mon, 19 Sep 2022 12:28:36 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8461
Md5:    3731f8d862aa269c624dc32e985275ee
Sha1:   8e0e0f2396a1f4e6b89591b76fecb3a41e171acc
Sha256: d306ccd2edd2eacc88f130c8ebcb0bf8ebe4aef19866098aa8624a0b0e116dc1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:37 GMT
Ali-Swift-Global-Savetime: 1663590517
Via: cache1.l2de2[471,470,200-0,M], cache1.l2de2[472,0], cache5.se1[492,492,200-0,M], cache5.se1[493,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 19 Sep 2022 12:28:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916635905166793243e

                                        
                                            GET /jquery/1.9.1/jquery.js HTTP/1.1 
Host: cdn.staticfile.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.211
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 80123
Connection: keep-alive
Date: Sun, 18 Sep 2022 14:16:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: Xx4AAABN0OoU-hUX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1663510605
Via: cache15.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[0,0]
Content-Encoding: gzip
Age: 79912
X-Cache: HIT TCP_MEM_HIT dirn:3:61408025
X-Swift-SaveTime: Sun, 18 Sep 2022 14:24:11 GMT
X-Swift-CacheTime: 85954
Timing-Allow-Origin: *
EagleId: 2ff62c9b16635905171866660e


--- Additional Info ---
Magic:  ASCII text
Size:   80123
Md5:    a3932a941cb998342ce964fdd83697f1
Sha1:   1b0e6eca41925e7cd470ea29b16cea49c1ec58af
Sha256: 8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4864
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:37 GMT
Last-Modified: Mon, 19 Sep 2022 11:07:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4864
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:37 GMT
Last-Modified: Mon, 19 Sep 2022 11:07:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /template/m1938pc/js/jquery.config.js HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:36 GMT
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Tue, 20 Sep 2022 00:28:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   904180
Md5:    16b49b904671d17a4121283f151fb4de
Sha1:   fdd59c234869c530d53834fabbe7a47da0d95ad0
Sha256: b110b4713a4bffc1f448adecc9c755d927911930a4243980f475cde3a405e1b4
                                        
                                            GET /template/m1938pc/images/video-mask.png HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 107
last-modified: Fri, 07 May 2021 10:47:36 GMT
etag: "60951ac8-6b"
expires: Wed, 19 Oct 2022 12:28:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size:   107
Md5:    6a5ee87ff75437cb480df839f36004fd
Sha1:   eac66370f99601cb7febef320c9540d4593cd856
Sha256: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
                                        
                                            GET /upload/vod/2022/09-19/13/grq2c2od1jj1351grq2c2od1jj136453.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 7793
cf-bgj: h2pri
etag: "1f106ed3ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:51:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIDNRCVdaqqnVYWCYSEzCtIkKn3p3jUFhm2grnvfhW%2FkV9EkVtC04kEHuVNhfm6NxFkAZFOUDrAu9BYaVJTgBR9WilSAQwx4xo5s2wzWXXrYUz%2B9sduJPok%2BhTJdUHPoj87Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527dfa8a71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   7793
Md5:    c9b2d1b3fa68fe3f55136c167c3bf248
Sha1:   a05472cdd84aa3007291774dc6a214c1cae8df34
Sha256: 5903626d909afeaaf9443755476098fd2d98912f40ff71b02771ea4f863d2e03
                                        
                                            GET /template/m1938pc/images/video-play.png HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Wed, 19 Oct 2022 12:28:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size:   1567
Md5:    be7ca0a4a7c0317398a11162b1e09b75
Sha1:   5dbe6a02524cfbf5f5111478a71f91a9259056b5
Sha256: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
                                        
                                            GET /upload/vod/2022/09-19/13/ujwrt42judn1351ujwrt42judn146457.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 5195
cf-bgj: h2pri
etag: "bdc27bd4ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:51:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5Q23sVfcuJihinlLZJEPsQGSdbo5yzwTUsjKd5uumvQufuaxTqm8kVJgjm9QjTUAZcmE17Ltg4BmQoM43vftYPeHNGqtaOFdog75VkjuXB2GeNjBtjRbWKHkbfLi7ET0eaJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527dfa8d71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   5195
Md5:    d69a359672a0f524a3df7f959aca429a
Sha1:   3d9bcccc0a18cc63d55665c23496cccdc24da1cc
Sha256: 36f137628cc63241c9339aad5346547366dedd1f848d8d49f7595dd1e3d30fbe
                                        
                                            GET /upload/vod/2019/11-08/04/eneoizgahg40430eneoizgahg44310959.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 11874
cf-bgj: h2pri
etag: "1357713aaa95d51:0"
last-modified: Thu, 07 Nov 2019 20:30:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2F%2Bti%2FAzQ%2FlN3mOFAVCcEj7MmT%2Fu4S5zqxx5%2B1uOn3Vy1Q06CMB%2BYeqw6goAN7Gf0VE1g%2FbqJgEz%2BG%2FL1rUUzP%2BArBt9tQ2c1V0%2BtJSqZVD2qp3xObpKQ9N2kQkc4RBGrCv7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527dfa8371b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11874
Md5:    17a955900751611c1fb7e8861ac93d79
Sha1:   d0bc47425ad007f8b128083fe0ee0e57d5bd0826
Sha256: 1bdfee77d95370203776b989bde3a5d266abe2bd481f7ffc3feb2cd303da70d9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4864
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:37 GMT
Last-Modified: Mon, 19 Sep 2022 11:07:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /upload/vod/2019/11-08/04/kj33saxpwxt0417kj33saxpwxt589881.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 7715
cf-bgj: h2pri
etag: "d21bf72a895d51:0"
last-modified: Thu, 07 Nov 2019 20:17:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6149
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNiN2ljnQFHf9cQ16B4jw6DSnRY74sspzHNFD3Rzwhi6bWyTRyA4AlE4a0UUX230CfERppWMGlFsYm979dWwpaej5pcH6ukDPg9GlBRRkA%2FrPHmBNfmvoWneDf2FCKlBK3LZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527dfa7f71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7715
Md5:    b1a6df25886e1c13b0429b42f5463696
Sha1:   c2f239bd8ae081c380a278ae6bccf555472497a1
Sha256: 634ef0d8c55ec0f1d175efbce5b572509586be2ef29e0ccc4cdb790ec09ef0bb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2202
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:37 GMT
Last-Modified: Mon, 19 Sep 2022 11:51:55 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /upload/vod/2022/09-19/13/pcur53kl4ou1351pcur53kl4ou146455.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 6431
cf-bgj: h2pri
etag: "6194f3d3ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:51:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WokUYdQ4%2FjNMZ9aVBxf5thZbQoceKRHNJ%2FQUC0093025qGTaAX%2FDUYf%2FTicb7MbYkiNZkLLBbeVaiSL2Yszr1wnOOAJCFST9lhpAX1Y5DmOB6jhB2LtklrJCd%2BTClxjoVHLg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527dfa8c71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   6431
Md5:    61ada55812fe0a05a8086d41450ea05c
Sha1:   bca8e17e799f42f1638bd1b8f46893df40c3ded3
Sha256: 40136b7f6488bceeab9c4a170b7b6192cc60298b0423d0b6f6a7daeaaf9880e5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4864
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:37 GMT
Last-Modified: Mon, 19 Sep 2022 11:07:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /upload/vod/2022/09-19/13/3yji0lqyow013513yji0lqyow0116449.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 9176
cf-bgj: h2pri
etag: "967f54d2ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:51:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xzt5rW7gMe0kIdrlW09VHvHvX%2BiST0mfH8aWR87MVQU%2FJ4PC%2Fq9h0KKjh5YmQyEUiYClk6TUL595Oxf6BZyypFUt%2FFYRegq117SsHg0fXnm5Q4X%2FI6aZ3TNBw3mapvvOqNXL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527dfa8871b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   9176
Md5:    49b05e97924b3d8db5d3a8a4b3165fc4
Sha1:   63050c7d2400c897455496f0ec01186b9897c453
Sha256: efaeab78a43cce907b23d1324c40918595c74890d6f73af5d5dbfc5d6cb97bbc
                                        
                                            GET /upload/vod/2022/09-19/13/oajv1xoivex1351oajv1xoivex126451.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 10385
cf-bgj: h2pri
etag: "632ce1d2ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:51:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjppkPw3aQ9zQOkmp2eEwaL00epR4%2F%2FygPQBoKIlrHuF0dnHE5AIDJC1AZqsckPFQ0vyqb4yMjYl3zNu4QAN2vOeWn3WZdtb7Xn6ZQ%2BzsrKb7vBooaQlakIPNKJzkmYNh2cv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527dfa8971b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   10385
Md5:    ecca573e3ec3092fb80f68337c1565fc
Sha1:   a5d1372c59f09e436f6176fc41d04bf6e3db8d4e
Sha256: 8dd9718178a3c9960847e673119ea7436a497872486122e60f1ed4f7f5f07006
                                        
                                            GET /upload/vod/2019/11-08/04/s3ycvisa2mj0429s3ycvisa2mj5610895.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 11166
cf-bgj: h2pri
etag: "d168401eaa95d51:0"
last-modified: Thu, 07 Nov 2019 20:29:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6149
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ez%2FPnK4iBet8KOz968L%2BBmF4wsq2i2QQ1hDiHrGhFij4CA4RF4fcm5bEiM0DIlkcOAoToeQkldGZnXEKG41hq5hKL2Rf5Ozcrv9IiJvoQNRdwJetW6%2FAFZpwxeIKiU51%2Fcw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527dfa8271b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11166
Md5:    75af6ef0b5fb21911be1830f0dc2e568
Sha1:   ef3f1c95ffacb5f212b1cb6daced6d08e63a9a88
Sha256: 2307d8038d62efc1dd34449189883d65222d0eba21c0a2d184b15abd77b14ddb
                                        
                                            GET /upload/vod/2022/09-19/13/rfemxsjt33n1351rfemxsjt33n156459.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 9684
cf-bgj: h2pri
etag: "351f19d5ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:51:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2809
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=set%2B85dEjMWKeP5qs%2BFSDZvr5AA4QByMWJNS7OSDp4UmJ7PNsHtZECm3ptgXiaRRZMPoeJ4n9Z2ONeYrpFVRWm%2FmztfqjK%2BaetvGtKNglzlw%2FIKRWCNzKvlIR%2F7CQjyQ3rFm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ab371b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size:   9684
Md5:    e616ca57f0731b6a33ebfe0e3dea157d
Sha1:   12822c5d7caae36effcf85dd000750921ca2ebbf
Sha256: 89ec599bccb14e86ccc271dcee30c26f9dfdc7885bd2cb87c1fd7bbe8d832f01
                                        
                                            GET /upload/vod/2022/09-19/13/oocig3nbvpf1350oocig3nbvpf456409.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 6208
cf-bgj: h2pri
etag: "7e35ebc2ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:50:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3b42yxHsb7RKmuoCIeK9K%2FFRzVyr7TIFt1QlnPkCy4LrjeIY39d7L8TOYPXnPsj6cjx%2BAG5ifOIe%2FvflFQPxPPtTlxo%2BTQSZILxVgdRCC95sWoc8ARqwSnGLDnd5I7amnnc1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ab571b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   6208
Md5:    3503a4c32f463ee4a257f932a73c54c6
Sha1:   bef31a232db31bfac102b86ccb31708bf985656e
Sha256: 93d719db3403953ea9c4ecca6985daa4ac9beae66e73fc5f6ab7b0f6cb97a55e
                                        
                                            GET /upload/vod/2022/09-19/13/tjlm24reyjw1350tjlm24reyjw486415.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 8727
cf-bgj: h2pri
etag: "8c118ac4ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:50:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t69rG4jIIbrHI%2Bpyq73B3kKcv2c3Kz5%2B3xNuLvzOKtDLR7BDkcS%2BKa3qS1zn3GL%2FFzjmhAn5KNWgEQUZrPr4aNOaJ7Tyn5huBjAvQplZbiLO6yztASm6v0lRR0ZA2zT%2FVNXx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ab671b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   8727
Md5:    73bb2df5b546f82bebba8d65e40b5486
Sha1:   7c5c7c030269b9f187009226aa47ff66021fc2bd
Sha256: b4ab6dba6d11b9d823eb7aca48ab52911b330d95466cc5e9c878b68f70ed7102
                                        
                                            GET /upload/vod/2022/09-19/13/ash5pmga4c01350ash5pmga4c0496417.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 4919
cf-bgj: h2pri
etag: "dbf711c5ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:50:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsHjiHb5HgWPR%2B6mEYmIi%2Baibem9Qq%2FAAo19tdEgwwltvh%2FbVusXt6bq4IMVcjvhqX0baIIbi5i%2BVke6QtxS5FXZU6tRKW%2FgYUm54mR2PDo6L69fIPUaziNr15JHCMe1%2FDFQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ab871b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   4919
Md5:    7502042482d823c199ebb25c07e2a184
Sha1:   6fac1e2267fda38c1d4838be87053c33bbb7c317
Sha256: 8201450bfbe8d405136e4b3839f30ef8092e36f79ee3ee8cbb2d1b0017ce077c
                                        
                                            GET /upload/vod/2022/09-19/13/gibdlwdetjk1350gibdlwdetjk496419.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 11241
cf-bgj: h2pri
etag: "83419cc5ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:50:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHAC9VA%2FLluCamnbla2BgBoeTK2I%2FOxcm99rWIrm5JUusl%2FipuzU3WNCm%2FimFlVfJQoEcydFMi%2BK5zg%2FyWBoU%2FdrQiX8fbMzyo0XEDV5G97AAuDJxWif4gIgWOGQQAJASGiz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1abb71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   11241
Md5:    b76247461d2677277a0dcb334e2aaed5
Sha1:   33bfac1e0aeb0cfc6c19042a0786e57dec2743b6
Sha256: 94d103e947d88c7d2d33ec32fcb856add82261b09e3f3d53c5b260dd20f01f7e
                                        
                                            GET /upload/vod/2022/09-19/13/5nogltj15jk13495nogltj15jk556371.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 12075
cf-bgj: h2pri
etag: "b96052a5ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:49:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBJGuS6RkH3z6VzYsKZicZkhDdlbJyaIWv4MGW0RYodAaCosmI28S%2FYhoQm2MwVptwCJmm%2F%2B7GrepFdwf64UoNGWNq9yP%2BHzK8EndbaJtUr1kf2s2aiOL5sQtG%2BWoEiJ7aJY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1abd71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12075
Md5:    845e8d9f4d0e001ef339adcc8942ac30
Sha1:   1350ac357f1e5d2ac59866fffef1d492120fcb44
Sha256: e4e39fd0692af31942c0d338ac806fb27bb8d5c48ffe91b60609242012e11292
                                        
                                            GET /upload/vod/2022/09-19/13/hyc0ccqg2ra1349hyc0ccqg2ra566373.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 9052
cf-bgj: h2pri
etag: "1982d5a5ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:49:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tM6OfSAewe3A5ioHQENUTuRxN6iCWwXUelVMHuUoYhQx4Vo6yAOj2EhrXiItVzlQIBLiVylTifblLtHYmYc7NRfgzAUlbwwtAlEvQS6HYOeli%2BQkuHA7iUHLXOVxrsRUcKaE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1abf71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9052
Md5:    8d28b801b047455420d8da4278c6ec3f
Sha1:   10689494d8a185911e4df9f89415cb8453f1b5b0
Sha256: e8df00dd2fdc89e77e6bd5ae85a9ad50cfba12cd2dc00afb23278bf6f8ffc9eb
                                        
                                            GET /upload/vod/2022/09-19/13/n5eljmanjeh1349n5eljmanjeh576375.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 12558
cf-bgj: h2pri
etag: "9dcb5fa6ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:49:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmVJVPehobNHvRDaBJGK6Pe1f6QlrKIFiSudq%2BIUHq%2BGWAa6P83WxzTAFziHPcXQws2syLYfq10OSteX9GUXV8vIR3VKsjLbVlk6tX0niXQw6GA0eN0HOWR%2FzDwttU%2FjISal"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ac071b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12558
Md5:    1bcded1dae6ad011f5b483a888ddaba2
Sha1:   7456655e331aa5e764209589de353aacf7d7d94c
Sha256: 25579918c027968442f88f7a81525f0abeb2796bab3ce300f8a01ebe7886c94e
                                        
                                            GET /upload/vod/2022/09-19/13/vf25tluljss1349vf25tluljss586377.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 6918
cf-bgj: h2pri
etag: "84e8e7a6ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:49:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnhIc3ko7p9%2BZKtWAWRHVWrQGTrUPWv5AVt4h8MfOxVRCVSw%2BKhDhwHEjv4m%2Br167Xx3BDYKQffBddxsiPE96eScp52fu4ItwGpiSKpfyUB%2BWkZm7%2FLv95wpbYlE7AJf%2BU6n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ac371b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6918
Md5:    ab509e65f00ff1e5286f975dc2274343
Sha1:   161d5de27b085959f939a189bebab52bc111a964
Sha256: e0b3018f3ef908c54004827c96856abbde384e084835485a627d9f79215ae0ee
                                        
                                            GET /upload/vod/2022/09-19/13/uj0gtelt4cq1349uj0gtelt4cq596379.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 6892
cf-bgj: h2pri
etag: "75f676a7ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:49:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVyOmaHBQ1bx6gFhaa8%2FExvyc%2FO5Qa1%2F%2F1RV8NFfEjq0pxoak98c%2F2Zgmt%2FNwLI1Y7yfz6wL1qleAaWZ8jzFQZyfRX8Bht0sAPcef3NkHGz3HxVia47XE21AGZwBuVGCdaKn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ac571b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6892
Md5:    dce0b99718f6d9a051adaf3b6eadd30d
Sha1:   76fd78a60ae03044f0459801fae45eb35acb7c90
Sha256: c7035a9d7f55b42da4bc007cbfc17bb05017cfb03783970dccae16cad3e65e3e
                                        
                                            GET /upload/vod/2022/09-19/13/neuuate1ttb1350neuuate1ttb006381.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 11426
cf-bgj: h2pri
etag: "cf931a8ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:50:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9JoElM2Lzyy6CfO2tpbYBVcbPFGdW1jORXj8mdFmhIzwEHt2FdJpovpKgckd1puZrbnOtzkZHq97yFxFewZndM4hDHQ%2BP61r3g55pybfazrq6WD92YJr8nxP5uHL1dAgsz8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ac671b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11426
Md5:    94e81dd6bdd82eb208443f8abf1ea808
Sha1:   53cdbe53b5f11b8c7e8da61bccd4dbed09259869
Sha256: 38b9a8c55182aba99172501ab4808794946b882466ba93eb0b3b8d50a8916d3c
                                        
                                            GET /upload/vod/2020/08-03/18/sbq20lg2c4u1803sbq20lg2c4u08897.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 13750
cf-bgj: h2pri
etag: "39bfd5497d69d61:0"
last-modified: Mon, 03 Aug 2020 10:03:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmy6AMwpa81xDt7dNbXHc1dv%2BQmNgtelrdA1KYBc%2BAY6dw%2FVo3zaH9iuvWln9wsk7KsJttsHcJlDb7qhkrTC5FUB9fU2iO%2FtnC%2ByPgLBFXIyzwaDVCexsA5zK2hx2B%2F7u8T8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ac771b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   13750
Md5:    8216f20a04b2da0723f3454d798f874f
Sha1:   0be001b2b57116f14b13faf34d35315912a51b21
Sha256: 05b28f1cc4a8e56c6531f26f3bdfe3f4be8db21a7ec2e641cd7061af77aa7465
                                        
                                            GET /upload/vod/2020/08-03/18/edbem3i3puu1803edbem3i3puu09903.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 12104
cf-bgj: h2pri
etag: "fa7e564a7d69d61:0"
last-modified: Mon, 03 Aug 2020 10:03:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6519
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj91uVa1Sr2U76wPKnvWAT9juOkfJU2APojdIMJ2MFOpkqe7wzlgxmDULNJBuDh%2BJuoOsPGD%2FIY6tGJf35STCr8wpOBOVI6mXTa%2BLgonKLrGp00aKLhBx7JypyuZXV45WC82"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ac871b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12104
Md5:    5e0882c50bf3fe0a2893424282e980ee
Sha1:   29705ecd86fad228bb01a6e1c81ea1d193e4cac9
Sha256: 11225ecf268fa1658c7a9c8573395ccb57d6fbe47b6684231a147784e5584738
                                        
                                            GET /upload/vod/2020/08-03/18/lkci0awobyp1803lkci0awobyp10911.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 13577
cf-bgj: h2pri
etag: "8751ea4a7d69d61:0"
last-modified: Mon, 03 Aug 2020 10:03:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gph%2BFZmmtXfAAm4izbBTWqZCoD0NaxqcnNu0%2BukThJNsfMBCYUIj4ZWczSNJLTtfb88mZVLU%2Bad8fB4TFmqOXIzgMmDh3G6%2FVj6lA7xqBcpQvi68fDxd4lklBs18%2BmsudIQW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1aca71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   13577
Md5:    ca745b4067136fa8b33cef8cec48531f
Sha1:   3330faf4ed2d515b2774460848b0d0484c9b1335
Sha256: 1ecd8eb0fb05b0d92c7c46484e296e477bc1f6f61ea12e6b33b6b4768b6b8cd7
                                        
                                            GET /upload/vod/2020/08-03/18/fnc3zlzqc1o1801fnc3zlzqc1o45445.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 12996
cf-bgj: h2pri
etag: "6e7374187d69d61:0"
last-modified: Mon, 03 Aug 2020 10:01:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 888
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1RUg%2BuA5kdd%2B550Kwbu9oKu9RFV2b5Lr%2F1aLPFrVgJUBfD7XIWStYb42NS6dVhYr8O8aCKFWhiLhqmOTNq4AtQZRs%2BNC0wxFxyxOIDxjF2TWf9QxRR4GT4aRqRLkI%2Ffi0OE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1acb71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12996
Md5:    e1230d6f314286d095b8054066e6fede
Sha1:   2f87392ee1fddc5041290cd462a933679720c7b6
Sha256: 797d98a44e8e9a0e85f0db714d80bee85f4f612af87911b5a925812c59cd9d7e
                                        
                                            GET /upload/vod/2020/08-03/18/utfmbnndftw1803utfmbnndftw11921.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 5590
cf-bgj: h2pri
etag: "eca9e44b7d69d61:0"
last-modified: Mon, 03 Aug 2020 10:03:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6519
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTl2heU79xBzaae2ralKg%2BY3bSMS2Z7aXijKdcWNQUq96C0oxoWklYvKj9xBuhv13Dkh3CVVrQZ6N%2BiXGscEiaHtCrmUDpmva%2BaIhDyjJRAxsO4T3DuwbLC37tiInXGY3ZGa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1acc71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   5590
Md5:    b30a628ea00da953fb9b4b4f5bcfbf52
Sha1:   b6aa9423f60048e4ef8b1da56c3ce42b73f4176c
Sha256: 1225cc034fb41172c72ffa325eb297c689cc78c4eec2200c8148ae2b9c22967f
                                        
                                            GET /upload/vod/2020/08-03/18/gnbqsfwkz551803gnbqsfwkz5512927.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 9409
cf-bgj: h2pri
etag: "c5425e4c7d69d61:0"
last-modified: Mon, 03 Aug 2020 10:03:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahRasRATkVoYD%2FgEEsDOjeR%2BPdYQQJGqFYA2lO5iLzBMr7%2BexIs8fcEwOM9QoDkpJw9Q0phkV3afnRelUa5CZx0rICYF%2BK%2BpcAMXUKYfb8YYeYRBVUrEvhqcC%2FeEPQuy1PAU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ace71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9409
Md5:    9fd5dd87b864fdedfdfbf119234e33dd
Sha1:   e604ba9b5efe5b64664165dfe25c9acde3eea7ba
Sha256: 97f5ec8596bf6f509cb00d7dffee6614d175c1326bd364e9146fcb86df850691
                                        
                                            GET /upload/vod/2022/09-19/13/rmfxgnnfcnm1346rmfxgnnfcnm196163.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 8034
cf-bgj: h2pri
etag: "cffe5924ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:46:19 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FB9ivhXS6pxbmavUaxH7oehXSq20enhbvLfD534UN7t9DeItO1lF4SV39lIx5n26Kt6OlYIRqHv%2BU%2Fybv2M9muoqhWl1e7O0RWd98w1hvxdYb9YsJEynE18F6%2FgIE9hyMGV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ad071b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8034
Md5:    179e8892caa818b85735bbef7e5247d5
Sha1:   4e9680a5fdf09839052bfe65ec0d18e7e2fdbdef
Sha256: bede11783a133fd0a71cbc408a846d501abc42756c99f7dfb6e57c3ba199d256
                                        
                                            GET /upload/vod/2022/09-19/13/0jv0uc0tcwk13460jv0uc0tcwk206165.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 9540
cf-bgj: h2pri
etag: "9cce924ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:46:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSFLwLFU%2Fa8eAFzN4CXUd0KJWaHGVOnEELb6JtiSQLDhaWRbKrooq1vT5jMB6w2w33128zKbkxWYfRCPO8miWMconSEmAVJQ1%2Bve%2FgsrPH9NHl8QoPHhII2P2eAk%2FW2A8dPl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ad171b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9540
Md5:    854e6206562fd2623fa26951dedd2fd7
Sha1:   b06afa4ed9de652559b584891b050f741e6b66ff
Sha256: 23ff324f6d42e34ed54f827c9f2a20044e25e908054bddcac89ec890e3c63ee1
                                        
                                            GET /upload/vod/2022/09-19/13/taogu0qyhdb1346taogu0qyhdb216167.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 9147
cf-bgj: h2pri
etag: "65b87525ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:46:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtZ7O%2F2JO%2FYVLPG0qvm4pNV8Ppl93BntcqU6%2BBKCP1IKmuRLL9QRFlilDJaLEZjzSEgeWQHgp9sCNq9nf2QaLMkUEciDcRBCgS94OAHRkZ04MjSkssXzuZffMaMNYKr0CBfV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ad271b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9147
Md5:    8400debdddfc5a981fd677d2ebf5f8e1
Sha1:   4211a2792182e2a235e2bf32a820846a7aa07c9c
Sha256: 2e9052fcd96468fa56729bc06392b0f87a125c1e7d4c9038475ed09904f145be
                                        
                                            GET /upload/vod/2022/09-19/13/r2ay2o2vsld1346r2ay2o2vsld226169.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 6637
cf-bgj: h2pri
etag: "a03dfb25ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:46:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YReQXdM2S%2F93gLdBkxq3fZr7clFkfL1dIZPnDGzUuWWEhTwJ90MWcmKO86vKcsYyNP5AueHiAjP9Zt%2BKRJU5ii%2FXaMEzX77uqZ2JFNjEVHwK77G8LXFIg1Sbm2zS5EGDXzD8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ad471b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6637
Md5:    a83e5506cd47750ab9e82c54b8a0e688
Sha1:   4b8c1957a62ba0c8e5b15827ceb7c31865dff9c5
Sha256: 8c9eea017621b3ee2252a9e82defd597a98ea4e71ad1c7741b465a92bb012e13
                                        
                                            GET /upload/vod/2022/09-19/13/tnwio24k2is1346tnwio24k2is236171.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 7668
cf-bgj: h2pri
etag: "b9868526ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:46:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQjFKMBFOD2OM1xqUMEAbOc6PhjUVspZ3v6o4gzw0vnqhTE%2FhEzXPWfv6ijuDji%2B4On6o8o9XHt6yUAlHYm5T7Qb6PO40Bfmua1dR5FBPkiSncg41Mr8koI5a4ooFxgVEk2e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ad671b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7668
Md5:    6b07e986e9df0a3c2abadb833213375f
Sha1:   eb0dcd7d903d0a019344ab3533bfbf0dbb288c61
Sha256: 77373737730c83a7841c04739809625a47c08da7044d979a2af8ef31b762c8df
                                        
                                            GET /upload/vod/2022/09-19/13/wmsdqvtkcj51346wmsdqvtkcj5246173.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 8070
cf-bgj: h2pri
etag: "95981427ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:46:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbMS9hTWNXUQbzZ%2BdUolynboo90mmjZ7VhmNo54bdPLu8rXEut5DDyfKyKwVZj1xi5%2FvBOl8%2BxsFME5Y0U3Ey9QyIzfpKiniycY%2FiHPyLbwEv7VUKtWiglLDKHVlsVpdGnit"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ad771b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8070
Md5:    82934445f99d7fe52a0fc3bd1a78e701
Sha1:   d4027c4fd27ca911d75a888b4e8e1eb271703bf4
Sha256: cc3cb2502459d49c701a62bec5db729a7a608c4b49ca5bddd8146297f4f323f6
                                        
                                            GET /upload/vod/2022/09-19/13/api25dlw5hl1346api25dlw5hl246175.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 1764
cf-bgj: h2pri
etag: "3f1e9a27ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:46:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXdUHoCYyD5rJiEDY47%2BHTVPIxAM%2Fdg53UMbvlA5Yct5e4UuXr4a94qaFtTTwXEpi3c%2BqgSCoDVgcNsZdQJGAyqO%2BxNdycdOSWt2UNHeETfYP0sdOQYQ6RdJOnIzu65oSPtK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ad971b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   1764
Md5:    06fdfdfcbeb380a87a4acd42326496af
Sha1:   21edf59f161dd1f412df9cfb2801496f4ffd38a8
Sha256: eb4a1eeaad5b17899ebc10e136c1998a955bd0952a086b0a535d1e69b484f7cc
                                        
                                            GET /upload/vod/2022/09-19/13/bsgbuspvm0d1346bsgbuspvm0d256177.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 12394
cf-bgj: h2pri
etag: "b4a21f28ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:46:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkomhclqYNNkMExP9vCVUQvdCfdU%2BcfD%2Bee5rCOF1%2BiKGd6RbS3166QBWc4V8BE3J0gy0lwkE%2Bn4RZyjFifW3RE%2BNotQSdYrGW3CNko33qYQZpVBEJwA7a39kEGU3uZgbeeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1ada71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12394
Md5:    d6e7c33a4b9749cf2d34d5fd8a9da1d8
Sha1:   b9288d52987b9ca4ff6cd54d3c69b0ddc25db535
Sha256: 26c6d8be778a1ede056e5bb2acfd46cfc8b87e7f257d4e854e49d067f0315c7c
                                        
                                            GET /upload/vod/2019/11-08/04/dqjsfq532w30429dqjsfq532w30810829.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 7731
cf-bgj: h2pri
etag: "d530a41aa95d51:0"
last-modified: Thu, 07 Nov 2019 20:29:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnk%2Bs%2FSoJAXAYAsSlmuq%2Fl8faWopcKjdEZopTn7p4qigBQeYAmgoFwjaPftOSmGxgDxiO%2BDbUunOI3j0%2F8nVGB3wQJlQrsHp4kqdaen%2Fe45N54dp0IVltZIhJjGB%2BdCnysh1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e1adb71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7731
Md5:    f964dc7a798964eeb7e4527520a4b801
Sha1:   2aee314ddf95a6259fac2fd571694b6c5162cbd4
Sha256: 0cb3fcf71ace2a3867cb99bb1f3e0b8146be99f89af023b2e45b5550a4ea436a
                                        
                                            GET /upload/vod/2022/09-19/13/t1vtgwrpe1r1350t1vtgwrpe1r466411.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 6864
cf-bgj: h2pri
etag: "317e75c3ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:50:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UKdDr5BbnwdfkpTz7qB1BuVMmEqc5aFRATi%2BGLEENmD5jILCj7z0slwSAfmrbusIFvioWTm6lAKnTfsIS%2BOG%2F9DFHjqQdP2UKhZCFzcteKbSyvNJ2G77ReNgVnOoJ1pCgTU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e3af471b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   6864
Md5:    c5e8f38f8a9a0bc631cc12a96269a88a
Sha1:   53bb62ec74b883421d8568d014daabfca345bbf7
Sha256: 3ba9faa314342c8781c672f69b23f601a98c5b6b50b2f66e79a777d78e325ebd
                                        
                                            GET /upload/vod/2019/11-08/04/o4oa5drbzce0429o4oa5drbzce3910873.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 10513
cf-bgj: h2pri
etag: "09ca114aa95d51:0"
last-modified: Thu, 07 Nov 2019 20:29:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6149
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgbPSbfBr3PBWE7Gjn7J1v%2B2Qgeemd1sveRkio1GmyRAnA6aE27%2Bw%2FrXU4L5LF%2F81ocD4nCtO3E7xTCDGKnStLR2CtLyO8jpI6pxISYsYDecau1Rly4GQrHXkobVhaW3Hc4L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e5b1471b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10513
Md5:    ed2df74f9630ab03ce33217b2124badf
Sha1:   32188dbb1683ddb338e3a8114af5da19487246de
Sha256: 6336c74cf00820bb00fa0cd8184d95217309f48a819c9068323add058b4f1645
                                        
                                            GET /upload/vod/2022/09-19/13/ihkjcfydpv51350ihkjcfydpv5476413.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 7351
cf-bgj: h2pri
etag: "57c8ffc3ebcbd81:0"
last-modified: Mon, 19 Sep 2022 05:50:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEJ2biCKesC6IWWXy7s8LGdzzboRCI09Xb4bbw6NmbKtfpxkNOPIHuRHYxmFU8xygfpsAR7xPokWU2S%2BcQrMYb5bjORBk5BUjVu5Q0ssGfye1uTgZTaUIO22KvMNtxUBFkG1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e5b1a71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 104x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Size:   7351
Md5:    d88904bde3f07ae2003b03a3dfc4ec71
Sha1:   08183a267bef188c44320da262149b7a0cb0e997
Sha256: a3360525075aeb6d2f8c28d270d4da3a61946883faeed7e7836034ecd395607b
                                        
                                            GET /upload/vod/2019/11-08/04/aqp4ousl4nh0429aqp4ousl4nh2310851.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 8498
cf-bgj: h2pri
etag: "e19cebaa95d51:0"
last-modified: Thu, 07 Nov 2019 20:29:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0SnsUcBw%2Fv417K20Ax91VEU7q1c0JGUrfLAyoKffk0cjB32NR%2BlkT3kSmVkfXx%2Bu3lCs5lR1VSmbBlVcxnEnfX4T%2FPE%2BxIFhOBKk29MMwKXxENBBayTRD3dqcQNqVkVRDpN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2527e5b1d71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 237x178, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8498
Md5:    ce5bb1a8fb29dd9cfa7b47e5ecf9cbe4
Sha1:   53af7ea7fe5e0989a407e8f930e6ee68fc637eb4
Sha256: 6818536298b0231fa65f3f7b43d8f4d6eddeca50e35925d11e5f43d284cef107
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4864
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:37 GMT
Last-Modified: Mon, 19 Sep 2022 11:07:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 12:28:37 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 23 Sep 2022 11:14:12 GMT
ETag: "ae2a400772de374cab5981943c775c8bc16d266f"
Last-Modified: Mon, 19 Sep 2022 11:14:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1051
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d2527e9f8cb4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    249a5a1fb330e2ec09e99aa5680d2407
Sha1:   ae2a400772de374cab5981943c775c8bc16d266f
Sha256: ed326f38b60b76107267f5e52b1de8d03f7312090aac3070841aa6a1ff54d8e0
                                        
                                            GET /template/m1938pc/html9/advertised/advertised.json?refresh=2022919Mon%20Sep%2019%202022%2012:28:18%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 3218
last-modified: Tue, 30 Aug 2022 09:27:10 GMT
etag: "630dd7ee-c92"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size:   3218
Md5:    82824af6b9b6b5f4af4c324cbaee3af1
Sha1:   6749c6b517225d41ff1d611fce32e157d2829bd3
Sha256: 8861a70718411bed741d32f7e6fcf43eec49f7df095ba2f3bffb77fbb634338b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9665D5FFC9A45CEAB9B9574E02D7722680DFD82E7DC1FC870DA5A26E7B5ECE42"
Last-Modified: Mon, 19 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7883
Expires: Mon, 19 Sep 2022 14:40:00 GMT
Date: Mon, 19 Sep 2022 12:28:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "26F3949E4CEC01F343E0764A9BFA88D03746B96A16FF3C03335176AD491F38AC"
Last-Modified: Mon, 19 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15650
Expires: Mon, 19 Sep 2022 16:49:27 GMT
Date: Mon, 19 Sep 2022 12:28:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B31D875967EB78DD6FCAA01D2FD330C665C4FE611709523AC3E6D7B4634857FB"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15764
Expires: Mon, 19 Sep 2022 16:51:21 GMT
Date: Mon, 19 Sep 2022 12:28:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FEBC758F5B2C91C91CE632F643E885CDCA1B60C29832616498EC6534B5BF670F"
Last-Modified: Sat, 17 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4542
Expires: Mon, 19 Sep 2022 13:44:19 GMT
Date: Mon, 19 Sep 2022 12:28:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "95F1A7756EA6013BF074D60CFC5D5D5A6C735ABD76CE6BBE31D3A5015108DCB5"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7504
Expires: Mon, 19 Sep 2022 14:33:41 GMT
Date: Mon, 19 Sep 2022 12:28:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "95F1A7756EA6013BF074D60CFC5D5D5A6C735ABD76CE6BBE31D3A5015108DCB5"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7504
Expires: Mon, 19 Sep 2022 14:33:41 GMT
Date: Mon, 19 Sep 2022 12:28:37 GMT
Connection: keep-alive

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 12:28:37 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 23 Sep 2022 10:37:00 GMT
ETag: "4467512983b46e8071f4d5eb9fa27d3770410ddf"
Last-Modified: Mon, 19 Sep 2022 10:37:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2439
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d252802978b4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    a7d110baf0433ca5d6e7cd7e8c1a04b4
Sha1:   4467512983b46e8071f4d5eb9fa27d3770410ddf
Sha256: 06ab26cb21205b16295c3067ad43187614a31e508b0187d97cd20b66d59ea180
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 12:28:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 01:06:42 GMT
Expires: Fri, 23 Sep 2022 01:06:41 GMT
Etag: "5c2b7e48584cedd28dbd37152e3189daeca72458"
Cache-Control: max-age=304083,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d2527f8e67b527-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:37 GMT
Ali-Swift-Global-Savetime: 1663590517
Via: cache15.l2de2[48,47,200-0,M], cache15.l2de2[49,0], cache5.se1[70,69,200-0,M], cache5.se1[82,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 19 Sep 2022 12:28:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916635905178674099e

                                        
                                            GET /hm.js?6f39cfb7fb3d2a5a22dc71959e2f8ddf HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Date: Mon, 19 Sep 2022 12:28:37 GMT
Etag: 659009a6f6dc3a19577b03ba0a73f47f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=876D7CE70184CC99; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (626)
Size:   11339
Md5:    4f050b4e3cded329523d652736457f3d
Sha1:   eb6c36cfbefc52689ada79cad5bdf91bdb113dcb
Sha256: 27b496b50a7fb88e1134f911aa0ceb3e710b9265d9ca7dfe9bc9f9625dfce469
                                        
                                            GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Date: Mon, 19 Sep 2022 12:28:37 GMT
Etag: b2f07d89a21be523d389b0ca086d9156
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7C555D5027A1DCCA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (630)
Size:   11343
Md5:    800bda52944feeb422c8b5f94aa6b6ac
Sha1:   c6ce33d17f3cdf5af1c4466d0d2dbc8920d1ba37
Sha256: 3f4dd5a3de14501fc136d7403f9bbf6b029e1df0f61e601857ddd8bca415b7e7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A61D038066A723F4B38BC32A0C24D75F23213DEAD018D44F9F2D5CC638877A83"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16931
Expires: Mon, 19 Sep 2022 17:10:49 GMT
Date: Mon, 19 Sep 2022 12:28:38 GMT
Connection: keep-alive

                                        
                                            GET /image/1-640X200.gif HTTP/1.1 
Host: uu99k.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.145.199
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 117717
last-modified: Wed, 07 Sep 2022 12:58:57 GMT
etag: "63189591-1cbd5"
expires: Sun, 09 Oct 2022 21:42:18 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   117717
Md5:    90a809e02687e4f28872e33f66cd33b1
Sha1:   e878a5b152fd19e45108395805b9f3176b5fbfd1
Sha256: 3439fbaf8a34b02ea3ba9bf59892d702e615318ee526b9252cca882b880ce00a
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 12:28:38 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 09:58:04 GMT
Expires: Mon, 26 Sep 2022 09:58:03 GMT
Etag: "fb16a401e0dac02469414c70bdcb1a0c00725f9a"
Cache-Control: max-age=595164,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d2528299771c06-OSL

                                        
                                            GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11343
Date: Mon, 19 Sep 2022 12:28:37 GMT
Etag: c63b1e2182279e174f4381bb2e18e17e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AD23577EB5242E76; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (630)
Size:   11343
Md5:    196a10d346b831850880cb75cbd576e2
Sha1:   6b32692550d22e3c61118b257a3b47e803da5965
Sha256: 3ec1b763ef5c1b1497f6ad5686f67bf2e433343b9bd743b4b082c53d918e042e
                                        
                                            GET /hg960x60.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 12:30:50 GMT
content-length: 138679
last-modified: Sat, 23 Jul 2022 12:26:47 GMT
etag: "62dbe907-21db7"
expires: Wed, 19 Oct 2022 12:30:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   138679
Md5:    f0f206683c8403cc9c134ed746fa4aa2
Sha1:   6d0059005833ac269f9a33b50a87ed96529d0f71
Sha256: bdac228698ca07ca09d425b490a0bbe754e8f1a7f6da45ab1377c4edf9dcd38f
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=302290007&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=50059&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 19 Sep 2022 12:28:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=55C0B4E883C6A3C0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /128/960X60A.gif HTTP/1.1 
Host: zhibo128x1.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         154.83.25.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: openresty
Date: Mon, 19 Sep 2022 12:28:37 GMT
Content-Length: 538695
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 05:47:13 GMT
ETag: "6316dee1-83847"
Expires: Mon, 17 Oct 2022 09:08:31 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   538695
Md5:    79a6bd621e989d305866cf3da25f3ead
Sha1:   43ff7c41e2e6fd4a9944bb5a6ad62673c1c079ba
Sha256: f0a59f510fc36a5570a8af24e87662bca9e0dd4225f39f72f0d94881505fa4f8
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=391716693&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=50059&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 19 Sep 2022 12:28:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=907696B14D39A01D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /%E7%9A%87%E5%86%A0240x240.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 12:30:50 GMT
content-length: 113483
last-modified: Sun, 24 Jul 2022 09:37:56 GMT
etag: "62dd12f4-1bb4b"
expires: Wed, 19 Oct 2022 12:30:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   113483
Md5:    06e653b16b8380bd8ff599d09204f83b
Sha1:   02c928506c30bda05419ed0220617770c435dc7a
Sha256: afb56e7d5879a7ba5561a8b3d3e7454241e51ed81aab742826b418932720ef89
                                        
                                            GET /3P-240x240.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 12:30:50 GMT
content-length: 322371
last-modified: Sun, 24 Jul 2022 09:37:58 GMT
etag: "62dd12f6-4eb43"
expires: Wed, 19 Oct 2022 12:30:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   322371
Md5:    10b590fb68b248b758ae345f3cc33961
Sha1:   9e13b8044dc3e6bfcf6156977a32403f672b71c3
Sha256: ee081d5613e4bafe5733342028b1518f676b9572319146f2197463836993391e
                                        
                                            GET /3p960x60.gif HTTP/1.1 
Host: 3p8801.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         137.175.35.2
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 12:30:50 GMT
content-length: 310536
last-modified: Sat, 23 Jul 2022 12:26:45 GMT
etag: "62dbe905-4bd08"
expires: Wed, 19 Oct 2022 12:30:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   310536
Md5:    25791847d9df13fa1bcd1c1c232449cd
Sha1:   b9b8702ec91f5d683f5aaa6a72d39cadfea2750a
Sha256: fb565694838c6ec0d6dede124d6b53576ea4c07aaee17cbbd1ea41dc200d62e7
                                        
                                            GET /get-image/0xmAGT9KS9C HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         58.254.180.65
HTTP/2 200 OK
content-type: image/gif
                                        
server: JSP3/2.0.14
date: Mon, 19 Sep 2022 12:28:38 GMT
content-length: 117593
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
etag: "c4caa37b717580e8594587f32ca86470"
age: 275538
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80n4hobs7go5ib5np8lk0gkchq
content-md5: xMqje3F1gOhZRYfzLKhkcA==
timing-allow-origin: *
ohc-cache-hit: gz3un59 [2], jnuncache59 [2], suzix111 [2]
ohc-file-size: 117593
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 200\012- data
Size:   117593
Md5:    c4caa37b717580e8594587f32ca86470
Sha1:   a645ec82581a0b18f67444b62a062059adf78aa6
Sha256: 208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1523
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 12:28:38 GMT
Last-Modified: Mon, 19 Sep 2022 12:03:15 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 727

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3114
Cache-Control: max-age=119894
Date: Mon, 19 Sep 2022 12:28:38 GMT
Etag: "632785a2-2d7"
Expires: Tue, 20 Sep 2022 21:46:52 GMT
Last-Modified: Sun, 18 Sep 2022 20:54:58 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.231
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 454806
date: Sat, 27 Aug 2022 14:42:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 27 Aug 2022 13:26:45 GMT
nw-session-id: 202208272126450102080352140A7068A2j6fpx01dy
nw-session-trace: 2022-08-27T21:26:45.540738746+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 454806
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:26:45 GMT
x-tt-logid: 202208272126450102080352140A7068A2
via: n204-097-238, cache16.l2de2[0,13,206-0,H], cache4.l2de2[14,0], cache4.l2de2[15,0], cache2.se1[0,0,200-0,H], cache8.se1[2,0]
x-request-ip: fdbd:dc01:26:287::163
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 015f385d3fc56128f1a4291cfc24ba5beb6bb050174f8a4bde30a2f8504ba2b81d1af23526cac1a55c0544ba65e9a8f06af049aa6fb10d31566b09af1a690e91ed58ef22652af931b4a5db136e17599b70de2d2d794a56a990b6237e8c4a9c7dfc
x-response-lb: image
ali-swift-global-savetime: 1661611346
age: 1979172
x-cache: HIT TCP_MEM_HIT dirn:3:39098984
x-swift-savetime: Wed, 31 Aug 2022 14:32:57 GMT
x-swift-cachetime: 31190969
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16635905186568768e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 480\012- data
Size:   454806
Md5:    a2adfb182a1e1629ab484d90b72f23c8
Sha1:   0301a7d9e60d54dd13e1cb528a0b22546790c026
Sha256: 7bcc06c7b13d9e1ffbff6e5b627b209b91556b3dcd39c8181f99548f150fc89b
                                        
                                            GET /images/62fbb66bab3ecbe918ac81f1.gif HTTP/1.1 
Host: img.x967.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.228.34
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6bf175bd1d2243bba1a8fc1918ef7fbc
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 640 x 480\012- data
Size:   670683
Md5:    61c09a981829377054623156baf850e6
Sha1:   5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
Sha256: 5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
                                        
                                            GET /tu-pic/240-140.gif HTTP/1.1 
Host: pic.picnewsss.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.139.251
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cache-control: max-age=2592000
date: Sun, 18 Sep 2022 21:21:20 GMT
etag: "1663588934"
expires: Tue, 18 Oct 2022 21:21:20 GMT
last-modified: Mon, 19 Sep 2022 12:02:14 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 149597
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 140\012- data
Size:   149597
Md5:    f2d3e1a6f8899994610ab814f64bf078
Sha1:   9523d6eba5dd1ab466b5b2968d5d6231161e6ae6
Sha256: 06e958cd3720c7f7afb07142bc76c2b531df3aab1a58ef6d5f3a789f3cad0177
                                        
                                            GET /d35467f31a1e415dbf061087c8c283d5.gif HTTP/1.1 
Host: n7181.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.101
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62e67b07-a6dd2"
Date: Thu, 25 Aug 2022 11:56:40 GMT
Server: nginx
Last-Modified: Sun, 31 Jul 2022 12:52:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Length: 683474


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   683474
Md5:    ba813a4b9580b3da278e68a1c3e3a954
Sha1:   6d843c3c02ad3270abd575c460ec26ed615578f4
Sha256: 574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
                                        
                                            GET /img/96060.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 12:26:56 GMT
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Wed, 19 Oct 2022 12:26:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   46855
Md5:    2b9c30b086d03d90a45a9174aef7b408
Sha1:   e87dbe76669e2f402826dd598bb047d793b1e20c
Sha256: f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
                                        
                                            GET /admin/202208/630634f18a75e.jpg HTTP/1.1 
Host: images.xxootv.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.207.13.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:38 GMT
content-length: 25706
last-modified: Wed, 24 Aug 2022 14:25:54 GMT
etag: "630634f2-646a"
expires: Wed, 19 Oct 2022 12:28:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x249, components 3\012- data
Size:   25706
Md5:    003320de6bd2223be46a8d7e078a0a45
Sha1:   fc08ff33a5d7080674882770038a92384a1bc366
Sha256: 7ea0cfacef2fe5c94c4bf16a4b0a79a98009775e0b777adb11bafc1cbfcf2880

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=976708693&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.2.97&lv=1&sn=50059&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mgcqnd.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 19 Sep 2022 12:28:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B13FD28D231F0EE3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /gg/960X60.gif HTTP/1.1 
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.91
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Mon, 19 Sep 2022 12:28:38 GMT
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 632860769DB578363653A647
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   95856
Md5:    57557d6b489d522d480d9b82ce29db65
Sha1:   da2d3b35f0c9534e84e50310aeafe73173037315
Sha256: 4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
                                        
                                            GET /img/200200.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 12:26:56 GMT
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Wed, 19 Oct 2022 12:26:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   75259
Md5:    03c13356e00c2033df2c88cb919251eb
Sha1:   f3a334a0366ddda6a87034f7d6c889c4d159dc8d
Sha256: 0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 12:28:38 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 15:00:17 GMT
Expires: Sun, 25 Sep 2022 15:00:16 GMT
Etag: "abdcda1be4e69ca4bfcc830cb4482b0b88340200"
Cache-Control: max-age=526897,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d252875a41b527-OSL

                                        
                                            GET /img/960160.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 12:26:56 GMT
content-length: 165614
last-modified: Mon, 02 May 2022 05:20:34 GMT
etag: "626f6a22-286ee"
expires: Wed, 19 Oct 2022 12:26:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 160\012- data
Size:   165614
Md5:    499d402cf727956bcdb1a229ff10c05e
Sha1:   95bbdda00299532dab6ca13cec744d21c0f7ae26
Sha256: 20be363fb9c4cc867e6d5467daff447c1e9aa10feabda9fd943672b6672aeff9
                                        
                                            GET /img/600400.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 12:26:56 GMT
content-length: 304522
last-modified: Mon, 02 May 2022 05:20:33 GMT
etag: "626f6a21-4a58a"
expires: Wed, 19 Oct 2022 12:26:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 600 x 400\012- data
Size:   304522
Md5:    e0a34183ace6e0dff373311780daecf4
Sha1:   48e4233e415d464e22ac1ff3d2135d20e4c31eb8
Sha256: eb3c73f48295ec7129fef667fd2734e038849817160510ea8cd01a4481aa0652
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 12:28:39 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 03:55:48 GMT
Expires: Sun, 25 Sep 2022 03:55:47 GMT
Etag: "f15f202dca24527d3476d6a0c9cd5ef5799a3ee1"
Cache-Control: max-age=487027,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d252882b7bb527-OSL

                                        
                                            GET /f6bf20b8c7c04cdf8a46c12e407354c2.gif HTTP/1.1 
Host: u0083.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.205.45.250
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 19 Sep 2022 12:28:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 07 Sep 2022 12:06:34 GMT
ETag: W/"6318894a-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   105623
Md5:    d8672cb6c77971420eaad2e23cb983f9
Sha1:   6879e309a3a4f5aa253be7d548c7ead34ff50a3b
Sha256: 3c1f6314f621b3defac9f81ff04a387b41aa4213357eb15bbc3fe4c29c271c7c
                                        
                                            GET /hy_personal/3e28f14aa05168424fa80afa512d4767c40b66114c992edbcaac2af9d9ba2182/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 12:28:37 GMT
content-length: 121197
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:24:44 GMT
cache-control: max-age=2592000
x-delay: 79 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 121197
chid: 0
fid: 0
x-nws-log-uuid: 5a866246-e991-40d4-ae8f-957261113d78
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   121197
Md5:    c333d9318beb5b59bc7fd1dbe71ed7f3
Sha1:   7f59fbc05d4302bc5768755ed10aa58932bf8c7a
Sha256: 58ae8f93dc8f4805de239cc27796b1a97bd67acd9ef72cd7f0ed73119175d4f5
                                        
                                            GET /hy_personal/3e28f14aa0516842a2a1f3945a2210b49144b40fc03636f83fb6c3af33f4bb83/0.gif HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 12:28:38 GMT
content-length: 177086
vary: Accept,Origin
last-modified: Fri, 13 May 2022 00:56:15 GMT
cache-control: max-age=2592000
x-delay: 29779 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 177086
chid: 0
fid: 0
x-nws-log-uuid: 2bb9358e-90e0-44d4-ac69-00d46a2487a3
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 200\012- data
Size:   177086
Md5:    be83c16833e7818983eb893bfd657c71
Sha1:   0673c1fa8bb28651d23ab90b1f23323ea0bd1a96
Sha256: bd5f35daa2a7ac9430a7d1ab942fd88c2645b9bfaf0bba60f151f2efb9d0837c
                                        
                                            GET /73baa2446a9d453aa94fdaf9e9494fc2.gif HTTP/1.1 
Host: vesdsp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.189.108.93
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "63188936-6cad4"
server: nginx
date: Wed, 07 Sep 2022 13:41:02 GMT
last-modified: Wed, 07 Sep 2022 12:06:14 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-083
content-length: 445140
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   445140
Md5:    8dc9eeb6e2f698ff336e098bf7c002a6
Sha1:   5be86ef65976a88e36ad3f30fe64d700f1883e0d
Sha256: 0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 12:28:38 GMT
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 322 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: 260fce7e-214d-43f4-b030-9a7f90f3cf32
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   688878
Md5:    38adb06da8d7db34d62dfc1760cda2dd
Sha1:   862c5ecedd5add094b8dfb22c3087b09493a312a
Sha256: 89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 12:28:38 GMT
content-length: 456390
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:11:26 GMT
cache-control: max-age=2592000
x-delay: 71106 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 456390
chid: 0
fid: 0
x-nws-log-uuid: e4250bbb-b187-4f67-98d8-d278c7b2da88
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   456390
Md5:    24f8d711ff99c1b9e8eda597e520496d
Sha1:   0349e3b205f0e62dd5aa818e856efe8e7e1fe1d2
Sha256: 9079d8c7d39c6db6ab2e3421748cdfd1a55366b99304d2670fc3cfd48252f363
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b564bf8a82fe24d215c37baf794f0f8b71/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 12:28:38 GMT
content-length: 2668995
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:04:56 GMT
cache-control: max-age=2592000
x-delay: 139109 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 2668995
chid: 0
fid: 0
x-nws-log-uuid: 47267259-2cad-4688-91aa-318af6e3f03e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   2668995
Md5:    2493e04580cf099c7502fc9b84e305f4
Sha1:   f403b238cc760537ffb814e7363dc994d6fe1902
Sha256: 9416e79b58881c94d01a687199d53c1df69efd0069b132448577f4292c113979
                                        
                                            GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 12:28:38 GMT
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 472 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: 7536879a-b77e-4bb5-b236-20e258444e4d
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   988610
Md5:    4145292e4c977dcbc7b371f460e08cf2
Sha1:   c8025e36c672a4240da49f73e80295b42a71b274
Sha256: 3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
                                        
                                            GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Mon, 19 Sep 2022 12:28:38 GMT
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 568 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 65748a67-4b52-4096-84d7-53ee96fa9619
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/62f786e81cd529cdb973c2b0.gif HTTP/1.1 
Host: img.cuphf.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.222.2
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/85753eb21cd54e14aa7843f762cd0d11
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /news/data.php HTTP/1.1 
Host: mang.tiryakioyun.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         20.205.43.35
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Mon, 19 Sep 2022 12:28:35 GMT
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /template/m1938pc/css/zui.css HTTP/1.1 
Host: www.mgcqnd.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgcqnd.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         173.231.17.185
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 19 Sep 2022 12:28:36 GMT
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Tue, 20 Sep 2022 00:28:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---