r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2727
Expires: Tue, 24 Jan 2023 21:48:24 GMT
Date: Tue, 24 Jan 2023 21:02:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2419
Expires: Tue, 24 Jan 2023 21:43:16 GMT
Date: Tue, 24 Jan 2023 21:02:57 GMT
Connection: keep-alive
www.johnomusic.net/freedownload.zip
193.9.34.211200 OK 781 B URL HTTP/1.1 www.johnomusic.net/freedownload.zip
IP 193.9.34.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 7ec38e532f489b33104cd13b05b81106
658e2e0b0ade1b8cfbe0dffe59fa0ee50b83fc8e
0159c3592625ac3bbae3f173ad6ccefe7515b35c3e30de41f725bd35a5854662
GET /freedownload.zip HTTP/1.1
Host: www.johnomusic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:02:55 GMT
Content-Type: text/html
Content-Length: 781
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 20:35:07 GMT
content-type: application/json
age: 1670
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2474
Expires: Tue, 24 Jan 2023 21:44:11 GMT
Date: Tue, 24 Jan 2023 21:02:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DfPWG4oVbt6manOzWc/tBRNOi3trv87uE0ZyjAU3EZJV9jbJksDO3u4ahzcQYHcv6Z1BRaPHc2Q=
x-amz-request-id: 6EBJ03FF7A8ASXQR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 20:48:18 GMT
age: 879
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:02:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.johnomusic.net/common.js
193.9.34.211200 OK 1.1 kB URL HTTP/1.1 www.johnomusic.net/common.js
IP 193.9.34.211:0
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 3b08372f4773c8e7854234aaef938077
b65315c1d4fc673034b770705bf00746f6028d72
da0eb85cdaddf869c83f127036841ec2f4ce694d949092f46afc01e23086bcd5
GET /common.js HTTP/1.1
Host: www.johnomusic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.johnomusic.net/freedownload.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:02:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.johnomusic.net/tj.js
193.9.34.211200 OK 520 B IP 193.9.34.211:0
File type ASCII text, with CRLF line terminators
Hash df3f4c6d5a66fe36aa904d31e5e7e067
5d855e4dee23d8b70b132873a9ca596ae9e7c39a
97cbd1287aac23daa213b6e4b1c0a1bdb83553ebb5b42e49e9d4e2b8902fca62
GET /tj.js HTTP/1.1
Host: www.johnomusic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.johnomusic.net/freedownload.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:02:56 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 20:17:31 GMT
age: 2727
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20406
Expires: Wed, 25 Jan 2023 02:43:04 GMT
Date: Tue, 24 Jan 2023 21:02:58 GMT
Connection: keep-alive
www.johnomusic.net/favicon.ico
193.9.34.211200 OK 1.2 kB URL HTTP/1.1 www.johnomusic.net/favicon.ico
IP 193.9.34.211:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.johnomusic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.johnomusic.net/freedownload.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:02:56 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 29 Jan 2023 21:02:56 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.services.mozilla.com/
35.163.172.149101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.172.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RP8FaGiqZ4jW48VGJtOFLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 42ROBG3LL7wb2QjL+wqgeZvjJP0=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b6d8839d3d2828c5a1001b0c71fa8eeb
aa673bfe4d3e9d6b2b166e9e9fbb3998b539feea
e4b614023143d8f038849e1bd8bfeac9975a03fcc02499e0cfc41d089f7dd6c3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:02:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 28 Jan 2023 17:29:20 GMT
ETag: "aa673bfe4d3e9d6b2b166e9e9fbb3998b539feea"
Last-Modified: Tue, 24 Jan 2023 17:29:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1054
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ebb6937d1db521-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b6d8839d3d2828c5a1001b0c71fa8eeb
aa673bfe4d3e9d6b2b166e9e9fbb3998b539feea
e4b614023143d8f038849e1bd8bfeac9975a03fcc02499e0cfc41d089f7dd6c3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:02:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 28 Jan 2023 17:29:20 GMT
ETag: "aa673bfe4d3e9d6b2b166e9e9fbb3998b539feea"
Last-Modified: Tue, 24 Jan 2023 17:29:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1054
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ebb6937c08b509-OSL
ocsp.buypass.com/
95.101.11.123200 OK 1.7 kB IP 95.101.11.123:0
ASN #20940 Akamai International B.V.
Hash 46ae7201699425a62e9bba7adee3e432
e3091d7c3efdb85cc41904d0f99d14b23b3b04dd
5c95f5b8807bc3f96bf0d10d367ec2933eb803906961441f5bcee1212051cba0
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: a16ff8bc-c875-46a7-af4e-7224cfd21a76
Content-Length: 1701
Date: Tue, 24 Jan 2023 21:02:59 GMT
Connection: keep-alive
api.share.baidu.com/s.gif?l=http://www.johnomusic.net/freedownload.zip
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.johnomusic.net/freedownload.zip
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.johnomusic.net/freedownload.zip HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.johnomusic.net/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 24 Jan 2023 21:02:59 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11965
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:03:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11965
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:03:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11965
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:03:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OsitP8LhrabAIbfq-ZTMmpJfnfvttYGad42iE3obktcRneUqbBHlpw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 03:59:27 GMT
age: 61413
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 462fc1946b8dbae49aa3cf22291fc707
400c6dc7973b36a5d3e43cc3b439da49ab6c76b5
88e13373963e8427baa4cdf19909eb297aafe035ec0376cbed6d4f4fa45dbd32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4381
x-amzn-requestid: 528fddee-8bac-466a-8f82-3d5bffab7ca4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFpFghoAMFSPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-63f97c8409b808910ce8f50a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: USeM1Ot6q0_lK_EdmyYfmyH-Aklt_yek7fg9ayjlDCPS9KobKbHCjA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:59 GMT
age: 83161
etag: "400c6dc7973b36a5d3e43cc3b439da49ab6c76b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee9090f-cd45-474d-b05a-663eab75ddc2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee9090f-cd45-474d-b05a-663eab75ddc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9088e8181cf43fa7e77bd0c169d459e
2a06f6ea31a615ac3a1a33fb2997e8617468e6f0
d09867478b7fe952ad8919728805cdc0918d849827f5e646ad2d824f9a6911e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee9090f-cd45-474d-b05a-663eab75ddc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: 27bce48a-9cab-4546-a713-33a4c42036eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFoEw2IAMF_eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-341ee41e3ac904ee28e70f47;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a75srt98xfgRarLpcIU8ZtCm9VQd66ISnOCvAUYFBItDMatlJDjTKQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:57:46 GMT
etag: "2a06f6ea31a615ac3a1a33fb2997e8617468e6f0"
content-type: image/jpeg
age: 83114
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:59:05 GMT
age: 83035
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb690b8f5503bf4bcf424e58ddb6b8c
eb96120190e3a5c286ac5ec51ee8b163540377fd
c762b17d3e43d773966490d1186ebc352a78d47781c77a4f048e32fee9732b7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: 3f4482cf-98a5-420e-abe7-17fd2d214da0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyxIF3aIAMFWoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6d-0c1838dc7b4ab4650d54ee56;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RI2PzIKXk_H09T20cGoqTCC1WdRp3S5N6TOBX_lIcEk8wYaCIfCPJw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:08:04 GMT
age: 82496
etag: "eb96120190e3a5c286ac5ec51ee8b163540377fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mang.tiryakioyun.com/news/index.php
20.187.123.222200 OK 13 kB URL HTTP/2 mang.tiryakioyun.com/news/index.php
IP 20.187.123.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 5ea49990311175213183369f4aff0919
d08f440317e2ee36e7a2590b0d29f36af36478d4
261545ffa91b47401bcc812c900aae87c390c4cc592bceee190bd2efed6c2b96
GET /news/index.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.johnomusic.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.1
date: Tue, 24 Jan 2023 21:02:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2107c53676d8b23c2b876048405f5d94
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash f22b946c7b9a0e1f91ef0b0f8ecdca43
24c7fe89bb1db3c0f642f3d17e431dac3e2a4805
f21ae9ae1c1c53a92c3a18bb9b6976ad6da1b31a2302cc36faa69ff5520cd5ff
GET /hm.js?2107c53676d8b23c2b876048405f5d94 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.johnomusic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 24 Jan 2023 21:02:59 GMT
Etag: 6fe3691ea632deb07e3c4f8bce8a90b8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=19C765D8854E3B1B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?b90fe3cc4026ada5cfc89c68e161c149
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b90fe3cc4026ada5cfc89c68e161c149
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash b0dc7fe4809f3cf9e69d86efa2a9fe43
845534aeb5970f23fef9b108e3780b2695761dd7
31e61f02eb038299b3fef71fb62f04b1dc7d1c36aa443b057189767273f301be
GET /hm.js?b90fe3cc4026ada5cfc89c68e161c149 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.johnomusic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 24 Jan 2023 21:02:59 GMT
Etag: cf88455c44a19fd08d92c444436bddab
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B88B1AA71C64CC4B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=424287519&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2Fwww.johnomusic.net%2Ffreedownload.zip&tt=%E9%87%91%E5%8D%8E%E5%A4%AF%E4%BA%86%E8%A3%85%E9%A5%B0%E6%9D%90%E6%96%99%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=424287519&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2Fwww.johnomusic.net%2Ffreedownload.zip&tt=%E9%87%91%E5%8D%8E%E5%A4%AF%E4%BA%86%E8%A3%85%E9%A5%B0%E6%9D%90%E6%96%99%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=424287519&si=2107c53676d8b23c2b876048405f5d94&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2Fwww.johnomusic.net%2Ffreedownload.zip&tt=%E9%87%91%E5%8D%8E%E5%A4%AF%E4%BA%86%E8%A3%85%E9%A5%B0%E6%9D%90%E6%96%99%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.johnomusic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 24 Jan 2023 21:03:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B854C3290C2914D1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1512955240&si=b90fe3cc4026ada5cfc89c68e161c149&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2Fwww.johnomusic.net%2Ffreedownload.zip&tt=%E9%87%91%E5%8D%8E%E5%A4%AF%E4%BA%86%E8%A3%85%E9%A5%B0%E6%9D%90%E6%96%99%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1512955240&si=b90fe3cc4026ada5cfc89c68e161c149&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2Fwww.johnomusic.net%2Ffreedownload.zip&tt=%E9%87%91%E5%8D%8E%E5%A4%AF%E4%BA%86%E8%A3%85%E9%A5%B0%E6%9D%90%E6%96%99%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1512955240&si=b90fe3cc4026ada5cfc89c68e161c149&v=1.3.0&lv=1&sn=43859&r=0&ww=1280&u=http%3A%2F%2Fwww.johnomusic.net%2Ffreedownload.zip&tt=%E9%87%91%E5%8D%8E%E5%A4%AF%E4%BA%86%E8%A3%85%E9%A5%B0%E6%9D%90%E6%96%99%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.johnomusic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 24 Jan 2023 21:03:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9BDFE5CB98C37D20; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.johnomusic.net/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 24 Jan 2023 21:03:00 GMT
Etag: "4078521116"
Expires: Wed, 24 Jan 2024 21:03:00 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=53FDAA24311F50F959DF60973248A4B0:FG=1; max-age=31536000; expires=Wed, 24-Jan-24 21:03:00 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6fd5624cb1b1e981f1a8a543a4c01a94
b6997b8ec8ecad3cc3134fa7f176a8a2f8b5c567
826ba75985560264320f0bbcce61ddc9eacab233fc9c23f37e8e82bfcf735ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "826BA75985560264320F0BBCCE61DDC9EACAB233FC9C23F37E8E82BFCF735BA0"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=746
Expires: Tue, 24 Jan 2023 21:15:27 GMT
Date: Tue, 24 Jan 2023 21:03:01 GMT
Connection: keep-alive
api.share.baidu.com/s.gif?l=http://www.johnomusic.net/freedownload.zip
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.johnomusic.net/freedownload.zip
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.johnomusic.net/freedownload.zip HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.johnomusic.net/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 24 Jan 2023 21:03:01 GMT
www.mgbqdt.xyz/template/m1938pc/images/1.gif
173.231.17.185200 OK 254 B URL HTTP/2 www.mgbqdt.xyz/template/m1938pc/images/1.gif
IP 173.231.17.185:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.mgbqdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:01 GMT
content-type: image/gif
content-length: 254
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-fe"
expires: Thu, 23 Feb 2023 21:03:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
z4a.net/images/2022/10/17/960-60-0.gif
104.21.234.235200 OK 198 kB URL HTTP/2 z4a.net/images/2022/10/17/960-60-0.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 198 kB (198523 bytes)
Hash 785b488cd18db17252bbc6e2e90d15fb
733a0183c583aaac34ffd5b1019d4a6ca25434c6
01982c41cd3165a9490c613aee197531461568a26d6691509076dfcb7c5438a4
GET /images/2022/10/17/960-60-0.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:02 GMT
content-type: image/gif
content-length: 198523
expires: Tue, 17 Oct 2023 07:38:44 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 8601858
last-modified: Mon, 17 Oct 2022 07:38:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpQWn2P7t5T%2Fk5NVmMXo2atNjuQsuXFYzHPb%2BGc7mbGQVWAoVo9XNd5zOQTZO5W1Bx8I6Xy3KSzT%2B1AKooz6bxWp6GDM%2BR21Stcqdxsw74nN83%2FmH65Q3Y3Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ebb6a938f975c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2023/01/11/YL960x60.gif
104.21.234.235200 OK 154 kB URL HTTP/2 z4a.net/images/2023/01/11/YL960x60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 154 kB (153648 bytes)
Hash 9dba57370346d55925673f34e7b0f3bd
748523fa5829dd2d77a14fedc720fe784c9a5603
59d9f14d0e0b4d6083f3c7b7959fd39bd6d7279892e5d9969c8ae06eae7821d7
GET /images/2023/01/11/YL960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:02 GMT
content-type: image/gif
content-length: 153648
expires: Thu, 11 Jan 2024 09:58:33 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1163069
last-modified: Wed, 11 Jan 2023 09:58:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPd7T67YA39sNl1RKBT%2F6I3TnrxhW7ZNQzgVu%2BiHseX7pNWsC5zMwnisOCmSgXYBlErvEz%2F7vcYafmpGvUaK4hQCIUT8JxY0BMVIn2H46QtQ0JzMaunGsIA1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ebb6a948fc75c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/25/960x60.gif
104.21.234.235200 OK 169 kB URL HTTP/2 z4a.net/images/2022/12/25/960x60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 169 kB (168777 bytes)
Hash 729a348b918f6435c5a38c8938a81587
f82b088813167cd5396bf74feedb4d8e35612dcf
cd580979947876de1d553e460e57bd4d7b432c682097f67c6249b667eb3c6726
GET /images/2022/12/25/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:02 GMT
content-type: image/gif
content-length: 168777
expires: Mon, 25 Dec 2023 13:26:08 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2619414
last-modified: Sun, 25 Dec 2022 13:26:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FUq8iWEmW8522IEiwlAWW8P5PhPjwZyWwy6cehAfuaLXxfIHQLKfzi84wKoMKcBLsPNmUUGWUCIY3F%2BtxIUq6r3rxQ1RCB1mx2iNK8GMy8ViiNqME8uk6p8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ebb6a938fb75c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/10/17/960-60.gif
104.21.234.235200 OK 227 kB URL HTTP/2 z4a.net/images/2022/10/17/960-60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 227 kB (226581 bytes)
Hash 68199d1d30e08ef7fba5ecc5af4d9548
3978b7653bca5c630c7b8d7aa06366d56eeaa7a1
7bbd0bd6239be8c6c5762c11822e2d4ca30cbabaae992af2e94cad2338c7de65
GET /images/2022/10/17/960-60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:02 GMT
content-type: image/gif
content-length: 226581
expires: Tue, 17 Oct 2023 07:38:44 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 8601858
last-modified: Mon, 17 Oct 2022 07:38:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U83OlkWBpjSpU0N7BfjTQLOyoaUf5nWxGEkSlNqQJoqmhaIIoal%2BEUZpr1h8Tu0yWBi3svzXyLuL65wNLJCoNJESojFGA7RA05H2yJHdVgjHzf6iulZK%2FEpR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ebb6a938f675c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/10/16/960x60.gif
104.21.234.235200 OK 451 kB URL HTTP/2 z4a.net/images/2022/10/16/960x60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 451 kB (451409 bytes)
Hash 0b79d0bdb91d08fe6e58da26af40a3d2
75f37e1aa43e309adbf1e6050c994e6216be694e
6acbe8704cafa212528bf8299e534e5b4906be6653ae25627bb8cd7ad356b9ae
GET /images/2022/10/16/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:02 GMT
content-type: image/gif
content-length: 451409
expires: Tue, 17 Oct 2023 08:06:55 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 8600167
last-modified: Mon, 17 Oct 2022 08:06:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6Ue3b8Y8Is3Y2Cl%2FIRHUEerNYllA%2B1%2BkN%2F6YkCDHVRylKvbFSoJfeIBSQAJPJ3pUoqYKKLEf5NanRHK8FYLHpOojoH51rczqiM%2BsFPeGwZ9kuaA9S4DwjFi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ebb6a938f475c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mgbqdt.xyz/
173.231.17.185200 OK 89 kB IP 173.231.17.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (319), with CRLF, LF line terminators
Hash 3e4739c90f52d24d93c3e2c0464f0a63
90570d93e1bd7ea7a3ae3fe771ddcddfda8511fa
9239b1cd85d244bb52a0e9cd08730eb406800c7a625f3ccd8f11113d2de81f94
GET / HTTP/1.1
Host: www.mgbqdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.mgbqdt.xyz/template/m1938pc/css/zui.css
173.231.17.185200 OK 20 kB URL HTTP/2 www.mgbqdt.xyz/template/m1938pc/css/zui.css
IP 173.231.17.185:0
Hash 2fe06dec0430592deac1b8f05c826061
be117a096feda4c319d7cb5724aaa4c0c114d460
82e55205144a1e2be7939423b02d6f3e07044402316ea26f1821ba0119cab443
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.mgbqdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:01 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 06:25:58 GMT
vary: Accept-Encoding
etag: W/"626a3376-164b5"
expires: Wed, 25 Jan 2023 09:03:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.mgbqdt.xyz/template/m1938pc/images/video-play.png
173.231.17.185200 OK 1.6 kB URL HTTP/2 www.mgbqdt.xyz/template/m1938pc/images/video-play.png
IP 173.231.17.185:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.mgbqdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:03 GMT
content-type: image/png
content-length: 1567
last-modified: Fri, 07 May 2021 10:47:38 GMT
etag: "60951aca-61f"
expires: Thu, 23 Feb 2023 21:03:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mgbqdt.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=2023124Tue%20Jan%2024%202023%2021:03:01%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.17.185200 OK 3.1 kB URL HTTP/2 www.mgbqdt.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=2023124Tue%20Jan%2024%202023%2021:03:01%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.17.185:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash dff12b63142990d7820065fc6fbcd3bd
197ebf1c2bdf42072ffa82eb6e8b6e09823b1b83
4f8ae3b1d5e49a41facbd9cce9229d4bb73d9c789ff5eab1649a376ecc8f1d0c
GET /template/m1938pc/html9/advertised/advertised.json?refresh=2023124Tue%20Jan%2024%202023%2021:03:01%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.mgbqdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:03 GMT
content-type: application/json
content-length: 3106
last-modified: Fri, 20 Jan 2023 16:15:46 GMT
etag: "63cabe32-c22"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0007dc8886bfe1427d75210ffc06c3fe
323e13c2e07eb014979081d7bc8cab1224a12240
dec26fce84dd89da71dc2a2fe2da5015d8ab24f1e04424d168dfdfd200fb6018
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3547
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:03:04 GMT
Etag: "63cf4883-117"
Last-Modified: Tue, 24 Jan 2023 20:03:58 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0007dc8886bfe1427d75210ffc06c3fe
323e13c2e07eb014979081d7bc8cab1224a12240
dec26fce84dd89da71dc2a2fe2da5015d8ab24f1e04424d168dfdfd200fb6018
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5651
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:03:04 GMT
Etag: "63cf4883-117"
Last-Modified: Tue, 24 Jan 2023 19:28:54 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0007dc8886bfe1427d75210ffc06c3fe
323e13c2e07eb014979081d7bc8cab1224a12240
dec26fce84dd89da71dc2a2fe2da5015d8ab24f1e04424d168dfdfd200fb6018
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:03:04 GMT
Etag: "63cf4883-117"
Server: ECS (amb/6B8D)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0007dc8886bfe1427d75210ffc06c3fe
323e13c2e07eb014979081d7bc8cab1224a12240
dec26fce84dd89da71dc2a2fe2da5015d8ab24f1e04424d168dfdfd200fb6018
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:03:04 GMT
Etag: "63cf4883-117"
Server: ECS (amb/6B94)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0007dc8886bfe1427d75210ffc06c3fe
323e13c2e07eb014979081d7bc8cab1224a12240
dec26fce84dd89da71dc2a2fe2da5015d8ab24f1e04424d168dfdfd200fb6018
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:03:04 GMT
Etag: "63cf4883-117"
Server: ECS (amb/6B99)
Content-Length: 279
hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 6a5fc9aa37ceb262974b17308ca1e92b
38d368415bf10070db01e7e357bbb8fc5d658d32
9cd748f74e9a0a0dc266953cac3c6df9b472ac1e353a632890722c13f4e56856
GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 24 Jan 2023 21:03:03 GMT
Etag: 5162fdc7fc813db1de3ad49b3b436116
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=39E66F8E85E2460A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.mgbqdt.xyz/template/m1938pc/js/jquery.config.js
173.231.17.185200 OK 13 kB URL HTTP/2 www.mgbqdt.xyz/template/m1938pc/js/jquery.config.js
IP 173.231.17.185:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (621), with CRLF, LF line terminators
Hash 7ba391f3cb77187177d09fdd893174c1
4fa73ecca466c0269cfa77d599893a0df28e6c64
a6c9947c04e4472e1a595a773372f089e0d35f6f5281ccb97f44ffee47ba499f
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: www.mgbqdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:01 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 04:27:08 GMT
vary: Accept-Encoding
etag: W/"622acf9c-1469"
expires: Wed, 25 Jan 2023 09:03:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash e0aa2aef95f7d88f9ceef94dd5589e12
cd0e3cbe99e00b66479f76f89e2df305be501a82
29e6dcc466f0223082c34293cd6f786958c8f4cd3029848adbef18865d74b1e8
GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 24 Jan 2023 21:03:03 GMT
Etag: a69693faa6d15f4e0090c5f212840b77
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3F7E0C95A5A30EA9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 580a32068bc8d2c4bff8a3761ba0cdfe
1474eb4578f076289eb860d5c9b4486cdff03ea4
93a2dad6e9e35de6d34337f3a1b95abb6a76f13b14dee61e3587388be930c8d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "93A2DAD6E9E35DE6D34337F3A1B95ABB6A76F13B14DEE61E3587388BE930C8D1"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10769
Expires: Wed, 25 Jan 2023 00:02:33 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 580a32068bc8d2c4bff8a3761ba0cdfe
1474eb4578f076289eb860d5c9b4486cdff03ea4
93a2dad6e9e35de6d34337f3a1b95abb6a76f13b14dee61e3587388be930c8d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "93A2DAD6E9E35DE6D34337F3A1B95ABB6A76F13B14DEE61E3587388BE930C8D1"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10769
Expires: Wed, 25 Jan 2023 00:02:33 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 580a32068bc8d2c4bff8a3761ba0cdfe
1474eb4578f076289eb860d5c9b4486cdff03ea4
93a2dad6e9e35de6d34337f3a1b95abb6a76f13b14dee61e3587388be930c8d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "93A2DAD6E9E35DE6D34337F3A1B95ABB6A76F13B14DEE61E3587388BE930C8D1"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10769
Expires: Wed, 25 Jan 2023 00:02:33 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 580a32068bc8d2c4bff8a3761ba0cdfe
1474eb4578f076289eb860d5c9b4486cdff03ea4
93a2dad6e9e35de6d34337f3a1b95abb6a76f13b14dee61e3587388be930c8d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "93A2DAD6E9E35DE6D34337F3A1B95ABB6A76F13B14DEE61E3587388BE930C8D1"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10769
Expires: Wed, 25 Jan 2023 00:02:33 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 580a32068bc8d2c4bff8a3761ba0cdfe
1474eb4578f076289eb860d5c9b4486cdff03ea4
93a2dad6e9e35de6d34337f3a1b95abb6a76f13b14dee61e3587388be930c8d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "93A2DAD6E9E35DE6D34337F3A1B95ABB6A76F13B14DEE61E3587388BE930C8D1"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10769
Expires: Wed, 25 Jan 2023 00:02:33 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/01/iitadlom2gs.jpg
172.67.28.138200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/iitadlom2gs.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b1b0115af17224e60a7c21f45963a2a3
ee2e395e65145c545579f621d7fe2af0434af5a8
e2e248c31704f0bc7713dd962ce21b565fc079c1f784f4bdf6b0baf6a8c34c52
GET /upload/vod/2023/01/iitadlom2gs.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 5808
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7125
content-disposition: inline; filename="iitadlom2gs.webp"
etag: "63cf3062-1bd5"
last-modified: Tue, 24 Jan 2023 01:12:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31826b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/y3thzdzgpjc.jpg
172.67.28.138200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/y3thzdzgpjc.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8bc3f0c61bbdb15598aa5eb0a4fba7b3
562f261e9c126bf57c51224c5218aa253790273b
30a3bef67e54b254c4f1702a67e111b8ee334e3dfb179fd9b7871f997e284ceb
GET /upload/vod/2023/01/y3thzdzgpjc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7158
content-disposition: inline; filename="y3thzdzgpjc.webp"
etag: "63cf3067-1bf6"
last-modified: Tue, 24 Jan 2023 01:12:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31827b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/gwmbm0b3pnq.jpg
172.67.28.138200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/gwmbm0b3pnq.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7c45aaea0f739d3a763db10058875014
abf63197fcddf44bafdc137821d997e4165b0dbf
0a7af11abbcbbe347ce162ad073e985a054df01f7578cb848138dda4ee35abbb
GET /upload/vod/2023/01/gwmbm0b3pnq.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 5736
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7004
content-disposition: inline; filename="gwmbm0b3pnq.webp"
etag: "63cf306f-1b5c"
last-modified: Tue, 24 Jan 2023 01:12:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b3182eb4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/khjxzlzloyi.jpg
172.67.28.138200 OK 4.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/khjxzlzloyi.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e3350b90cc7e5ce00f36394a18ef041
188e85802b80b172d6afbe38096d42b4210d9fdf
d3b93c8e6edcbaa243447093069c1fe70b8f6655729f8f998f7e2b105acbb96c
GET /upload/vod/2023/01/khjxzlzloyi.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 4364
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6122
content-disposition: inline; filename="khjxzlzloyi.webp"
etag: "63cf2ff6-17ea"
last-modified: Tue, 24 Jan 2023 01:10:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b32832b4f7-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5ec287fca451ad71c373578c793ad04
fc20c42d806c8d66dbe041fe73c304fff6290771
8a23aaa2cc1df0d0d4ee94ffee60410beb41873c93c34b46e9e76d38caaef572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8A23AAA2CC1DF0D0D4EE94FFEE60410BEB41873C93C34B46E9E76D38CAAEF572"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14495
Expires: Wed, 25 Jan 2023 01:04:39 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/01/snezji2mhkq.jpg
172.67.28.138200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/snezji2mhkq.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c2473e02602537751e2626840bf641f
62395182f5c2e9795d8be2f3205cbe134d5b04d6
2f67e03de78848e055fb758f887b0c1f3b6cdc3f4f0263609fd03481f2d584f1
GET /upload/vod/2023/01/snezji2mhkq.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6186
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7842
content-disposition: inline; filename="snezji2mhkq.webp"
etag: "63cf2ffb-1ea2"
last-modified: Tue, 24 Jan 2023 01:10:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b32834b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/lokc22lu2jz.jpg
172.67.28.138200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/lokc22lu2jz.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a3a4e3de8ac51316d189f2cc488a1341
4b50d3744b69573d54ce825e3b1d1079bf5f0574
689ae55fd6c02c111bc8958d8a2999194ad917ef402dcb63bcd58f31d87f1de1
GET /upload/vod/2023/01/lokc22lu2jz.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6024
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8040
content-disposition: inline; filename="lokc22lu2jz.webp"
etag: "63cf2ff2-1f68"
last-modified: Tue, 24 Jan 2023 01:10:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b32831b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/wagbdfc2ttl.jpg
172.67.28.138200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/wagbdfc2ttl.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash aa8e6e7d013ad64209c50a31f768c029
954f958ed7843e8c07ddd6e9a0eeb92632413b1b
200d26a469e205dbef3b679440e0d142cecbd39ebd846f78051b85165905188c
GET /upload/vod/2023/01/wagbdfc2ttl.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/jpeg
content-length: 7748
cf-bgj: imgq:85,h2pri
cf-polished: origSize=8265, status=webp_bigger
etag: "63cf306b-2049"
last-modified: Tue, 24 Jan 2023 01:12:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ebb6b31829b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/wxvbfpymqpy.jpg
172.67.28.138200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/wxvbfpymqpy.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 27fb9c8e8182651475b58eb1b42f2809
9e5adce878886387c0f93d5523ee1aff7bda031e
1e7fe7875aa96855443072950e37cd9384566caec4a133c553b387b3ef548ee4
GET /upload/vod/2023/01/wxvbfpymqpy.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 8496
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9163
content-disposition: inline; filename="wxvbfpymqpy.webp"
etag: "63cf2fed-23cb"
last-modified: Tue, 24 Jan 2023 01:10:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31830b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/lmuluchhpt5.jpg
172.67.28.138200 OK 3.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/lmuluchhpt5.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2bc26c6ed63a96509126c1340a1e7ef
833fcbefc2c9e8162bf8a1e3e24eb7dfeef4fb98
60bee36fb8c6847576e87a7952f70ddc3e27fd8144f37808e04ad4478283a088
GET /upload/vod/2023/01/lmuluchhpt5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 3416
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5606
content-disposition: inline; filename="lmuluchhpt5.webp"
etag: "63cf3074-15e6"
last-modified: Tue, 24 Jan 2023 01:12:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b33870b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/thy41hwmanf.jpg
172.67.28.138200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/thy41hwmanf.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 511cb926a822c9764560761e91911187
9f5fa20fe5694551d2ac6aae18e1f589d66e563e
832ddcd72e27f9b7ac9557ba6dc9fe7baea18a63c9cd01ee99a625c7a036e9f3
GET /upload/vod/2023/01/thy41hwmanf.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 8678
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9620
content-disposition: inline; filename="thy41hwmanf.webp"
etag: "63cf2fe9-2594"
last-modified: Tue, 24 Jan 2023 01:10:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b33874b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/hpy34xkxy33.jpg
172.67.28.138200 OK 9.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/hpy34xkxy33.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c3284e8fc3b087ff1ba82ae994ad998
02031ba509ae2523a47489e01661558ed0e41ae9
20753d66c285a2728c1a6eff240bd045b59ad0950693481788508f94ff6a5b81
GET /upload/vod/2023/01/hpy34xkxy33.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 9530
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10331
content-disposition: inline; filename="hpy34xkxy33.webp"
etag: "63cf2fe5-285b"
last-modified: Tue, 24 Jan 2023 01:09:57 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b33879b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/4njbqp4ttqp.jpg
172.67.28.138200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/4njbqp4ttqp.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a74d1d17cd0cd0b1273b483f1261e374
17f3df02d38477d19d6d3008ff92707da8b48cab
1834d1c9ff7933c684f96e10095d3cadbe175f4466b718e05604d374ef82149d
GET /upload/vod/2023/01/4njbqp4ttqp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 5718
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8382
content-disposition: inline; filename="4njbqp4ttqp.webp"
etag: "63cf305e-20be"
last-modified: Tue, 24 Jan 2023 01:11:58 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3641
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b33877b4f7-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3f0eea822ba3fce93bb2665235347c44
fd51c7ae3ddb1feca10d020cc6bf595e29979234
cedd44b9aa9f37afda62034e763af9ff34c8e1f8d4e51f99d70f9d7a088cbb79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEDD44B9AA9F37AFDA62034E763AF9FF34C8E1F8D4E51F99D70F9D7A088CBB79"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16727
Expires: Wed, 25 Jan 2023 01:41:51 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3f0eea822ba3fce93bb2665235347c44
fd51c7ae3ddb1feca10d020cc6bf595e29979234
cedd44b9aa9f37afda62034e763af9ff34c8e1f8d4e51f99d70f9d7a088cbb79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEDD44B9AA9F37AFDA62034E763AF9FF34C8E1F8D4E51F99D70F9D7A088CBB79"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16727
Expires: Wed, 25 Jan 2023 01:41:51 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff05d76e7c8fd2a44d5a1efb97802e44
2b3fd4ddf29b2211bac5aa921cd0fd3a67c88dcb
5243cf96a2c2c4e7e04e38d0057702174b2206de17a5ef9a3eca7d239b24336b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5243CF96A2C2C4E7E04E38D0057702174B2206DE17A5EF9A3ECA7D239B24336B"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 25 Jan 2023 03:03:04 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 28d0b8ee05b89eb4ea2434efdc4af3a6
d8ae8585e3b0bf98f15c987801d1b47bacd2e864
0ffd602d1b775a7b093c09413ed21a2936e1b2febf13887547c7ddb99a346e61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FFD602D1B775A7B093C09413ED21A2936E1B2FEBF13887547C7DDB99A346E61"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1687
Expires: Tue, 24 Jan 2023 21:31:11 GMT
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=796327653&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=796327653&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=796327653&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 24 Jan 2023 21:03:04 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=45BB18201409303F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1916788827&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1916788827&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1916788827&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 24 Jan 2023 21:03:04 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0BB014272D3CABCB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108182799&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108182799&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2108182799&si=6f39cfb7fb3d2a5a22dc71959e2f8ddf&su=https%3A%2F%2Fmang.tiryakioyun.com%2F&v=1.3.0&lv=1&sn=43862&r=0&ww=1280&u=https%3A%2F%2Fwww.mgbqdt.xyz%2F&tt=%E8%8A%92%E6%9E%9CAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 24 Jan 2023 21:03:04 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=056CC3D3D83DB888; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a977944ec9186f70323529c47b7a685f
f81c4a5a128ef9ab546457019d642f8b2e4ad73e
690c596809e76c60ed3ef6e56af5fac56fc6676ae2a78d100bc0ee337bde96e4
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 24 Jan 2023 21:03:04 GMT
Last-Modified: Tue, 24 Jan 2023 12:37:03 GMT
ETag: "63cfd0ef-1d7"
Expires: Thu, 26 Jan 2023 12:37:03 GMT
Cache-Control: max-age=142439
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674594184
Via: cache3.l2de2[3,2,200-0,M], cache3.l2de2[4,0], cache1.se1[25,24,200-0,M], cache1.se1[26,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 24 Jan 2023 21:03:04 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516745941844702648e
lbfm.lbpictupian.com/upload/vod/2023/01/lxrjbalixmm.jpg
172.67.28.138200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/lxrjbalixmm.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f01c6481645f96e4df2d4e9237acae3
c89e00d52b601d9db2971997378e2e60e70e592e
c5a0f2367950169aef1ae6dc3b7ac508575ffc8e384d4cfcba45e479a73420c4
GET /upload/vod/2023/01/lxrjbalixmm.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6556
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8848
content-disposition: inline; filename="lxrjbalixmm.webp"
etag: "63cf30ca-2290"
last-modified: Tue, 24 Jan 2023 01:13:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31824b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-24/00/2ghhexjv5wd00012ghhexjv5wd5411805.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-24/00/2ghhexjv5wd00012ghhexjv5wd5411805.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 19f9889dabfd545667bd5271c01567cd
1244e89dc6b2abe1900c25dc381fef8cdea68c15
476e0856683bc022acec0d7ce92f6da09bd98ff17ed84b0a5bedd4d0050a900d
GET /upload/vod/2020/04-24/00/2ghhexjv5wd00012ghhexjv5wd5411805.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/jpeg
content-length: 12929
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13607, status=webp_bigger
etag: "5ea1bbf2-3527"
last-modified: Thu, 23 Apr 2020 16:01:54 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ebb6b3283db4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/c0ejwhnvejl0954c0ejwhnvejl272931.jpg
172.67.28.138200 OK 4.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/c0ejwhnvejl0954c0ejwhnvejl272931.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ace4447bb81b5166ac2a18590f7e3cc0
e170703450431d6ceb37886c34042b043fc879b2
56290c5e7bd3025ed0e2692abe16a8be780fe33c4dc87b0281d73765fb36376b
GET /upload/vod/2022/09-10/09/c0ejwhnvejl0954c0ejwhnvejl272931.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 4600
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5937
content-disposition: inline; filename="c0ejwhnvejl0954c0ejwhnvejl272931.webp"
etag: "631bee53-1731"
last-modified: Sat, 10 Sep 2022 01:54:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b3181bb4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/bgrh3id0f13.jpg
172.67.28.138200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/bgrh3id0f13.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b8ae5f68f97f7037e33cf47549ef5bac
25a8fd7b128fb056b845c8846aefb5654b87c55b
10bd8eb6acbf09ddb0c3a37e74e5c74b4f7c99f9a246fcd7c5654762480ad5bb
GET /upload/vod/2023/01/bgrh3id0f13.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6662
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8919
content-disposition: inline; filename="bgrh3id0f13.webp"
etag: "63cf30be-22d7"
last-modified: Tue, 24 Jan 2023 01:13:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31821b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/jp2ucrhergv.jpg
172.67.28.138200 OK 4.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/jp2ucrhergv.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9053500c486f90f94d263bb48cce746a
26b819e729af7a2241692fdc0fdf6a097bbc9e5e
0307d2919955c4da4e460101383df0292d843dd32d7b45b991d76f5fdab1a99c
GET /upload/vod/2023/01/jp2ucrhergv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 4620
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7054
content-disposition: inline; filename="jp2ucrhergv.webp"
etag: "63cf30d8-1b8e"
last-modified: Tue, 24 Jan 2023 01:14:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31804b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/acqhcdowcjf0954acqhcdowcjf292935.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/acqhcdowcjf0954acqhcdowcjf292935.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash a90dd9b32e9792d5ad1159f2e563660a
33e9b012346ed786bd14b35fab226de689be37ce
d77c1a2be07e7620cb77dfb2dce064e9fdf9ee138a99883b8f38e35236b6a54b
GET /upload/vod/2022/09-10/09/acqhcdowcjf0954acqhcdowcjf292935.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/jpeg
content-length: 11114
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11612, status=webp_bigger
etag: "631bee55-2d5c"
last-modified: Sat, 10 Sep 2022 01:54:29 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ebb6b3181fb4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/ezinv15wmfk0954ezinv15wmfk262929.jpg
172.67.28.138200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/ezinv15wmfk0954ezinv15wmfk262929.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47c445a087d9fd79130932d44c69a7d7
94371e414cb8cf753d28d1757e5d288cf6e7234e
28df3f19d8db573d7cffdf8f942d2050452da77ad9fdb1fb79c1ee14d6486a4c
GET /upload/vod/2022/09-10/09/ezinv15wmfk0954ezinv15wmfk262929.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 7402
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8323
content-disposition: inline; filename="ezinv15wmfk0954ezinv15wmfk262929.webp"
etag: "631bee52-2083"
last-modified: Sat, 10 Sep 2022 01:54:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31817b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-24/00/errrcc1xzs00001errrcc1xzs05211801.jpg
172.67.28.138200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-24/00/errrcc1xzs00001errrcc1xzs05211801.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5995ca8c7135c8cdd6f91ddaebd83e4f
1f58569472d6a9d270e4855b2f9f2263040c751a
02136845720faaf204539acb788ee95cf4810291cd2face5b4883d439f8d96fa
GET /upload/vod/2020/04-24/00/errrcc1xzs00001errrcc1xzs05211801.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 9558
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12491
content-disposition: inline; filename="errrcc1xzs00001errrcc1xzs05211801.webp"
etag: "5ea1bbf0-30cb"
last-modified: Thu, 23 Apr 2020 16:01:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b32839b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-24/00/ozvfexqwmrj0001ozvfexqwmrj5311803.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-24/00/ozvfexqwmrj0001ozvfexqwmrj5311803.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 26117306d30629ff6d0b488106fee5f1
944444c8c8f77c9164f5fae2404cbbc918af8916
83b1cffd9211c0e829c8ccd78cbe9b2b32e57a03ecd63568996ee6a797fe35ae
GET /upload/vod/2020/04-24/00/ozvfexqwmrj0001ozvfexqwmrj5311803.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/jpeg
content-length: 11849
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12439, status=webp_bigger
etag: "5ea1bbf1-3097"
last-modified: Thu, 23 Apr 2020 16:01:53 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ebb6b3283ab4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/vskau0y3i3d.jpg
172.67.28.138200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/vskau0y3i3d.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c485ed6bfd23b12c669e1d1a893b243e
4acd205143f653ccbdf45c612fcd50444dac1957
fb02c9971f8f18c60a0b14882cb25960e6dcb7432c1f85d47ccaa277192b296c
GET /upload/vod/2023/01/vskau0y3i3d.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6166
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8544
content-disposition: inline; filename="vskau0y3i3d.webp"
etag: "63cf30c7-2160"
last-modified: Tue, 24 Jan 2023 01:13:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31822b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-24/00/3hkoyd02bo200013hkoyd02bo25611809.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-24/00/3hkoyd02bo200013hkoyd02bo25611809.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3cb63bb625ae02c34efdde77349a3305
d2f36c69e73bc26259c7e61a052570075c088d42
c36bcee19e9382c6aec4cd423b6caf60105166893a404a74e0517a565922f37b
GET /upload/vod/2020/04-24/00/3hkoyd02bo200013hkoyd02bo25611809.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/jpeg
content-length: 10817
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11362, status=webp_bigger
etag: "5ea1bbf4-2c62"
last-modified: Thu, 23 Apr 2020 16:01:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ebb6b32845b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-24/00/uj1mneok20q0001uj1mneok20q5111799.jpg
172.67.28.138200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-24/00/uj1mneok20q0001uj1mneok20q5111799.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 61003c98c4d18f5d43396d77e39114e1
ccebff303ab77c9cb23cf294cd05d6f3fb2dd231
82d8a70f965cded2c0a32cc493f95a29cb8df4f5fd9b3217e9b82b221406bbec
GET /upload/vod/2020/04-24/00/uj1mneok20q0001uj1mneok20q5111799.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6342
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8541
content-disposition: inline; filename="uj1mneok20q0001uj1mneok20q5111799.webp"
etag: "5ea1bbef-215d"
last-modified: Thu, 23 Apr 2020 16:01:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b32836b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/t4hmv310qdi0954t4hmv310qdi282933.jpg
172.67.28.138200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/t4hmv310qdi0954t4hmv310qdi282933.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 89549a4af151a46bd384fa4c7b8d2f12
d3d984903d8d492c072c917cc04383d64f28c762
4c17357179e6ec6225d30c679230264d5feb301d55f9f1ff5d4240889ff80aaf
GET /upload/vod/2022/09-10/09/t4hmv310qdi0954t4hmv310qdi282933.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6118
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7444
content-disposition: inline; filename="t4hmv310qdi0954t4hmv310qdi282933.webp"
etag: "631bee54-1d14"
last-modified: Sat, 10 Sep 2022 01:54:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b3181cb4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/e40ucwmo2hx.jpg
172.67.28.138200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/e40ucwmo2hx.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e8374fc3226e16ecbd7efd117c15493
803aeff9230361f7be62632f32bdc2d2862f8d75
f00e85788bef3556c65006b761d8894ea967414e994d9e5fbb05374817709eef
GET /upload/vod/2023/01/e40ucwmo2hx.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 8070
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9329
content-disposition: inline; filename="e40ucwmo2hx.webp"
etag: "63cf30d4-2471"
last-modified: Tue, 24 Jan 2023 01:13:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b33875b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/fy3eant5ln30954fy3eant5ln3242925.jpg
172.67.28.138200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/fy3eant5ln30954fy3eant5ln3242925.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e1d797019e4c3d72e705622c18336a5
af53e9a2a1bb2943b7993051073f00d245798029
06ac622874088b823034712fa674daeafb9c47e2bf69d760d156bd44b88f92e8
GET /upload/vod/2022/09-10/09/fy3eant5ln30954fy3eant5ln3242925.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 5996
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7318
content-disposition: inline; filename="fy3eant5ln30954fy3eant5ln3242925.webp"
etag: "631bee50-1c96"
last-modified: Sat, 10 Sep 2022 01:54:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31815b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ev243td5uzq.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ev243td5uzq.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f529428b66c51393aa185bfa61aebd8
71122f24a7c6992cf17d903fb0f4a8df079fc228
1237905b4d9d84151ffb813ad497971ccc1f537767d9250e93364a3f6489601e
GET /upload/vod/2023/01/ev243td5uzq.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 10472
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11334
content-disposition: inline; filename="ev243td5uzq.webp"
etag: "63cf30cf-2c46"
last-modified: Tue, 24 Jan 2023 01:13:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31825b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/5ijbxreelbz.jpg
172.67.28.138200 OK 4.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/5ijbxreelbz.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bca42ed062c5f6daac9d493809ff5498
ad7657520b5ce88e9760ef42f97544120f0d6864
716e6a79ee43c92f838195e02a269134137b6cd317c817fef93764b7015c73bd
GET /upload/vod/2023/01/5ijbxreelbz.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 4262
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6984
content-disposition: inline; filename="5ijbxreelbz.webp"
etag: "63cf2e80-1b48"
last-modified: Tue, 24 Jan 2023 01:04:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b33863b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/eozf11lxcri.jpg
172.67.28.138200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/eozf11lxcri.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d3e0773baf4d0e65a3a95fd22881461
51fa5a19cb1e4f1d3ffc07fa02dfc1a7107c4aef
c64c197a67b1242482e8fc3ed6aa4224bd06d25bd6ce6c3f197157d6ce1b39c6
GET /upload/vod/2023/01/eozf11lxcri.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 8118
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9016
content-disposition: inline; filename="eozf11lxcri.webp"
etag: "63cf2e77-2338"
last-modified: Tue, 24 Jan 2023 01:03:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b3285cb4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/2bvw2yu3vcs.jpg
172.67.28.138200 OK 7.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/2bvw2yu3vcs.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7aa58114eb1589d6099d464d5d6cf959
4940b81c5392c503e13b939788cd738d4a754aa0
ebc7dd0f7d6de3846b59e72ef6ad4d4175813253ac5d094d15a7e1d670b612db
GET /upload/vod/2023/01/2bvw2yu3vcs.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 7344
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8563
content-disposition: inline; filename="2bvw2yu3vcs.webp"
etag: "63cf2ed1-2173"
last-modified: Tue, 24 Jan 2023 01:05:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b3386db4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ffa41oc0oh5.jpg
172.67.28.138200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ffa41oc0oh5.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3dc59635b4a50a708909d743f3f7c8a1
569ea9df3584aac0d2cc2e087e8d2c8a5416badc
ad121864c57f39474b7cfdf2bfceb3d2b63383fd903ddf58725f35322101c55e
GET /upload/vod/2023/01/ffa41oc0oh5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 7586
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8261
content-disposition: inline; filename="ffa41oc0oh5.webp"
etag: "63cf2e85-2045"
last-modified: Tue, 24 Jan 2023 01:04:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b33867b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/ahqza2xel1y0954ahqza2xel1y252927.jpg
172.67.28.138200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/ahqza2xel1y0954ahqza2xel1y252927.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 93184cf91216090f7db287e20805811c
ba081db2945704d62f39b7b671799e3c187e395c
105e264f85e5a14a6c0a772faa3ca1d8c4f17855a6c7224341e06d804f4dd095
GET /upload/vod/2022/09-10/09/ahqza2xel1y0954ahqza2xel1y252927.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6676
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7896
content-disposition: inline; filename="ahqza2xel1y0954ahqza2xel1y252927.webp"
etag: "631bee51-1ed8"
last-modified: Sat, 10 Sep 2022 01:54:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b31819b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/wb5tvybocnt.jpg
172.67.28.138200 OK 5.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/wb5tvybocnt.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2782c53d7a9d4e1b74d40091dc8b25a9
b0ec25ee8f4f6786ed0318f326ad091753d726ec
4715b00cdd60aa5b8eeed032bc1eef3039a3a83c8db5d9cdd4f46f78a8f937a9
GET /upload/vod/2023/01/wb5tvybocnt.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 5020
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6434
content-disposition: inline; filename="wb5tvybocnt.webp"
etag: "63cf2ecc-1922"
last-modified: Tue, 24 Jan 2023 01:05:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b3386bb4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/dbi3pgbem04.jpg
172.67.28.138200 OK 7.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/dbi3pgbem04.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 21b9fec6f4700b395586b094d8c8be4f
23838a760c2acfb78b9394ce1772afc9c8f1698b
5fb98b9deb157484ed1eaeb05acb5e94e54abd841c9b2e3581bd5229533a0b2a
GET /upload/vod/2023/01/dbi3pgbem04.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 7420
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9840
content-disposition: inline; filename="dbi3pgbem04.webp"
etag: "63cf2e8a-2670"
last-modified: Tue, 24 Jan 2023 01:04:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b33869b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ii3zt54hnwm.jpg
172.67.28.138200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ii3zt54hnwm.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dfe2c867b5f08c031bb51c14029faff6
09267bc33be4fffd7b5990b11dcc2c8b17c259f3
648e4ccb320ca8a359370c9bc0cf26dcb81a7eb1672a9850a7a943d5ed44e0cb
GET /upload/vod/2023/01/ii3zt54hnwm.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6140
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8199
content-disposition: inline; filename="ii3zt54hnwm.webp"
etag: "63cf2e7b-2007"
last-modified: Tue, 24 Jan 2023 01:03:55 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b3285eb4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-24/00/hoqsya1k20a0001hoqsya1k20a5511807.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-24/00/hoqsya1k20a0001hoqsya1k20a5511807.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 099b5d73305c2fe2b4222dc97db98ce6
1c750feaffb744f7a6466b95ce40274bba55356d
4c1800749b72e1da83a3d8ff45eebe492554009655fab63fe09af630700a5b3d
GET /upload/vod/2020/04-24/00/hoqsya1k20a0001hoqsya1k20a5511807.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 10282
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11421
content-disposition: inline; filename="hoqsya1k20a0001hoqsya1k20a5511807.webp"
etag: "5ea1bbf3-2c9d"
last-modified: Thu, 23 Apr 2020 16:01:55 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b32843b4f7-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/jsvheiza05e.jpg
172.67.28.138200 OK 6.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/jsvheiza05e.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5411f35bd150943ec4225bbc382774ec
48e612d52d7490b6bc2a8bd6d4ac2dd5ad6ca992
a27ea7e2f576ee931c7e41ef19e867423721f6a05a2d8a94d5017179fa737ff4
GET /upload/vod/2023/01/jsvheiza05e.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/webp
content-length: 6504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7785
content-disposition: inline; filename="jsvheiza05e.webp"
etag: "63cf2e71-1e69"
last-modified: Tue, 24 Jan 2023 01:03:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78ebb6b32859b4f7-OSL
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 6886e9c7a91e30289d2277d0d78fcc41
b870dd6ac19525a6af503b03646565d1fe7d0f18
ecbf5177f31493fcf84b6ba877218f46aad1bee922cc0d82a8a09e24de6b998f
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:04 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 03:23:08 GMT
Expires: Sun, 29 Jan 2023 03:23:07 GMT
Etag: "b870dd6ac19525a6af503b03646565d1fe7d0f18"
Cache-Control: max-age=367802,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ebb6b5a9990b49-OSL
xinchacha2dv.ocsp-certum.com/
95.101.10.193200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash ca41ad0b55cfd2d51957827ad19bdf5f
8c86dbf0c69a697be17e6529896222520ebcacb6
da03e7037751ba7dded36612c81e45e2ae6d6896296c7f9fb056cec11a77d875
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=85
Date: Tue, 24 Jan 2023 21:03:04 GMT
Connection: keep-alive
mang.tiryakioyun.com/news/data.php
20.187.123.222200 OK 68 kB URL HTTP/2 mang.tiryakioyun.com/news/data.php
IP 20.187.123.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash dd98febd100674fad337b49c19fa75ee
2865d90c41a80f6e2d9f816623a25e0a78c5c275
ddc1c5e8f397307edcad31f3162e6768809608bc4dcb6694929afe2af04ff593
GET /news/data.php HTTP/1.1
Host: mang.tiryakioyun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mang.tiryakioyun.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Tue, 24 Jan 2023 21:03:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@waxm3g7zj00000f
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2ea5f439a836319be5c833984b68ccea
91139c156211b0c5bfa109050a6babb58a1f7415
a18e7ff7126bdd8ea9193677e62256d5f99404d5be4b51988f989c81c417fe0e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 17:34:44 GMT
Expires: Sun, 29 Jan 2023 17:34:43 GMT
Etag: "91139c156211b0c5bfa109050a6babb58a1f7415"
Cache-Control: max-age=418898,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ebb6b70cf1b512-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a6ecbba0bb79bdb33cd6614545828370
da6f71bfb627caa7ab16f81fd4af92420d7cac4a
6b9a22b59e6356bb9b932ba2be7e675588876af80c400dd11c16e5a19bee9ac7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 03:08:26 GMT
Expires: Tue, 31 Jan 2023 03:08:25 GMT
Etag: "da6f71bfb627caa7ab16f81fd4af92420d7cac4a"
Cache-Control: max-age=539720,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ebb6b70d9ab509-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a6ecbba0bb79bdb33cd6614545828370
da6f71bfb627caa7ab16f81fd4af92420d7cac4a
6b9a22b59e6356bb9b932ba2be7e675588876af80c400dd11c16e5a19bee9ac7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 03:08:26 GMT
Expires: Tue, 31 Jan 2023 03:08:25 GMT
Etag: "da6f71bfb627caa7ab16f81fd4af92420d7cac4a"
Cache-Control: max-age=539720,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ebb6b70ae2b4f4-OSL
dimg04.c-ctrip.com/images/0105z12000ae3bwlk6208.gif?proc=autoorient
104.110.17.24200 OK 320 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105z12000ae3bwlk6208.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 320 kB (320396 bytes)
Hash f1bd2e508413c6089ec9fcf6954b2196
b60c7b6b05a282a58ecde182ce2ac5a5a2ac087a
16df1f845970a1b49b6309d0af3dfabe40e54bb3a9bac381a2dac8ff1f9a6ff3
GET /images/0105z12000ae3bwlk6208.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 320396
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6184979
expires: Thu, 06 Apr 2023 11:06:03 GMT
date: Tue, 24 Jan 2023 21:03:04 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
104.110.17.24200 OK 489 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6183169
expires: Thu, 06 Apr 2023 10:35:53 GMT
date: Tue, 24 Jan 2023 21:03:04 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 775d85d7ad50c2347c5b536857828586
8322bb796c095db0d67ad7d34de02054606deb78
d56965a896699f5e81043557b2861726674f768bfaef1c334d5c6c3a6025c311
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 18:56:41 GMT
Expires: Mon, 30 Jan 2023 18:56:40 GMT
Etag: "8322bb796c095db0d67ad7d34de02054606deb78"
Cache-Control: max-age=510215,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ebb6b78e42b509-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e5d704340b9684edbebcae3097231257
e3cc0d20901849fd688fa7b0d758a88c913721d3
377d980914882b52d1ae4e6c9bd0d43ada65bdeaa4d28c421a83ab155d378595
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 00:23:25 GMT
Expires: Mon, 30 Jan 2023 00:23:24 GMT
Etag: "e3cc0d20901849fd688fa7b0d758a88c913721d3"
Cache-Control: max-age=443419,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ebb6b70812b4f7-OSL
kvegg.com/72c6d38db25bb1596bd27a0f5716821b.gif
172.83.155.45200 OK 300 kB URL HTTP/2 kvegg.com/72c6d38db25bb1596bd27a0f5716821b.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 300 kB (300302 bytes)
Hash 6133938531bc95e666b63544e0c77d37
db62577b0e8667555132d12e7dd3e2b503a1397b
6844e342c14efe1553f9941e84a36023527ce4dad7b72c020228627600a2c60a
GET /72c6d38db25bb1596bd27a0f5716821b.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/gif
content-length: 300302
last-modified: Tue, 10 Jan 2023 09:17:04 GMT
etag: "63bd2d10-4950e"
expires: Wed, 25 Jan 2023 09:03:04 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 5290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0gsn5IFVLHM%2B%2BoCd7Lrd67KEMUMpf3V%2FxNfgL5Oey8o85HPpL6zWdz%2BqmJhI2f21S3Ybj24PRM5ugd84wZ22zHfEpPvK5rlZxBOeUtryiAEHIkpOm1tfF9AKBsW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7876a52d184730d7-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/11-960x60.gif
107.148.202.17200 OK 242 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 242 kB (242091 bytes)
Hash b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Thu, 23 Feb 2023 21:03:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a58d50fa2d1b62484ad40402b94f1517
50e2220a9059aa1f3a9af09b17c5e6cea8251abc
06793cd92216372263ebcdb4cb749aee16cdf4e39ab9a154ce45d50902683a2a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 28 Jan 2023 18:32:34 GMT
ETag: "50e2220a9059aa1f3a9af09b17c5e6cea8251abc"
Last-Modified: Tue, 24 Jan 2023 18:32:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ebb6b8e9ecb521-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b7874b2948c42b2e9d9670404b7d6425
1898e0515cbc04967c5bfa55829f7a8dca323759
71121122508b8b2634c05ba495b69cad9dfeffd4f4865a5a6112984d89a21085
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 28 Jan 2023 18:06:34 GMT
ETag: "1898e0515cbc04967c5bfa55829f7a8dca323759"
Last-Modified: Tue, 24 Jan 2023 18:06:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3060
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ebb6b99c84b518-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b7874b2948c42b2e9d9670404b7d6425
1898e0515cbc04967c5bfa55829f7a8dca323759
71121122508b8b2634c05ba495b69cad9dfeffd4f4865a5a6112984d89a21085
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 28 Jan 2023 18:06:34 GMT
ETag: "1898e0515cbc04967c5bfa55829f7a8dca323759"
Last-Modified: Tue, 24 Jan 2023 18:06:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3060
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ebb6b998ebb4f3-OSL
taiwtp1.com/xin/96060.gif
220.128.218.220200 OK 69 kB URL HTTP/2 taiwtp1.com/xin/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 1b81020d4419f48ddf8aaa0b7ce34a5c
432154678099ca224ed82b2490a33e5d78f510d5
8a88cbb8fdc88c9da52cdbf3467d9c8b9bed2821135ee631cb877b024bc34aa2
GET /xin/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 20:56:09 GMT
content-type: image/gif
content-length: 68564
last-modified: Thu, 20 Oct 2022 07:11:01 GMT
etag: "6350f485-10bd4"
expires: Thu, 23 Feb 2023 20:56:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1138555.com/images/63a68bb2fdf312d626fa4627.gif
3.36.126.81302 Found 471 B URL HTTP/2 img.1138555.com/images/63a68bb2fdf312d626fa4627.gif
IP 3.36.126.81:0
Hash ed3cac02a7d83aeb3b1fd824c07360f3
5ebc7205733660a91c73345c37f91ce12b5d2660
232138970a2fcc9f8e8936dfe9bd6c1ef3e8f7fd0e45bf26d83f3784581067e3
GET /images/63a68bb2fdf312d626fa4627.gif HTTP/1.1
Host: img.1138555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/40bafe53c7a9435ab62b2965a26ca7de
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 6d27a9f8ed1ac095cecf8bc1189cb75d
30819bacd7693e5b5f7df1be5699de2e3d0873ea
a83a8f38c0126e2bc1956a7f34674b018637b27e13bee260e222f4c0fbf06d1a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 24 Jan 2023 21:03:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 24 Jan 2023 19:44:39 GMT
Expires: Wed, 25 Jan 2023 19:44:39 GMT
ETag: "30819bacd7693e5b5f7df1be5699de2e3d0873ea"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 92ff6037520c6e79369a256d87ae8937
e81b56cfceb440577257f9705513b31ae00980b0
175f67b4568e11e28a7051d365c84068db2b576d045fa508c7848d61352fbd7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3108
Cache-Control: max-age=92631
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:03:05 GMT
Etag: "63cf023c-2d7"
Expires: Wed, 25 Jan 2023 22:46:56 GMT
Last-Modified: Mon, 23 Jan 2023 21:55:08 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 92ff6037520c6e79369a256d87ae8937
e81b56cfceb440577257f9705513b31ae00980b0
175f67b4568e11e28a7051d365c84068db2b576d045fa508c7848d61352fbd7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 598
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:03:05 GMT
Last-Modified: Tue, 24 Jan 2023 20:53:07 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 727
pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
185.10.104.115200 OK 1.3 MB URL HTTP/2 pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /bjh/5f356028e5e94176f56a75568e49ae20.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 24 Jan 2023 21:03:05 GMT
content-type: image/gif
content-length: 1296026
expires: Fri, 30 Dec 2022 03:44:37 GMT
last-modified: Sun, 01 May 2022 03:41:02 GMT
etag: "5f356028e5e94176f56a75568e49ae20"
age: 674831
accept-ranges: bytes
content-md5: XzVgKOXpQXb1anVWjkmuIA==
x-bce-content-crc32: 619664397
x-bce-debug-id: qoHJbuYLCrwt6BohAJHKhB1la/dLtPckbQZCDsLdCYj3ffbVUHMGsmUK6fqoM0iXz1HI2DGQutkKVrhCRx8zZA==
x-bce-request-id: f2b33ae6-db81-4f70-9150-c6452b74a3f4
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 03:44:37 GMT
ohc-cache-hit: fra01-sys-jomo6.fra01.baidu.com [2], fra01-sys-jomo8.fra01.baidu.com [2], zhuzuncache62 [3], suzix207 [3]
ohc-file-size: 1296026
x-cache-status: HIT
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/40bafe53c7a9435ab62b2965a26ca7de
47.246.44.225200 OK 334 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/40bafe53c7a9435ab62b2965a26ca7de
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 60\012- data
Size 334 kB (334533 bytes)
Hash 1c09852e6658bba584331655a069c0dc
49c12dec4397e707eb7975f40133c389c9c7cdc5
fb2e8b5bde3374b810606d7897f128b737c69e0e255f905a453d470dc8a24d4f
GET /obj/tos-cn-i-dy/40bafe53c7a9435ab62b2965a26ca7de HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 334533
date: Fri, 23 Dec 2022 08:56:38 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 22 Dec 2022 09:22:21 GMT
nw-session-id: 20221222172221D9B79B1090190331D3EClrb6f02dy
nw-session-trace: 2022-12-22T17:22:21.837127142+08:00 103
x-bdcdn-cache-status: TCP_HIT
x-length: 334533
x-powered-by: ImageX
x-response-date: Thu, 22 Dec 2022 17:22:21 GMT
x-tt-logid: 20221222172221D9B79B1090190331D3EC
via: n150-061-095, cache4.l2de2[0,0,206-0,H], cache26.l2de2[2,0], cache26.l2de2[2,0], cache5.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc02:22:48::233
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e06921002e42a87e5dccbe4199333369cf29215245148088591626ebe04445f0c586cd32a987581e3e65480c882fd1a2b13123e6c01af3ab5e5d3cefe7a8c4c5f146afc0f4a4bdebbf97bc13832079c21689ab335a648794de42d62c4656b040
x-response-lb: image
ali-swift-global-savetime: 1671785798
age: 2808387
x-cache: HIT TCP_MEM_HIT dirn:11:427450411
x-swift-savetime: Fri, 23 Dec 2022 09:26:07 GMT
x-swift-cachetime: 31534231
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816745941854154041e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/ed580edc791142aeb96f40322bdb20b1
47.246.44.225200 OK 414 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/ed580edc791142aeb96f40322bdb20b1
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 414 kB (414404 bytes)
Hash 15fd04c9d1b4e8d9b9e7dee448e86fcd
e1ba3e6cb4925a5be286d31e47bd91c05a66b6c6
04a14594db5fd822d8aa8ed1fdcfce1b5ad4f62d51e7c78e0bef2738ebbb2299
GET /obj/tos-cn-i-dy/ed580edc791142aeb96f40322bdb20b1 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 414404
date: Mon, 05 Dec 2022 09:02:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 06:27:57 GMT
nw-session-id: 2022120514275701013113601243AE68482bb7b02dy
nw-session-trace: 2022-12-05T14:27:57.379451052+08:00 26
x-bdcdn-cache-status: TCP_HIT
x-length: 414404
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 14:27:57 GMT
x-tt-logid: 2022120514275701013113601243AE6848
via: n132-078-084, cache20.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[2,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:4:481::52
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 019a4365567a2968815bc25f89fdb055d52cb951069dd2dddaa1f160ae87392864a1a0ac9e4509c13e4848fbc2f7f00c56e5debb3c9c52740800756f8347bcf7d05cdaece33d4284678f45bb72df2c183d7adb4dc5c6ed7c44d7e39b65caf74dc0
x-response-lb: image
ali-swift-global-savetime: 1670230971
age: 4363214
x-cache: HIT TCP_MEM_HIT dirn:1:455145996
x-swift-savetime: Wed, 11 Jan 2023 02:49:26 GMT
x-swift-cachetime: 28361605
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816745941854324048e
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200.gif
220.128.218.220200 OK 66 kB URL HTTP/2 taiwtp1.com/xin/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash f0ba60ad272f48fb7a6c94d0fff78f8c
5aa704f7f21da3ebcda26cc67adfb21a218e7c97
22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108
GET /xin/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 20:56:09 GMT
content-type: image/gif
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Thu, 23 Feb 2023 20:56:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
8499683.com/8499/zzxx/960x60.gif
172.247.50.229200 OK 291 kB URL HTTP/2 8499683.com/8499/zzxx/960x60.gif
IP 172.247.50.229:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499683.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "46f0c-5f092cf097c3f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 3752ba098ddb8425292e6c1670790d4c
ebcf1745b7c82a1f963ed6bf593e3d4eec2793c7
000577b65ac789fd4eac911bb1f69215ba42315b36e34d2558560f66a36424a8
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 24 Jan 2023 21:03:05 GMT
Connection: keep-alive
X-N: S
ldbbs.ldmnq.com/bbs/topic/images/2022-12/b9cf7dc8-2a87-48dd-a0d6-bad7e45d0037.gif
120.52.95.234200 OK 159 kB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/b9cf7dc8-2a87-48dd-a0d6-bad7e45d0037.gif
IP 120.52.95.234:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 960 x 80\012- data
Size 159 kB (158847 bytes)
Hash a497c1ae73df54fe08463b3342b8d1d0
73ce4da38e2826e033444992cff2a827eb474c97
e9f7f7dc820dc334c1cf0e7ccb151c7483c7a64cc7c28f50de03fa2f65c34957
GET /bbs/topic/images/2022-12/b9cf7dc8-2a87-48dd-a0d6-bad7e45d0037.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:04 GMT
Content-Type: image/gif
Content-Length: 158847
Connection: keep-alive
Server: openresty
Age: 2989393
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "a497c1ae73df54fe08463b3342b8d1d0"
Last-Modified: Wed, 21 Dec 2022 06:06:14 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE17[3],CHN-HElangfang-AREACUCC1-CACHE27[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE35[10],CHN-TJ-GLOBAL1-CACHE75[0,TCP_HIT,8]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSHelZe0YpYhnWk71jmupxhjcvNdR/Eg
x-amz-request-id: 00000185334A237994163A0F71A46F6E
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
8175835ccc.com/ea9ae1b7e3a34929b0eeba89b340f4fd.gif
45.61.212.46200 OK 727 kB URL HTTP/1.1 8175835ccc.com/ea9ae1b7e3a34929b0eeba89b340f4fd.gif
IP 45.61.212.46:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 727 kB (727309 bytes)
Hash 7a0cbd217f7ed6cc18641f83742517cd
384e058eb426546aa0a0e54d8b77e3559fe7554a
86fb5ce29521edd983b00c7a5b78990ae0fd367b19aa40321c0530463d5e470b
Analyzer Verdict Alert quad9 Sinkholed
GET /ea9ae1b7e3a34929b0eeba89b340f4fd.gif HTTP/1.1
Host: 8175835ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b3d35c-b190d"
Date: Fri, 20 Jan 2023 05:00:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 03 Jan 2023 07:03:56 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 727309
7331989ccc.com/8a016d55526e46899cea50cac9f61dd8.gif
103.170.15.80200 OK 485 kB URL HTTP/1.1 7331989ccc.com/8a016d55526e46899cea50cac9f61dd8.gif
IP 103.170.15.80:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 485 kB (485287 bytes)
Hash d380a647f953c9a1c3973d06622da8e9
7ea4c5413441c6287df52aceaffbf0ecabf013c3
2a8319f5970f1a6285054d399614ace55bac9b3195f69a9abe1eeb08c6dd03f2
GET /8a016d55526e46899cea50cac9f61dd8.gif HTTP/1.1
Host: 7331989ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63aa830b-767a7"
Date: Mon, 23 Jan 2023 07:39:56 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 27 Dec 2022 05:30:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-10
Content-Length: 485287
5951835ccc.com/3c55f52a106a47ff98d4bf61a17901a5.gif
45.61.212.224200 OK 562 kB URL HTTP/1.1 5951835ccc.com/3c55f52a106a47ff98d4bf61a17901a5.gif
IP 45.61.212.224:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 562 kB (561845 bytes)
Hash 4552f51ed05e3f4ed4ffc73bbaf77df3
3f5aab58a8565d2c4c5c4f23477e64c72ce4e61e
3c64bea31f55f50536ea73aee6e1e40ac050a2108379d55765bf774dc483d7d1
GET /3c55f52a106a47ff98d4bf61a17901a5.gif HTTP/1.1
Host: 5951835ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633c1d2d-892b5"
Date: Sun, 15 Jan 2023 07:48:16 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 04 Oct 2022 11:46:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-24
Content-Length: 561845
3366812ccc.com/d35467f31a1e415dbf061087c8c283d5.gif
103.170.15.89200 OK 684 kB URL HTTP/1.1 3366812ccc.com/d35467f31a1e415dbf061087c8c283d5.gif
IP 103.170.15.89:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683474 bytes)
Hash ba813a4b9580b3da278e68a1c3e3a954
6d843c3c02ad3270abd575c460ec26ed615578f4
574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
Analyzer Verdict Alert quad9 Sinkholed
GET /d35467f31a1e415dbf061087c8c283d5.gif HTTP/1.1
Host: 3366812ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62e67b07-a6dd2"
Date: Sun, 22 Jan 2023 12:41:24 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 31 Jul 2022 12:52:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-19
Content-Length: 683474
3p8801.co/77-250x250.gif
107.148.202.17200 OK 33 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 250 x 250\012- data
Hash f333afca9744fcdba93f1ce02612b1c6
19075f1c5ce74e21e75afe4940aa6c9082003792
889cbadf30e2ff32c5b2c857fb8ba1ac590ae248f76edcddc4a8cfbb78d6ea10
GET /77-250x250.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/gif
content-length: 32809
last-modified: Sun, 20 Nov 2022 13:03:15 GMT
etag: "637a2593-8029"
expires: Thu, 23 Feb 2023 21:03:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 783087f5ce495f4758bbea2ee8a4cf78
0a6e15fb80791a7e9ba10a3eaa1e9b8482dffb9d
0dab61ee80bf88d011feb7edcee92f6d69b897f78850e7fdd83a0f758b9b7b7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DAB61EE80BF88D011FEB7EDCEE92F6D69B897F78850E7FDD83A0F758B9B7B7F"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16009
Expires: Wed, 25 Jan 2023 01:29:55 GMT
Date: Tue, 24 Jan 2023 21:03:06 GMT
Connection: keep-alive
3p8801.co/xx/960x60.gif
107.148.202.17200 OK 582 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 582 kB (582523 bytes)
Hash cad4eee9d07382a2f695b53aae0c2089
66ad44b09567bbbebffa772d2b416cb9f5b2bafb
e3af64bc06d2e37e60ab6ad902668894b1484cf356e7cab9742fee72899c3124
GET /xx/960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/gif
content-length: 582523
last-modified: Wed, 21 Dec 2022 15:24:38 GMT
etag: "63a32536-8e37b"
expires: Thu, 23 Feb 2023 21:03:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/xx/250x250.gif
107.148.202.17200 OK 160 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 250 x 250\012- data
Size 160 kB (159480 bytes)
Hash 669d290cb529f8809a6c79f1ba7d5ea9
744c64caa21b7705062bae36ae347bceaf2ee416
ab0b58f5b1da03b72d9490e32bb37d397f9853112edac2f65ba6fb7f0349ff87
GET /xx/250x250.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:04 GMT
content-type: image/gif
content-length: 159480
last-modified: Wed, 21 Dec 2022 15:25:24 GMT
etag: "63a32564-26ef8"
expires: Thu, 23 Feb 2023 21:03:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200sas.gif
220.128.218.220200 OK 694 kB URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Size 694 kB (693471 bytes)
Hash e6ff7b0afb00d39bca2032b100e871ec
f3da5b9bd4d1769ed482bf6f23c3b05ded824d63
41d7266ed35337d77b04bad32c7ec3c4b44e7a1707f6c6f21c8e6bc4c9f3f252
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 20:56:09 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Thu, 23 Feb 2023 20:56:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xxx6686.app/960-60.gif
123.253.107.219200 OK 381 kB IP 123.253.107.219:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 381 kB (380774 bytes)
Hash d5b19fab300b34d93648b77ba1e87205
eabcc33b82a978d851b9af1337fc656a70f23c2f
e7cce7f77395b75187261e079f448c4b9de06f62f42ca0d2b87662efe80ea69b
GET /960-60.gif HTTP/1.1
Host: xxx6686.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: load-edge/2.1.1
date: Tue, 24 Jan 2023 21:03:05 GMT
content-type: image/gif
content-length: 380774
last-modified: Tue, 20 Dec 2022 08:28:12 GMT
etag: "63a1721c-5cf66"
strict-transport-security: max-age=31536000
lp-geo: edge-qr1h
lp-addr: 91.90.42.154
lp-request: d0666374-c777-46e0-87ee-7f34390eeb5e
lp-id: b99b7ad0c788e44b021e3fd0eb6d2145
expires: Tue, 24 Jan 2023 21:08:05 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
7331989ccc.com/c86f99b435f143efbee8b5c6b82996cb.gif
103.170.15.80200 OK 579 kB URL HTTP/1.1 7331989ccc.com/c86f99b435f143efbee8b5c6b82996cb.gif
IP 103.170.15.80:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 579 kB (579018 bytes)
Hash 54c2a3fb838c8e711bbe07220637d637
77e33ed77eb68c23320c059105fb2c900141301e
fc832269e62682138155c4f5e7f34f36512d1bfe69482fbc4a2cc3d27251c8e1
GET /c86f99b435f143efbee8b5c6b82996cb.gif HTTP/1.1
Host: 7331989ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b3d36d-8d5ca"
Date: Mon, 23 Jan 2023 17:51:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 03 Jan 2023 07:04:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-10
Content-Length: 579018
p3.douyinpic.com/obj/tos-cn-i-dy/933b7dd488ee4d46834c550daf5376ef
47.246.44.225200 OK 524 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/933b7dd488ee4d46834c550daf5376ef
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 400 x 200\012- data
Size 524 kB (523543 bytes)
Hash 1b5034b773b5a78e157e444e37953dbd
5ea58fa6df03042627b8f8499b935ce127a1bcd3
7daed022f9c9110c9f74497ceac7f05860557978be7b0f5f0d6c569406e07ce9
GET /obj/tos-cn-i-dy/933b7dd488ee4d46834c550daf5376ef HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 523543
date: Mon, 05 Dec 2022 10:51:40 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 08:37:32 GMT
nw-session-id: 2022120516373201013515722649B35A5D6vvqq02dy
nw-session-trace: 2022-12-05T16:37:32.824778777+08:00 66
x-bdcdn-cache-status: TCP_HIT
x-length: 523543
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 16:37:32 GMT
x-tt-logid: 2022120516373201013515722649B35A5D
via: n131-120-158, cache17.l2de2[0,0,206-0,H], cache26.l2de2[1,0], cache26.l2de2[1,0], cache1.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:15:231::134
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c8ece97797ab471258f0ed9399e915f964db15fa6412f71a6f1da8806592e16e0f19d883cf19fc1efd47035ee5280139cfff8ec8823b9d24403cff410b6347d6250b72f023648cc732e4e6629a7c7dfa538e141c7d4340bd94534e69d60f97ea
x-response-lb: image
ali-swift-global-savetime: 1670237500
age: 4356686
x-cache: HIT TCP_MEM_HIT dirn:4:103278463
x-swift-savetime: Mon, 05 Dec 2022 11:35:19 GMT
x-swift-cachetime: 31533381
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816745941864444743e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/b9e5ab5578914e51a61f9ec273d2b04e
47.246.44.225200 OK 25 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b9e5ab5578914e51a61f9ec273d2b04e
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 100\012- data
Hash 06e963020ad253bec6514e5c0e8bf3e4
6c26bb8e5fba5c642885569b75e7461f456e563e
178d6fab8b2706ee52ef06bf092568b97e273f10f4ed75804a5684548bf4cf96
GET /obj/tos-cn-i-dy/b9e5ab5578914e51a61f9ec273d2b04e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 24864
date: Sat, 24 Dec 2022 05:28:02 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 24 Dec 2022 05:27:53 GMT
nw-session-id: 20221224132753E7F321B0C2C344536B9Dr66qm01dy
nw-session-trace: 2022-12-24T13:27:53.43705992+08:00 66
x-bdcdn-cache-status: TCP_HIT
x-length: 24864
x-powered-by: ImageX
x-response-date: Sat, 24 Dec 2022 13:27:53 GMT
x-tt-logid: 20221224132753E7F321B0C2C344536B9D
via: n204-098-015, cache20.l2de2[0,0,206-0,H], cache9.l2de2[2,0], cache9.l2de2[2,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:27:155::141
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce1081f87304c4493662aa94d8ad287694efae6b7502cb550167bd75b3594d672ee3d8b5bd2b21825685027652c97994953db7268888aa6a7d80bf9660f50d4eb88bc2caad9aa389966cce4233f7cbd8062cde
x-response-lb: image
ali-swift-global-savetime: 1671859682
age: 2734504
x-cache: HIT TCP_MEM_HIT dirn:4:244576985
x-swift-savetime: Sat, 24 Dec 2022 05:35:21 GMT
x-swift-cachetime: 31535561
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816745941864714757e
X-Firefox-Spdy: h2
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
47.75.19.46200 OK 96 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
IP 47.75.19.46:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash 57557d6b489d522d480d9b82ce29db65
da2d3b35f0c9534e84e50310aeafe73173037315
4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
GET /gg/960X60.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 24 Jan 2023 21:03:05 GMT
Content-Type: image/gif
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 63D04789D14BBC3834967002
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 9550c3fcf2d2c132c012f5203307eef2
6e751c385dfba9baccdff17f503daa8a0028ad57
ba3846be5bd33b36a7a0c016c5bdd55cec17b9661535b082e26eeac3aca193a0
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:03:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 28 Jan 2023 18:04:13 GMT
ETag: "6e751c385dfba9baccdff17f503daa8a0028ad57"
Last-Modified: Tue, 24 Jan 2023 18:04:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 197
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ebb6c1ea03b518-OSL
kjimg10.360buyimg.com/ott/jfs/t1/170425/6/32628/456580/6380d2c1E13738aaf/3604e19911b57cb8.gif
121.226.246.3200 OK 457 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/170425/6/32628/456580/6380d2c1E13738aaf/3604e19911b57cb8.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 457 kB (456580 bytes)
Hash 7059d55150d658811ac4db8966a550c4
f3dd9b37c342379598385c8f8167d99f6b367e31
3082ea513221ce133b3462fdf8c67f38bbce2a0106447ea469d61860a834488d
GET /ott/jfs/t1/170425/6/32628/456580/6380d2c1E13738aaf/3604e19911b57cb8.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:05 GMT
content-type: image/gif
content-length: 456580
cache-control: max-age=15552000
expires: Mon, 17 Jul 2023 11:30:05 GMT
last-modified: Fri, 25 Nov 2022 14:35:45 GMT
age: 552780
via: http/1.1 ORI-CLOUD-HUZ-MIX-20 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-23 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674041405504-0-0-19-86-86;200;200-1674131414917-0-0-0-9-9;200-1674594185227-0-0-0-1-1
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0ff7cc47043e69f8360647c58926409c
3cc188d09f6fe0e2ab289f2d94c722903c9766cb
29d0b8a644e2f0cad0be8b4858bf553090e0072e116801c4c47e263c0826aaa3
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 24 Jan 2023 21:03:06 GMT
Last-Modified: Tue, 24 Jan 2023 00:18:49 GMT
ETag: "63cf23e9-1d7"
Expires: Thu, 26 Jan 2023 00:18:49 GMT
Cache-Control: max-age=98143
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674594186
Via: cache1.l2de2[4,4,200-0,M], cache1.l2de2[6,0], cache1.se1[28,27,200-0,M], cache1.se1[29,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 24 Jan 2023 21:03:06 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516745941866774351e
www.mgbqdt.xyz/template/m1938pc/css/ate.css
173.231.17.185200 OK 0 B URL HTTP/2 www.mgbqdt.xyz/template/m1938pc/css/ate.css
IP 173.231.17.185:0
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.mgbqdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:01 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 13:51:35 GMT
vary: Accept-Encoding
etag: W/"60cca4e7-126e4"
expires: Wed, 25 Jan 2023 09:03:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
uu99k.com/image/1-640X200.gif
23.225.89.169200 OK 0 B URL HTTP/2 uu99k.com/image/1-640X200.gif
IP 23.225.89.169:0
GET /image/1-640X200.gif HTTP/1.1
Host: uu99k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:06 GMT
content-type: image/gif
content-length: 117717
last-modified: Wed, 07 Sep 2022 12:58:57 GMT
etag: "63189591-1cbd5"
expires: Mon, 06 Feb 2023 07:12:32 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.u1557.com/images/638dcf21c8af59418ed6f7ca.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.u1557.com/images/638dcf21c8af59418ed6f7ca.gif
IP 3.36.126.81:0
GET /images/638dcf21c8af59418ed6f7ca.gif HTTP/1.1
Host: img.u1557.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ed580edc791142aeb96f40322bdb20b1
X-Firefox-Spdy: h2
img.1193555.com/images/63a68be6fdf312d626fa4628.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1193555.com/images/63a68be6fdf312d626fa4628.gif
IP 3.36.126.81:0
GET /images/63a68be6fdf312d626fa4628.gif HTTP/1.1
Host: img.1193555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b9e5ab5578914e51a61f9ec273d2b04e
X-Firefox-Spdy: h2
www.mgbqdt.xyz/template/m1938pc/html9/ad/zxf8.js
173.231.17.185200 OK 0 B URL HTTP/2 www.mgbqdt.xyz/template/m1938pc/html9/ad/zxf8.js
IP 173.231.17.185:0
GET /template/m1938pc/html9/ad/zxf8.js HTTP/1.1
Host: www.mgbqdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:01 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 07:42:17 GMT
vary: Accept-Encoding
etag: W/"6385b7d9-614"
expires: Wed, 25 Jan 2023 09:03:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/216719/34/23684/2643442/6380d0f3E39850c8a/5b9666f7e9703dbb.gif
121.226.246.3200 OK 0 B URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/216719/34/23684/2643442/6380d0f3E39850c8a/5b9666f7e9703dbb.gif
IP 121.226.246.3:0
GET /ott/jfs/t1/216719/34/23684/2643442/6380d0f3E39850c8a/5b9666f7e9703dbb.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:05 GMT
content-type: image/gif
content-length: 2643442
cache-control: max-age=15552000
expires: Mon, 17 Jul 2023 07:34:47 GMT
last-modified: Fri, 25 Nov 2022 14:28:03 GMT
age: 566898
via: http/1.1 ORI-CLOUD-HUZ-MIX-30 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-16 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674027287888-0-0-1-59-59;200;200-1674397854029-0-0-0-4-4;200-1674594185273-0-0-0-0-0
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
121.226.246.3200 OK 0 B URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
IP 121.226.246.3:0
GET /ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:05 GMT
content-type: image/gif
content-length: 893726
cache-control: max-age=15552000
expires: Sat, 15 Jul 2023 12:38:22 GMT
last-modified: Fri, 25 Nov 2022 14:40:05 GMT
age: 721483
via: http/1.1 ORI-CLOUD-HUZ-MIX-29 (jcs [cRs f ]), http/1.1 SQ-CT-1-MIX-19 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1673872702330-0-0-2-33-33;200;200-1674139428330-0-0-0-0-0;200-1674594185235-0-0-0-0-0
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
121.226.246.3200 OK 0 B URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
IP 121.226.246.3:0
GET /ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:03:05 GMT
content-type: image/gif
content-length: 1197751
cache-control: max-age=15552000
expires: Tue, 18 Jul 2023 16:22:09 GMT
last-modified: Fri, 25 Nov 2022 14:36:03 GMT
age: 448856
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-19 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674145329186-0-0-0-119-119;200;200-1674234313688-0-0-0-7-7;200-1674594185231-0-0-0-4-4
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0xmAGT9KS9C
163.171.140.79200 OK 0 B URL HTTP/2 si1.go2yd.com/get-image/0xmAGT9KS9C
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 21:03:06 GMT
content-type: image/gif
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:12 (Cdn Cache Server V2.0)
x-ws-request-id: 63d0478a_PShlamstdAMS1vj92_6859-15602
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
img.9717x.com/images/638dcf31c8af59418ed6f7cb.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.9717x.com/images/638dcf31c8af59418ed6f7cb.gif
IP 3.36.126.81:0
GET /images/638dcf31c8af59418ed6f7cb.gif HTTP/1.1
Host: img.9717x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mgbqdt.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/933b7dd488ee4d46834c550daf5376ef
X-Firefox-Spdy: h2